Class: Aws::ECS::Types::KernelCapabilities
- Inherits:
-
Struct
- Object
- Struct
- Aws::ECS::Types::KernelCapabilities
- Defined in:
- gems/aws-sdk-ecs/lib/aws-sdk-ecs/types.rb
Overview
When making an API call, you may pass KernelCapabilities data as a hash:
{
add: ["String"],
drop: ["String"],
}
The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker. For more information about the default capabilities and the non-default available capabilities, see Runtime privilege and Linux capabilities in the Docker run reference. For more detailed information about these Linux capabilities, see the capabilities(7) Linux manual page.
Constant Summary collapse
- SENSITIVE =
[]
Instance Attribute Summary collapse
-
#add ⇒ Array<String>
The Linux capabilities for the container that have been added to the default configuration provided by Docker.
-
#drop ⇒ Array<String>
The Linux capabilities for the container that have been removed from the default configuration provided by Docker.
Instance Attribute Details
#add ⇒ Array<String>
The Linux capabilities for the container that have been added to the
default configuration provided by Docker. This parameter maps to
CapAdd
in the Create a container section of the Docker
Remote API and the --cap-add
option to docker run.
SYS_PTRACE
kernel capability.
Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" |
"BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" |
"FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" |
"LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" |
"NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" |
"SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" |
"SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT"
| "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" |
"SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"
5737 5738 5739 5740 5741 5742 |
# File 'gems/aws-sdk-ecs/lib/aws-sdk-ecs/types.rb', line 5737 class KernelCapabilities < Struct.new( :add, :drop) SENSITIVE = [] include Aws::Structure end |
#drop ⇒ Array<String>
The Linux capabilities for the container that have been removed from
the default configuration provided by Docker. This parameter maps to
CapDrop
in the Create a container section of the Docker
Remote API and the --cap-drop
option to docker run.
Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" |
"BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" |
"FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" |
"LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" |
"NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" |
"SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" |
"SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT"
| "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" |
"SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"
5737 5738 5739 5740 5741 5742 |
# File 'gems/aws-sdk-ecs/lib/aws-sdk-ecs/types.rb', line 5737 class KernelCapabilities < Struct.new( :add, :drop) SENSITIVE = [] include Aws::Structure end |