Skip to content

Commit

Permalink
fix runasgroup psp policy
Browse files Browse the repository at this point in the history
  • Loading branch information
Mayank Kumar committed May 15, 2019
1 parent 3099d9d commit 7afc3db
Showing 1 changed file with 2 additions and 4 deletions.
6 changes: 2 additions & 4 deletions content/en/docs/concepts/policy/pod-security-policy.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -493,10 +493,8 @@ recommended with this strategy.

- *MustRunAs* - Requires at least one `range` to be specified. Uses the
minimum value of the first range as the default. Validates against all ranges.
- *MustRunAsNonRoot* - Requires that the pod be submitted with a non-zero
`runAsUser` or have the `USER` directive defined (using a numeric GID) in the
image. No default provided. Setting `allowPrivilegeEscalation=false` is strongly
recommended with this strategy.
- *MayRunAs* - Does not require that RunAsGroup be specified. However, when RunAsGroup
is specified, they have to fall in the defined range.
- *RunAsAny* - No default provided. Allows any `runAsGroup` to be specified.


Expand Down

0 comments on commit 7afc3db

Please sign in to comment.