diff --git a/kubernetes/resource_kubernetes_pod_test.go b/kubernetes/resource_kubernetes_pod_test.go
index 547e106460..7e95d928f0 100644
--- a/kubernetes/resource_kubernetes_pod_test.go
+++ b/kubernetes/resource_kubernetes_pod_test.go
@@ -148,7 +148,9 @@ func TestAccKubernetesPod_with_pod_security_context(t *testing.T) {
 				Check: resource.ComposeAggregateTestCheckFunc(
 					testAccCheckKubernetesPodExists("kubernetes_pod.test", &conf),
 					resource.TestCheckResourceAttr("kubernetes_pod.test", "spec.0.security_context.0.run_as_non_root", "true"),
+					resource.TestCheckResourceAttr("kubernetes_pod.test", "spec.0.security_context.0.run_as_user", "101"),
 					resource.TestCheckResourceAttr("kubernetes_pod.test", "spec.0.security_context.0.supplemental_groups.#", "1"),
+					resource.TestCheckResourceAttr("kubernetes_pod.test", "spec.0.security_context.0.supplemental_groups.988695518", "101"),
 				),
 			},
 		},
@@ -286,6 +288,14 @@ func TestAccKubernetesPod_with_container_security_context(t *testing.T) {
 				Check: resource.ComposeAggregateTestCheckFunc(
 					testAccCheckKubernetesPodExists("kubernetes_pod.test", &conf),
 					resource.TestCheckResourceAttr("kubernetes_pod.test", "spec.0.container.0.security_context.#", "1"),
+					resource.TestCheckResourceAttr("kubernetes_pod.test", "spec.0.container.0.security_context.0.privileged", "true"),
+					resource.TestCheckResourceAttr("kubernetes_pod.test", "spec.0.container.0.security_context.0.run_as_user", "1"),
+					resource.TestCheckResourceAttr("kubernetes_pod.test", "spec.0.container.0.security_context.0.se_linux_options.#", "1"),
+					resource.TestCheckResourceAttr("kubernetes_pod.test", "spec.0.container.0.security_context.0.se_linux_options.0.level", "s0:c123,c456"),
+					resource.TestCheckResourceAttr("kubernetes_pod.test", "spec.0.container.0.security_context.0.capabilities.#", "1"),
+					resource.TestCheckResourceAttr("kubernetes_pod.test", "spec.0.container.0.security_context.0.capabilities.0.add.#", "2"),
+					resource.TestCheckResourceAttr("kubernetes_pod.test", "spec.0.container.0.security_context.0.capabilities.0.add.0", "NET_ADMIN"),
+					resource.TestCheckResourceAttr("kubernetes_pod.test", "spec.0.container.0.security_context.0.capabilities.0.add.1", "SYS_TIME"),
 				),
 			},
 		},
@@ -752,13 +762,14 @@ resource "kubernetes_pod" "test" {
         se_linux_options {
           level = "s0:c123,c456"
         }
+        capabilities {
+          add = ["NET_ADMIN", "SYS_TIME"]
+        }
       }
     }
   }
 }
-
-
-	`, podName, imageName)
+`, podName, imageName)
 }
 
 func testAccKubernetesPodConfigWithVolumeMounts(secretName, podName, imageName string) string {
diff --git a/kubernetes/structures_container.go b/kubernetes/structures_container.go
index b01ba36832..406928b82f 100644
--- a/kubernetes/structures_container.go
+++ b/kubernetes/structures_container.go
@@ -8,7 +8,7 @@ import (
 )
 
 func flattenCapability(in []v1.Capability) []string {
-	att := make([]string, 0, len(in))
+	att := make([]string, len(in), len(in))
 	for i, v := range in {
 		att[i] = string(v)
 	}
@@ -510,7 +510,7 @@ func expandContainerSecurityContext(l []interface{}) *v1.SecurityContext {
 func expandCapabilitySlice(s []interface{}) []v1.Capability {
 	result := make([]v1.Capability, len(s), len(s))
 	for k, v := range s {
-		result[k] = v.(v1.Capability)
+		result[k] = v1.Capability(v.(string))
 	}
 	return result
 }