Class: Aws::Batch::Types::EksContainerSecurityContext

Inherits:
Struct
  • Object
show all
Defined in:
gems/aws-sdk-batch/lib/aws-sdk-batch/types.rb

Overview

The security context for a job. For more information, see Configure a security context for a pod or container in the Kubernetes documentation.

Constant Summary collapse

SENSITIVE =
[]

Instance Attribute Summary collapse

Instance Attribute Details

#allow_privilege_escalationBoolean

Whether or not a container or a Kubernetes pod is allowed to gain more privileges than its parent process. The default value is false.

Returns:

  • (Boolean)


3943
3944
3945
3946
3947
3948
3949
3950
3951
3952
# File 'gems/aws-sdk-batch/lib/aws-sdk-batch/types.rb', line 3943

class EksContainerSecurityContext < Struct.new(
  :run_as_user,
  :run_as_group,
  :privileged,
  :allow_privilege_escalation,
  :read_only_root_filesystem,
  :run_as_non_root)
  SENSITIVE = []
  include Aws::Structure
end

#privilegedBoolean

When this parameter is true, the container is given elevated permissions on the host container instance. The level of permissions are similar to the root user permissions. The default value is false. This parameter maps to privileged policy in the Privileged pod security policies in the Kubernetes documentation.

Returns:

  • (Boolean)


3943
3944
3945
3946
3947
3948
3949
3950
3951
3952
# File 'gems/aws-sdk-batch/lib/aws-sdk-batch/types.rb', line 3943

class EksContainerSecurityContext < Struct.new(
  :run_as_user,
  :run_as_group,
  :privileged,
  :allow_privilege_escalation,
  :read_only_root_filesystem,
  :run_as_non_root)
  SENSITIVE = []
  include Aws::Structure
end

#read_only_root_filesystemBoolean

When this parameter is true, the container is given read-only access to its root file system. The default value is false. This parameter maps to ReadOnlyRootFilesystem policy in the Volumes and file systems pod security policies in the Kubernetes documentation.

Returns:

  • (Boolean)


3943
3944
3945
3946
3947
3948
3949
3950
3951
3952
# File 'gems/aws-sdk-batch/lib/aws-sdk-batch/types.rb', line 3943

class EksContainerSecurityContext < Struct.new(
  :run_as_user,
  :run_as_group,
  :privileged,
  :allow_privilege_escalation,
  :read_only_root_filesystem,
  :run_as_non_root)
  SENSITIVE = []
  include Aws::Structure
end

#run_as_groupInteger

When this parameter is specified, the container is run as the specified group ID (gid). If this parameter isn't specified, the default is the group that's specified in the image metadata. This parameter maps to RunAsGroup and MustRunAs policy in the Users and groups pod security policies in the Kubernetes documentation.

Returns:

  • (Integer)


3943
3944
3945
3946
3947
3948
3949
3950
3951
3952
# File 'gems/aws-sdk-batch/lib/aws-sdk-batch/types.rb', line 3943

class EksContainerSecurityContext < Struct.new(
  :run_as_user,
  :run_as_group,
  :privileged,
  :allow_privilege_escalation,
  :read_only_root_filesystem,
  :run_as_non_root)
  SENSITIVE = []
  include Aws::Structure
end

#run_as_non_rootBoolean

When this parameter is specified, the container is run as a user with a uid other than 0. If this parameter isn't specified, so such rule is enforced. This parameter maps to RunAsUser and MustRunAsNonRoot policy in the Users and groups pod security policies in the Kubernetes documentation.

Returns:

  • (Boolean)


3943
3944
3945
3946
3947
3948
3949
3950
3951
3952
# File 'gems/aws-sdk-batch/lib/aws-sdk-batch/types.rb', line 3943

class EksContainerSecurityContext < Struct.new(
  :run_as_user,
  :run_as_group,
  :privileged,
  :allow_privilege_escalation,
  :read_only_root_filesystem,
  :run_as_non_root)
  SENSITIVE = []
  include Aws::Structure
end

#run_as_userInteger

When this parameter is specified, the container is run as the specified user ID (uid). If this parameter isn't specified, the default is the user that's specified in the image metadata. This parameter maps to RunAsUser and MustRanAs policy in the Users and groups pod security policies in the Kubernetes documentation.

Returns:

  • (Integer)


3943
3944
3945
3946
3947
3948
3949
3950
3951
3952
# File 'gems/aws-sdk-batch/lib/aws-sdk-batch/types.rb', line 3943

class EksContainerSecurityContext < Struct.new(
  :run_as_user,
  :run_as_group,
  :privileged,
  :allow_privilege_escalation,
  :read_only_root_filesystem,
  :run_as_non_root)
  SENSITIVE = []
  include Aws::Structure
end