io.kubernetes.client.proto

Class V1beta1Policy.PodSecurityPolicySpec.Builder

java.lang.Object

com.google.protobuf.AbstractMessageLite.Builder

com.google.protobuf.AbstractMessage.Builder<BuilderType>

com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

io.kubernetes.client.proto.V1beta1Policy.PodSecurityPolicySpec.Builder

All Implemented Interfaces:

com.google.protobuf.Message.Builder, com.google.protobuf.MessageLite.Builder, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, V1beta1Policy.PodSecurityPolicySpecOrBuilder, Cloneable

Enclosing class:

V1beta1Policy.PodSecurityPolicySpec

public static final class V1beta1Policy.PodSecurityPolicySpec.Builder
extends com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>
implements V1beta1Policy.PodSecurityPolicySpecOrBuilder

 PodSecurityPolicySpec defines the policy enforced.
 

Protobuf type k8s.io.api.policy.v1beta1.PodSecurityPolicySpec

Method Summary

Modifier and Type	Method and Description
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllAllowedCapabilities(Iterable<String> values) allowedCapabilities is a list of capabilities that can be requested to add to the container.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllAllowedCSIDrivers(Iterable<? extends V1beta1Policy.AllowedCSIDriver> values) AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllAllowedFlexVolumes(Iterable<? extends V1beta1Policy.AllowedFlexVolume> values) allowedFlexVolumes is an allowlist of Flexvolumes.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllAllowedHostPaths(Iterable<? extends V1beta1Policy.AllowedHostPath> values) allowedHostPaths is an allowlist of host paths.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllAllowedProcMountTypes(Iterable<String> values) AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllAllowedUnsafeSysctls(Iterable<String> values) allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllDefaultAddCapabilities(Iterable<String> values) defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllForbiddenSysctls(Iterable<String> values) forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllHostPorts(Iterable<? extends V1beta1Policy.HostPortRange> values) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedCapabilities(String value) allowedCapabilities is a list of capabilities that can be requested to add to the container.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedCapabilitiesBytes(com.google.protobuf.ByteString value) allowedCapabilities is a list of capabilities that can be requested to add to the container.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedCSIDrivers(int index, V1beta1Policy.AllowedCSIDriver.Builder builderForValue) AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedCSIDrivers(int index, V1beta1Policy.AllowedCSIDriver value) AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedCSIDrivers(V1beta1Policy.AllowedCSIDriver.Builder builderForValue) AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedCSIDrivers(V1beta1Policy.AllowedCSIDriver value) AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
V1beta1Policy.AllowedCSIDriver.Builder	addAllowedCSIDriversBuilder() AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
V1beta1Policy.AllowedCSIDriver.Builder	addAllowedCSIDriversBuilder(int index) AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedFlexVolumes(int index, V1beta1Policy.AllowedFlexVolume.Builder builderForValue) allowedFlexVolumes is an allowlist of Flexvolumes.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedFlexVolumes(int index, V1beta1Policy.AllowedFlexVolume value) allowedFlexVolumes is an allowlist of Flexvolumes.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedFlexVolumes(V1beta1Policy.AllowedFlexVolume.Builder builderForValue) allowedFlexVolumes is an allowlist of Flexvolumes.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedFlexVolumes(V1beta1Policy.AllowedFlexVolume value) allowedFlexVolumes is an allowlist of Flexvolumes.
V1beta1Policy.AllowedFlexVolume.Builder	addAllowedFlexVolumesBuilder() allowedFlexVolumes is an allowlist of Flexvolumes.
V1beta1Policy.AllowedFlexVolume.Builder	addAllowedFlexVolumesBuilder(int index) allowedFlexVolumes is an allowlist of Flexvolumes.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedHostPaths(int index, V1beta1Policy.AllowedHostPath.Builder builderForValue) allowedHostPaths is an allowlist of host paths.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedHostPaths(int index, V1beta1Policy.AllowedHostPath value) allowedHostPaths is an allowlist of host paths.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedHostPaths(V1beta1Policy.AllowedHostPath.Builder builderForValue) allowedHostPaths is an allowlist of host paths.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedHostPaths(V1beta1Policy.AllowedHostPath value) allowedHostPaths is an allowlist of host paths.
V1beta1Policy.AllowedHostPath.Builder	addAllowedHostPathsBuilder() allowedHostPaths is an allowlist of host paths.
V1beta1Policy.AllowedHostPath.Builder	addAllowedHostPathsBuilder(int index) allowedHostPaths is an allowlist of host paths.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedProcMountTypes(String value) AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedProcMountTypesBytes(com.google.protobuf.ByteString value) AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedUnsafeSysctls(String value) allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllowedUnsafeSysctlsBytes(com.google.protobuf.ByteString value) allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllRequiredDropCapabilities(Iterable<String> values) requiredDropCapabilities are the capabilities that will be dropped from the container.
V1beta1Policy.PodSecurityPolicySpec.Builder	addAllVolumes(Iterable<String> values) volumes is an allowlist of volume plugins.
V1beta1Policy.PodSecurityPolicySpec.Builder	addDefaultAddCapabilities(String value) defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
V1beta1Policy.PodSecurityPolicySpec.Builder	addDefaultAddCapabilitiesBytes(com.google.protobuf.ByteString value) defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
V1beta1Policy.PodSecurityPolicySpec.Builder	addForbiddenSysctls(String value) forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
V1beta1Policy.PodSecurityPolicySpec.Builder	addForbiddenSysctlsBytes(com.google.protobuf.ByteString value) forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
V1beta1Policy.PodSecurityPolicySpec.Builder	addHostPorts(int index, V1beta1Policy.HostPortRange.Builder builderForValue) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Policy.PodSecurityPolicySpec.Builder	addHostPorts(int index, V1beta1Policy.HostPortRange value) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Policy.PodSecurityPolicySpec.Builder	addHostPorts(V1beta1Policy.HostPortRange.Builder builderForValue) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Policy.PodSecurityPolicySpec.Builder	addHostPorts(V1beta1Policy.HostPortRange value) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Policy.HostPortRange.Builder	addHostPortsBuilder() hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Policy.HostPortRange.Builder	addHostPortsBuilder(int index) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Policy.PodSecurityPolicySpec.Builder	addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
V1beta1Policy.PodSecurityPolicySpec.Builder	addRequiredDropCapabilities(String value) requiredDropCapabilities are the capabilities that will be dropped from the container.
V1beta1Policy.PodSecurityPolicySpec.Builder	addRequiredDropCapabilitiesBytes(com.google.protobuf.ByteString value) requiredDropCapabilities are the capabilities that will be dropped from the container.
V1beta1Policy.PodSecurityPolicySpec.Builder	addVolumes(String value) volumes is an allowlist of volume plugins.
V1beta1Policy.PodSecurityPolicySpec.Builder	addVolumesBytes(com.google.protobuf.ByteString value) volumes is an allowlist of volume plugins.
V1beta1Policy.PodSecurityPolicySpec	build()
V1beta1Policy.PodSecurityPolicySpec	buildPartial()
V1beta1Policy.PodSecurityPolicySpec.Builder	clear()
V1beta1Policy.PodSecurityPolicySpec.Builder	clearAllowedCapabilities() allowedCapabilities is a list of capabilities that can be requested to add to the container.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearAllowedCSIDrivers() AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearAllowedFlexVolumes() allowedFlexVolumes is an allowlist of Flexvolumes.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearAllowedHostPaths() allowedHostPaths is an allowlist of host paths.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearAllowedProcMountTypes() AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearAllowedUnsafeSysctls() allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearAllowPrivilegeEscalation() allowPrivilegeEscalation determines if a pod can request to allow privilege escalation.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearDefaultAddCapabilities() defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearDefaultAllowPrivilegeEscalation() defaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearField(com.google.protobuf.Descriptors.FieldDescriptor field)
V1beta1Policy.PodSecurityPolicySpec.Builder	clearForbiddenSysctls() forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearFsGroup() fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearHostIPC() hostIPC determines if the policy allows the use of HostIPC in the pod spec.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearHostNetwork() hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearHostPID() hostPID determines if the policy allows the use of HostPID in the pod spec.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearHostPorts() hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)
V1beta1Policy.PodSecurityPolicySpec.Builder	clearPrivileged() privileged determines if a pod can request to be run as privileged.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearReadOnlyRootFilesystem() readOnlyRootFilesystem when set to true will force containers to run with a read only root file system.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearRequiredDropCapabilities() requiredDropCapabilities are the capabilities that will be dropped from the container.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearRunAsGroup() RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearRunAsUser() runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearRuntimeClass() runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearSeLinux() seLinux is the strategy that will dictate the allowable labels that may be set.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearSupplementalGroups() supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
V1beta1Policy.PodSecurityPolicySpec.Builder	clearVolumes() volumes is an allowlist of volume plugins.
V1beta1Policy.PodSecurityPolicySpec.Builder	clone()
String	getAllowedCapabilities(int index) allowedCapabilities is a list of capabilities that can be requested to add to the container.
com.google.protobuf.ByteString	getAllowedCapabilitiesBytes(int index) allowedCapabilities is a list of capabilities that can be requested to add to the container.
int	getAllowedCapabilitiesCount() allowedCapabilities is a list of capabilities that can be requested to add to the container.
com.google.protobuf.ProtocolStringList	getAllowedCapabilitiesList() allowedCapabilities is a list of capabilities that can be requested to add to the container.
V1beta1Policy.AllowedCSIDriver	getAllowedCSIDrivers(int index) AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
V1beta1Policy.AllowedCSIDriver.Builder	getAllowedCSIDriversBuilder(int index) AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
List<V1beta1Policy.AllowedCSIDriver.Builder>	getAllowedCSIDriversBuilderList() AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
int	getAllowedCSIDriversCount() AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
List<V1beta1Policy.AllowedCSIDriver>	getAllowedCSIDriversList() AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
V1beta1Policy.AllowedCSIDriverOrBuilder	getAllowedCSIDriversOrBuilder(int index) AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
List<? extends V1beta1Policy.AllowedCSIDriverOrBuilder>	getAllowedCSIDriversOrBuilderList() AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
V1beta1Policy.AllowedFlexVolume	getAllowedFlexVolumes(int index) allowedFlexVolumes is an allowlist of Flexvolumes.
V1beta1Policy.AllowedFlexVolume.Builder	getAllowedFlexVolumesBuilder(int index) allowedFlexVolumes is an allowlist of Flexvolumes.
List<V1beta1Policy.AllowedFlexVolume.Builder>	getAllowedFlexVolumesBuilderList() allowedFlexVolumes is an allowlist of Flexvolumes.
int	getAllowedFlexVolumesCount() allowedFlexVolumes is an allowlist of Flexvolumes.
List<V1beta1Policy.AllowedFlexVolume>	getAllowedFlexVolumesList() allowedFlexVolumes is an allowlist of Flexvolumes.
V1beta1Policy.AllowedFlexVolumeOrBuilder	getAllowedFlexVolumesOrBuilder(int index) allowedFlexVolumes is an allowlist of Flexvolumes.
List<? extends V1beta1Policy.AllowedFlexVolumeOrBuilder>	getAllowedFlexVolumesOrBuilderList() allowedFlexVolumes is an allowlist of Flexvolumes.
V1beta1Policy.AllowedHostPath	getAllowedHostPaths(int index) allowedHostPaths is an allowlist of host paths.
V1beta1Policy.AllowedHostPath.Builder	getAllowedHostPathsBuilder(int index) allowedHostPaths is an allowlist of host paths.
List<V1beta1Policy.AllowedHostPath.Builder>	getAllowedHostPathsBuilderList() allowedHostPaths is an allowlist of host paths.
int	getAllowedHostPathsCount() allowedHostPaths is an allowlist of host paths.
List<V1beta1Policy.AllowedHostPath>	getAllowedHostPathsList() allowedHostPaths is an allowlist of host paths.
V1beta1Policy.AllowedHostPathOrBuilder	getAllowedHostPathsOrBuilder(int index) allowedHostPaths is an allowlist of host paths.
List<? extends V1beta1Policy.AllowedHostPathOrBuilder>	getAllowedHostPathsOrBuilderList() allowedHostPaths is an allowlist of host paths.
String	getAllowedProcMountTypes(int index) AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
com.google.protobuf.ByteString	getAllowedProcMountTypesBytes(int index) AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
int	getAllowedProcMountTypesCount() AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
com.google.protobuf.ProtocolStringList	getAllowedProcMountTypesList() AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
String	getAllowedUnsafeSysctls(int index) allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
com.google.protobuf.ByteString	getAllowedUnsafeSysctlsBytes(int index) allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
int	getAllowedUnsafeSysctlsCount() allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
com.google.protobuf.ProtocolStringList	getAllowedUnsafeSysctlsList() allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
boolean	getAllowPrivilegeEscalation() allowPrivilegeEscalation determines if a pod can request to allow privilege escalation.
String	getDefaultAddCapabilities(int index) defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
com.google.protobuf.ByteString	getDefaultAddCapabilitiesBytes(int index) defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
int	getDefaultAddCapabilitiesCount() defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
com.google.protobuf.ProtocolStringList	getDefaultAddCapabilitiesList() defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
boolean	getDefaultAllowPrivilegeEscalation() defaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.
V1beta1Policy.PodSecurityPolicySpec	getDefaultInstanceForType()
static com.google.protobuf.Descriptors.Descriptor	getDescriptor()
com.google.protobuf.Descriptors.Descriptor	getDescriptorForType()
String	getForbiddenSysctls(int index) forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
com.google.protobuf.ByteString	getForbiddenSysctlsBytes(int index) forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
int	getForbiddenSysctlsCount() forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
com.google.protobuf.ProtocolStringList	getForbiddenSysctlsList() forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
V1beta1Policy.FSGroupStrategyOptions	getFsGroup() fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
V1beta1Policy.FSGroupStrategyOptions.Builder	getFsGroupBuilder() fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
V1beta1Policy.FSGroupStrategyOptionsOrBuilder	getFsGroupOrBuilder() fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
boolean	getHostIPC() hostIPC determines if the policy allows the use of HostIPC in the pod spec.
boolean	getHostNetwork() hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
boolean	getHostPID() hostPID determines if the policy allows the use of HostPID in the pod spec.
V1beta1Policy.HostPortRange	getHostPorts(int index) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Policy.HostPortRange.Builder	getHostPortsBuilder(int index) hostPorts determines which host port ranges are allowed to be exposed.
List<V1beta1Policy.HostPortRange.Builder>	getHostPortsBuilderList() hostPorts determines which host port ranges are allowed to be exposed.
int	getHostPortsCount() hostPorts determines which host port ranges are allowed to be exposed.
List<V1beta1Policy.HostPortRange>	getHostPortsList() hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Policy.HostPortRangeOrBuilder	getHostPortsOrBuilder(int index) hostPorts determines which host port ranges are allowed to be exposed.
List<? extends V1beta1Policy.HostPortRangeOrBuilder>	getHostPortsOrBuilderList() hostPorts determines which host port ranges are allowed to be exposed.
boolean	getPrivileged() privileged determines if a pod can request to be run as privileged.
boolean	getReadOnlyRootFilesystem() readOnlyRootFilesystem when set to true will force containers to run with a read only root file system.
String	getRequiredDropCapabilities(int index) requiredDropCapabilities are the capabilities that will be dropped from the container.
com.google.protobuf.ByteString	getRequiredDropCapabilitiesBytes(int index) requiredDropCapabilities are the capabilities that will be dropped from the container.
int	getRequiredDropCapabilitiesCount() requiredDropCapabilities are the capabilities that will be dropped from the container.
com.google.protobuf.ProtocolStringList	getRequiredDropCapabilitiesList() requiredDropCapabilities are the capabilities that will be dropped from the container.
V1beta1Policy.RunAsGroupStrategyOptions	getRunAsGroup() RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
V1beta1Policy.RunAsGroupStrategyOptions.Builder	getRunAsGroupBuilder() RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
V1beta1Policy.RunAsGroupStrategyOptionsOrBuilder	getRunAsGroupOrBuilder() RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
V1beta1Policy.RunAsUserStrategyOptions	getRunAsUser() runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
V1beta1Policy.RunAsUserStrategyOptions.Builder	getRunAsUserBuilder() runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
V1beta1Policy.RunAsUserStrategyOptionsOrBuilder	getRunAsUserOrBuilder() runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
V1beta1Policy.RuntimeClassStrategyOptions	getRuntimeClass() runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
V1beta1Policy.RuntimeClassStrategyOptions.Builder	getRuntimeClassBuilder() runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
V1beta1Policy.RuntimeClassStrategyOptionsOrBuilder	getRuntimeClassOrBuilder() runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
V1beta1Policy.SELinuxStrategyOptions	getSeLinux() seLinux is the strategy that will dictate the allowable labels that may be set.
V1beta1Policy.SELinuxStrategyOptions.Builder	getSeLinuxBuilder() seLinux is the strategy that will dictate the allowable labels that may be set.
V1beta1Policy.SELinuxStrategyOptionsOrBuilder	getSeLinuxOrBuilder() seLinux is the strategy that will dictate the allowable labels that may be set.
V1beta1Policy.SupplementalGroupsStrategyOptions	getSupplementalGroups() supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
V1beta1Policy.SupplementalGroupsStrategyOptions.Builder	getSupplementalGroupsBuilder() supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
V1beta1Policy.SupplementalGroupsStrategyOptionsOrBuilder	getSupplementalGroupsOrBuilder() supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
String	getVolumes(int index) volumes is an allowlist of volume plugins.
com.google.protobuf.ByteString	getVolumesBytes(int index) volumes is an allowlist of volume plugins.
int	getVolumesCount() volumes is an allowlist of volume plugins.
com.google.protobuf.ProtocolStringList	getVolumesList() volumes is an allowlist of volume plugins.
boolean	hasAllowPrivilegeEscalation() allowPrivilegeEscalation determines if a pod can request to allow privilege escalation.
boolean	hasDefaultAllowPrivilegeEscalation() defaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.
boolean	hasFsGroup() fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
boolean	hasHostIPC() hostIPC determines if the policy allows the use of HostIPC in the pod spec.
boolean	hasHostNetwork() hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
boolean	hasHostPID() hostPID determines if the policy allows the use of HostPID in the pod spec.
boolean	hasPrivileged() privileged determines if a pod can request to be run as privileged.
boolean	hasReadOnlyRootFilesystem() readOnlyRootFilesystem when set to true will force containers to run with a read only root file system.
boolean	hasRunAsGroup() RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
boolean	hasRunAsUser() runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
boolean	hasRuntimeClass() runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
boolean	hasSeLinux() seLinux is the strategy that will dictate the allowable labels that may be set.
boolean	hasSupplementalGroups() supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable	internalGetFieldAccessorTable()
boolean	isInitialized()
V1beta1Policy.PodSecurityPolicySpec.Builder	mergeFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
V1beta1Policy.PodSecurityPolicySpec.Builder	mergeFrom(com.google.protobuf.Message other)
V1beta1Policy.PodSecurityPolicySpec.Builder	mergeFrom(V1beta1Policy.PodSecurityPolicySpec other)
V1beta1Policy.PodSecurityPolicySpec.Builder	mergeFsGroup(V1beta1Policy.FSGroupStrategyOptions value) fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
V1beta1Policy.PodSecurityPolicySpec.Builder	mergeRunAsGroup(V1beta1Policy.RunAsGroupStrategyOptions value) RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
V1beta1Policy.PodSecurityPolicySpec.Builder	mergeRunAsUser(V1beta1Policy.RunAsUserStrategyOptions value) runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
V1beta1Policy.PodSecurityPolicySpec.Builder	mergeRuntimeClass(V1beta1Policy.RuntimeClassStrategyOptions value) runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
V1beta1Policy.PodSecurityPolicySpec.Builder	mergeSeLinux(V1beta1Policy.SELinuxStrategyOptions value) seLinux is the strategy that will dictate the allowable labels that may be set.
V1beta1Policy.PodSecurityPolicySpec.Builder	mergeSupplementalGroups(V1beta1Policy.SupplementalGroupsStrategyOptions value) supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
V1beta1Policy.PodSecurityPolicySpec.Builder	mergeUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
V1beta1Policy.PodSecurityPolicySpec.Builder	removeAllowedCSIDrivers(int index) AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
V1beta1Policy.PodSecurityPolicySpec.Builder	removeAllowedFlexVolumes(int index) allowedFlexVolumes is an allowlist of Flexvolumes.
V1beta1Policy.PodSecurityPolicySpec.Builder	removeAllowedHostPaths(int index) allowedHostPaths is an allowlist of host paths.
V1beta1Policy.PodSecurityPolicySpec.Builder	removeHostPorts(int index) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Policy.PodSecurityPolicySpec.Builder	setAllowedCapabilities(int index, String value) allowedCapabilities is a list of capabilities that can be requested to add to the container.
V1beta1Policy.PodSecurityPolicySpec.Builder	setAllowedCSIDrivers(int index, V1beta1Policy.AllowedCSIDriver.Builder builderForValue) AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
V1beta1Policy.PodSecurityPolicySpec.Builder	setAllowedCSIDrivers(int index, V1beta1Policy.AllowedCSIDriver value) AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
V1beta1Policy.PodSecurityPolicySpec.Builder	setAllowedFlexVolumes(int index, V1beta1Policy.AllowedFlexVolume.Builder builderForValue) allowedFlexVolumes is an allowlist of Flexvolumes.
V1beta1Policy.PodSecurityPolicySpec.Builder	setAllowedFlexVolumes(int index, V1beta1Policy.AllowedFlexVolume value) allowedFlexVolumes is an allowlist of Flexvolumes.
V1beta1Policy.PodSecurityPolicySpec.Builder	setAllowedHostPaths(int index, V1beta1Policy.AllowedHostPath.Builder builderForValue) allowedHostPaths is an allowlist of host paths.
V1beta1Policy.PodSecurityPolicySpec.Builder	setAllowedHostPaths(int index, V1beta1Policy.AllowedHostPath value) allowedHostPaths is an allowlist of host paths.
V1beta1Policy.PodSecurityPolicySpec.Builder	setAllowedProcMountTypes(int index, String value) AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
V1beta1Policy.PodSecurityPolicySpec.Builder	setAllowedUnsafeSysctls(int index, String value) allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
V1beta1Policy.PodSecurityPolicySpec.Builder	setAllowPrivilegeEscalation(boolean value) allowPrivilegeEscalation determines if a pod can request to allow privilege escalation.
V1beta1Policy.PodSecurityPolicySpec.Builder	setDefaultAddCapabilities(int index, String value) defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
V1beta1Policy.PodSecurityPolicySpec.Builder	setDefaultAllowPrivilegeEscalation(boolean value) defaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.
V1beta1Policy.PodSecurityPolicySpec.Builder	setField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
V1beta1Policy.PodSecurityPolicySpec.Builder	setForbiddenSysctls(int index, String value) forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
V1beta1Policy.PodSecurityPolicySpec.Builder	setFsGroup(V1beta1Policy.FSGroupStrategyOptions.Builder builderForValue) fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
V1beta1Policy.PodSecurityPolicySpec.Builder	setFsGroup(V1beta1Policy.FSGroupStrategyOptions value) fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
V1beta1Policy.PodSecurityPolicySpec.Builder	setHostIPC(boolean value) hostIPC determines if the policy allows the use of HostIPC in the pod spec.
V1beta1Policy.PodSecurityPolicySpec.Builder	setHostNetwork(boolean value) hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
V1beta1Policy.PodSecurityPolicySpec.Builder	setHostPID(boolean value) hostPID determines if the policy allows the use of HostPID in the pod spec.
V1beta1Policy.PodSecurityPolicySpec.Builder	setHostPorts(int index, V1beta1Policy.HostPortRange.Builder builderForValue) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Policy.PodSecurityPolicySpec.Builder	setHostPorts(int index, V1beta1Policy.HostPortRange value) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Policy.PodSecurityPolicySpec.Builder	setPrivileged(boolean value) privileged determines if a pod can request to be run as privileged.
V1beta1Policy.PodSecurityPolicySpec.Builder	setReadOnlyRootFilesystem(boolean value) readOnlyRootFilesystem when set to true will force containers to run with a read only root file system.
V1beta1Policy.PodSecurityPolicySpec.Builder	setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, int index, Object value)
V1beta1Policy.PodSecurityPolicySpec.Builder	setRequiredDropCapabilities(int index, String value) requiredDropCapabilities are the capabilities that will be dropped from the container.
V1beta1Policy.PodSecurityPolicySpec.Builder	setRunAsGroup(V1beta1Policy.RunAsGroupStrategyOptions.Builder builderForValue) RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
V1beta1Policy.PodSecurityPolicySpec.Builder	setRunAsGroup(V1beta1Policy.RunAsGroupStrategyOptions value) RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
V1beta1Policy.PodSecurityPolicySpec.Builder	setRunAsUser(V1beta1Policy.RunAsUserStrategyOptions.Builder builderForValue) runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
V1beta1Policy.PodSecurityPolicySpec.Builder	setRunAsUser(V1beta1Policy.RunAsUserStrategyOptions value) runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
V1beta1Policy.PodSecurityPolicySpec.Builder	setRuntimeClass(V1beta1Policy.RuntimeClassStrategyOptions.Builder builderForValue) runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
V1beta1Policy.PodSecurityPolicySpec.Builder	setRuntimeClass(V1beta1Policy.RuntimeClassStrategyOptions value) runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
V1beta1Policy.PodSecurityPolicySpec.Builder	setSeLinux(V1beta1Policy.SELinuxStrategyOptions.Builder builderForValue) seLinux is the strategy that will dictate the allowable labels that may be set.
V1beta1Policy.PodSecurityPolicySpec.Builder	setSeLinux(V1beta1Policy.SELinuxStrategyOptions value) seLinux is the strategy that will dictate the allowable labels that may be set.
V1beta1Policy.PodSecurityPolicySpec.Builder	setSupplementalGroups(V1beta1Policy.SupplementalGroupsStrategyOptions.Builder builderForValue) supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
V1beta1Policy.PodSecurityPolicySpec.Builder	setSupplementalGroups(V1beta1Policy.SupplementalGroupsStrategyOptions value) supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
V1beta1Policy.PodSecurityPolicySpec.Builder	setUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
V1beta1Policy.PodSecurityPolicySpec.Builder	setVolumes(int index, String value) volumes is an allowlist of volume plugins.

Methods inherited from class com.google.protobuf.GeneratedMessageV3.Builder

getAllFields, getField, getFieldBuilder, getOneofFieldDescriptor, getParentForChildren, getRepeatedField, getRepeatedFieldBuilder, getRepeatedFieldCount, getUnknownFields, getUnknownFieldSetBuilder, hasField, hasOneof, internalGetMapField, internalGetMutableMapField, isClean, markClean, mergeUnknownLengthDelimitedField, mergeUnknownVarintField, newBuilderForField, onBuilt, onChanged, parseUnknownField, setUnknownFieldSetBuilder, setUnknownFieldsProto3

Methods inherited from class com.google.protobuf.AbstractMessage.Builder

findInitializationErrors, getInitializationErrorString, internalMergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, newUninitializedMessageException, toString

Methods inherited from class com.google.protobuf.AbstractMessageLite.Builder

addAll, addAll, mergeDelimitedFrom, mergeDelimitedFrom, mergeFrom, newUninitializedMessageException

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface com.google.protobuf.MessageOrBuilder

findInitializationErrors, getAllFields, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof

Methods inherited from interface com.google.protobuf.Message.Builder

mergeDelimitedFrom, mergeDelimitedFrom

Methods inherited from interface com.google.protobuf.MessageLite.Builder

mergeFrom

Method Detail

getDescriptor

public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

internalGetFieldAccessorTable

protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()

Specified by:

internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

clear

public V1beta1Policy.PodSecurityPolicySpec.Builder clear()

Specified by:

clear in interface com.google.protobuf.Message.Builder

Specified by:

clear in interface com.google.protobuf.MessageLite.Builder

Overrides:

clear in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

getDescriptorForType

public com.google.protobuf.Descriptors.Descriptor getDescriptorForType()

Specified by:

getDescriptorForType in interface com.google.protobuf.Message.Builder

Specified by:

getDescriptorForType in interface com.google.protobuf.MessageOrBuilder

Overrides:

getDescriptorForType in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

getDefaultInstanceForType

public V1beta1Policy.PodSecurityPolicySpec getDefaultInstanceForType()

Specified by:

getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder

Specified by:

getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder

build

public V1beta1Policy.PodSecurityPolicySpec build()

Specified by:

build in interface com.google.protobuf.Message.Builder

Specified by:

build in interface com.google.protobuf.MessageLite.Builder

buildPartial

public V1beta1Policy.PodSecurityPolicySpec buildPartial()

Specified by:

buildPartial in interface com.google.protobuf.Message.Builder

Specified by:

buildPartial in interface com.google.protobuf.MessageLite.Builder

clone

public V1beta1Policy.PodSecurityPolicySpec.Builder clone()

Specified by:

clone in interface com.google.protobuf.Message.Builder

Specified by:

clone in interface com.google.protobuf.MessageLite.Builder

Overrides:

clone in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

setField

public V1beta1Policy.PodSecurityPolicySpec.Builder setField(com.google.protobuf.Descriptors.FieldDescriptor field,
                                                            Object value)

Specified by:

setField in interface com.google.protobuf.Message.Builder

Overrides:

setField in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

clearField

public V1beta1Policy.PodSecurityPolicySpec.Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field)

Specified by:

clearField in interface com.google.protobuf.Message.Builder

Overrides:

clearField in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

clearOneof

public V1beta1Policy.PodSecurityPolicySpec.Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)

Specified by:

clearOneof in interface com.google.protobuf.Message.Builder

Overrides:

clearOneof in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

setRepeatedField

public V1beta1Policy.PodSecurityPolicySpec.Builder setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field,
                                                                    int index,
                                                                    Object value)

Specified by:

setRepeatedField in interface com.google.protobuf.Message.Builder

Overrides:

setRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

addRepeatedField

public V1beta1Policy.PodSecurityPolicySpec.Builder addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field,
                                                                    Object value)

Specified by:

addRepeatedField in interface com.google.protobuf.Message.Builder

Overrides:

addRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

mergeFrom

public V1beta1Policy.PodSecurityPolicySpec.Builder mergeFrom(com.google.protobuf.Message other)

Specified by:

mergeFrom in interface com.google.protobuf.Message.Builder

Overrides:

mergeFrom in class com.google.protobuf.AbstractMessage.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

mergeFrom

public V1beta1Policy.PodSecurityPolicySpec.Builder mergeFrom(V1beta1Policy.PodSecurityPolicySpec other)

isInitialized

public final boolean isInitialized()

Specified by:

isInitialized in interface com.google.protobuf.MessageLiteOrBuilder

Overrides:

isInitialized in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

mergeFrom

public V1beta1Policy.PodSecurityPolicySpec.Builder mergeFrom(com.google.protobuf.CodedInputStream input,
                                                             com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                                      throws IOException

Specified by:

mergeFrom in interface com.google.protobuf.Message.Builder

Specified by:

mergeFrom in interface com.google.protobuf.MessageLite.Builder

Overrides:

mergeFrom in class com.google.protobuf.AbstractMessage.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

Throws:

IOException

hasPrivileged

public boolean hasPrivileged()

 privileged determines if a pod can request to be run as privileged.
 +optional
 

optional bool privileged = 1;

Specified by:

hasPrivileged in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getPrivileged

public boolean getPrivileged()

 privileged determines if a pod can request to be run as privileged.
 +optional
 

optional bool privileged = 1;

Specified by:

getPrivileged in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setPrivileged

public V1beta1Policy.PodSecurityPolicySpec.Builder setPrivileged(boolean value)

 privileged determines if a pod can request to be run as privileged.
 +optional
 

optional bool privileged = 1;

clearPrivileged

public V1beta1Policy.PodSecurityPolicySpec.Builder clearPrivileged()

 privileged determines if a pod can request to be run as privileged.
 +optional
 

optional bool privileged = 1;

getDefaultAddCapabilitiesList

public com.google.protobuf.ProtocolStringList getDefaultAddCapabilitiesList()

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

Specified by:

getDefaultAddCapabilitiesList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getDefaultAddCapabilitiesCount

public int getDefaultAddCapabilitiesCount()

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

Specified by:

getDefaultAddCapabilitiesCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getDefaultAddCapabilities

public String getDefaultAddCapabilities(int index)

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

Specified by:

getDefaultAddCapabilities in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getDefaultAddCapabilitiesBytes

public com.google.protobuf.ByteString getDefaultAddCapabilitiesBytes(int index)

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

Specified by:

getDefaultAddCapabilitiesBytes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setDefaultAddCapabilities

public V1beta1Policy.PodSecurityPolicySpec.Builder setDefaultAddCapabilities(int index,
                                                                             String value)

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

addDefaultAddCapabilities

public V1beta1Policy.PodSecurityPolicySpec.Builder addDefaultAddCapabilities(String value)

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

addAllDefaultAddCapabilities

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllDefaultAddCapabilities(Iterable<String> values)

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

clearDefaultAddCapabilities

public V1beta1Policy.PodSecurityPolicySpec.Builder clearDefaultAddCapabilities()

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

addDefaultAddCapabilitiesBytes

public V1beta1Policy.PodSecurityPolicySpec.Builder addDefaultAddCapabilitiesBytes(com.google.protobuf.ByteString value)

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

getRequiredDropCapabilitiesList

public com.google.protobuf.ProtocolStringList getRequiredDropCapabilitiesList()

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

Specified by:

getRequiredDropCapabilitiesList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getRequiredDropCapabilitiesCount

public int getRequiredDropCapabilitiesCount()

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

Specified by:

getRequiredDropCapabilitiesCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getRequiredDropCapabilities

public String getRequiredDropCapabilities(int index)

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

Specified by:

getRequiredDropCapabilities in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getRequiredDropCapabilitiesBytes

public com.google.protobuf.ByteString getRequiredDropCapabilitiesBytes(int index)

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

Specified by:

getRequiredDropCapabilitiesBytes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setRequiredDropCapabilities

public V1beta1Policy.PodSecurityPolicySpec.Builder setRequiredDropCapabilities(int index,
                                                                               String value)

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

addRequiredDropCapabilities

public V1beta1Policy.PodSecurityPolicySpec.Builder addRequiredDropCapabilities(String value)

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

addAllRequiredDropCapabilities

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllRequiredDropCapabilities(Iterable<String> values)

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

clearRequiredDropCapabilities

public V1beta1Policy.PodSecurityPolicySpec.Builder clearRequiredDropCapabilities()

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

addRequiredDropCapabilitiesBytes

public V1beta1Policy.PodSecurityPolicySpec.Builder addRequiredDropCapabilitiesBytes(com.google.protobuf.ByteString value)

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

getAllowedCapabilitiesList

public com.google.protobuf.ProtocolStringList getAllowedCapabilitiesList()

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

Specified by:

getAllowedCapabilitiesList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedCapabilitiesCount

public int getAllowedCapabilitiesCount()

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

Specified by:

getAllowedCapabilitiesCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedCapabilities

public String getAllowedCapabilities(int index)

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

Specified by:

getAllowedCapabilities in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedCapabilitiesBytes

public com.google.protobuf.ByteString getAllowedCapabilitiesBytes(int index)

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

Specified by:

getAllowedCapabilitiesBytes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setAllowedCapabilities

public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedCapabilities(int index,
                                                                          String value)

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

addAllowedCapabilities

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedCapabilities(String value)

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

addAllAllowedCapabilities

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllAllowedCapabilities(Iterable<String> values)

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

clearAllowedCapabilities

public V1beta1Policy.PodSecurityPolicySpec.Builder clearAllowedCapabilities()

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

addAllowedCapabilitiesBytes

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedCapabilitiesBytes(com.google.protobuf.ByteString value)

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

getVolumesList

public com.google.protobuf.ProtocolStringList getVolumesList()

 volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

Specified by:

getVolumesList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getVolumesCount

public int getVolumesCount()

 volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

Specified by:

getVolumesCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getVolumes

public String getVolumes(int index)

 volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

Specified by:

getVolumes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getVolumesBytes

public com.google.protobuf.ByteString getVolumesBytes(int index)

 volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

Specified by:

getVolumesBytes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setVolumes

public V1beta1Policy.PodSecurityPolicySpec.Builder setVolumes(int index,
                                                              String value)

 volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

addVolumes

public V1beta1Policy.PodSecurityPolicySpec.Builder addVolumes(String value)

 volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

addAllVolumes

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllVolumes(Iterable<String> values)

 volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

clearVolumes

public V1beta1Policy.PodSecurityPolicySpec.Builder clearVolumes()

 volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

addVolumesBytes

public V1beta1Policy.PodSecurityPolicySpec.Builder addVolumesBytes(com.google.protobuf.ByteString value)

 volumes is an allowlist of volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

hasHostNetwork

public boolean hasHostNetwork()

 hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
 +optional
 

optional bool hostNetwork = 6;

Specified by:

hasHostNetwork in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getHostNetwork

public boolean getHostNetwork()

 hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
 +optional
 

optional bool hostNetwork = 6;

Specified by:

getHostNetwork in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setHostNetwork

public V1beta1Policy.PodSecurityPolicySpec.Builder setHostNetwork(boolean value)

 hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
 +optional
 

optional bool hostNetwork = 6;

clearHostNetwork

public V1beta1Policy.PodSecurityPolicySpec.Builder clearHostNetwork()

 hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
 +optional
 

optional bool hostNetwork = 6;

getHostPortsList

public List<V1beta1Policy.HostPortRange> getHostPortsList()

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

Specified by:

getHostPortsList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getHostPortsCount

public int getHostPortsCount()

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

Specified by:

getHostPortsCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getHostPorts

public V1beta1Policy.HostPortRange getHostPorts(int index)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

Specified by:

getHostPorts in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setHostPorts

public V1beta1Policy.PodSecurityPolicySpec.Builder setHostPorts(int index,
                                                                V1beta1Policy.HostPortRange value)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

setHostPorts

public V1beta1Policy.PodSecurityPolicySpec.Builder setHostPorts(int index,
                                                                V1beta1Policy.HostPortRange.Builder builderForValue)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

addHostPorts

public V1beta1Policy.PodSecurityPolicySpec.Builder addHostPorts(V1beta1Policy.HostPortRange value)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

addHostPorts

public V1beta1Policy.PodSecurityPolicySpec.Builder addHostPorts(int index,
                                                                V1beta1Policy.HostPortRange value)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

addHostPorts

public V1beta1Policy.PodSecurityPolicySpec.Builder addHostPorts(V1beta1Policy.HostPortRange.Builder builderForValue)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

addHostPorts

public V1beta1Policy.PodSecurityPolicySpec.Builder addHostPorts(int index,
                                                                V1beta1Policy.HostPortRange.Builder builderForValue)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

addAllHostPorts

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllHostPorts(Iterable<? extends V1beta1Policy.HostPortRange> values)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

clearHostPorts

public V1beta1Policy.PodSecurityPolicySpec.Builder clearHostPorts()

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

removeHostPorts

public V1beta1Policy.PodSecurityPolicySpec.Builder removeHostPorts(int index)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

getHostPortsBuilder

public V1beta1Policy.HostPortRange.Builder getHostPortsBuilder(int index)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

getHostPortsOrBuilder

public V1beta1Policy.HostPortRangeOrBuilder getHostPortsOrBuilder(int index)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

Specified by:

getHostPortsOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getHostPortsOrBuilderList

public List<? extends V1beta1Policy.HostPortRangeOrBuilder> getHostPortsOrBuilderList()

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

Specified by:

getHostPortsOrBuilderList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

addHostPortsBuilder

public V1beta1Policy.HostPortRange.Builder addHostPortsBuilder()

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

addHostPortsBuilder

public V1beta1Policy.HostPortRange.Builder addHostPortsBuilder(int index)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

getHostPortsBuilderList

public List<V1beta1Policy.HostPortRange.Builder> getHostPortsBuilderList()

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.HostPortRange hostPorts = 7;

hasHostPID

public boolean hasHostPID()

 hostPID determines if the policy allows the use of HostPID in the pod spec.
 +optional
 

optional bool hostPID = 8;

Specified by:

hasHostPID in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getHostPID

public boolean getHostPID()

 hostPID determines if the policy allows the use of HostPID in the pod spec.
 +optional
 

optional bool hostPID = 8;

Specified by:

getHostPID in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setHostPID

public V1beta1Policy.PodSecurityPolicySpec.Builder setHostPID(boolean value)

 hostPID determines if the policy allows the use of HostPID in the pod spec.
 +optional
 

optional bool hostPID = 8;

clearHostPID

public V1beta1Policy.PodSecurityPolicySpec.Builder clearHostPID()

 hostPID determines if the policy allows the use of HostPID in the pod spec.
 +optional
 

optional bool hostPID = 8;

hasHostIPC

public boolean hasHostIPC()

 hostIPC determines if the policy allows the use of HostIPC in the pod spec.
 +optional
 

optional bool hostIPC = 9;

Specified by:

hasHostIPC in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getHostIPC

public boolean getHostIPC()

 hostIPC determines if the policy allows the use of HostIPC in the pod spec.
 +optional
 

optional bool hostIPC = 9;

Specified by:

getHostIPC in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setHostIPC

public V1beta1Policy.PodSecurityPolicySpec.Builder setHostIPC(boolean value)

 hostIPC determines if the policy allows the use of HostIPC in the pod spec.
 +optional
 

optional bool hostIPC = 9;

clearHostIPC

public V1beta1Policy.PodSecurityPolicySpec.Builder clearHostIPC()

 hostIPC determines if the policy allows the use of HostIPC in the pod spec.
 +optional
 

optional bool hostIPC = 9;

hasSeLinux

public boolean hasSeLinux()

 seLinux is the strategy that will dictate the allowable labels that may be set.
 

optional .k8s.io.api.policy.v1beta1.SELinuxStrategyOptions seLinux = 10;

Specified by:

hasSeLinux in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getSeLinux

public V1beta1Policy.SELinuxStrategyOptions getSeLinux()

 seLinux is the strategy that will dictate the allowable labels that may be set.
 

optional .k8s.io.api.policy.v1beta1.SELinuxStrategyOptions seLinux = 10;

Specified by:

getSeLinux in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setSeLinux

public V1beta1Policy.PodSecurityPolicySpec.Builder setSeLinux(V1beta1Policy.SELinuxStrategyOptions value)

 seLinux is the strategy that will dictate the allowable labels that may be set.
 

optional .k8s.io.api.policy.v1beta1.SELinuxStrategyOptions seLinux = 10;

setSeLinux

public V1beta1Policy.PodSecurityPolicySpec.Builder setSeLinux(V1beta1Policy.SELinuxStrategyOptions.Builder builderForValue)

 seLinux is the strategy that will dictate the allowable labels that may be set.
 

optional .k8s.io.api.policy.v1beta1.SELinuxStrategyOptions seLinux = 10;

mergeSeLinux

public V1beta1Policy.PodSecurityPolicySpec.Builder mergeSeLinux(V1beta1Policy.SELinuxStrategyOptions value)

 seLinux is the strategy that will dictate the allowable labels that may be set.
 

optional .k8s.io.api.policy.v1beta1.SELinuxStrategyOptions seLinux = 10;

clearSeLinux

public V1beta1Policy.PodSecurityPolicySpec.Builder clearSeLinux()

 seLinux is the strategy that will dictate the allowable labels that may be set.
 

optional .k8s.io.api.policy.v1beta1.SELinuxStrategyOptions seLinux = 10;

getSeLinuxBuilder

public V1beta1Policy.SELinuxStrategyOptions.Builder getSeLinuxBuilder()

 seLinux is the strategy that will dictate the allowable labels that may be set.
 

optional .k8s.io.api.policy.v1beta1.SELinuxStrategyOptions seLinux = 10;

getSeLinuxOrBuilder

public V1beta1Policy.SELinuxStrategyOptionsOrBuilder getSeLinuxOrBuilder()

 seLinux is the strategy that will dictate the allowable labels that may be set.
 

optional .k8s.io.api.policy.v1beta1.SELinuxStrategyOptions seLinux = 10;

Specified by:

getSeLinuxOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

hasRunAsUser

public boolean hasRunAsUser()

 runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
 

optional .k8s.io.api.policy.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

Specified by:

hasRunAsUser in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getRunAsUser

public V1beta1Policy.RunAsUserStrategyOptions getRunAsUser()

 runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
 

optional .k8s.io.api.policy.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

Specified by:

getRunAsUser in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setRunAsUser

public V1beta1Policy.PodSecurityPolicySpec.Builder setRunAsUser(V1beta1Policy.RunAsUserStrategyOptions value)

 runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
 

optional .k8s.io.api.policy.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

setRunAsUser

public V1beta1Policy.PodSecurityPolicySpec.Builder setRunAsUser(V1beta1Policy.RunAsUserStrategyOptions.Builder builderForValue)

 runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
 

optional .k8s.io.api.policy.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

mergeRunAsUser

public V1beta1Policy.PodSecurityPolicySpec.Builder mergeRunAsUser(V1beta1Policy.RunAsUserStrategyOptions value)

 runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
 

optional .k8s.io.api.policy.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

clearRunAsUser

public V1beta1Policy.PodSecurityPolicySpec.Builder clearRunAsUser()

 runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
 

optional .k8s.io.api.policy.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

getRunAsUserBuilder

public V1beta1Policy.RunAsUserStrategyOptions.Builder getRunAsUserBuilder()

 runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
 

optional .k8s.io.api.policy.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

getRunAsUserOrBuilder

public V1beta1Policy.RunAsUserStrategyOptionsOrBuilder getRunAsUserOrBuilder()

 runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
 

optional .k8s.io.api.policy.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

Specified by:

getRunAsUserOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

hasRunAsGroup

public boolean hasRunAsGroup()

 RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
 

optional .k8s.io.api.policy.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

Specified by:

hasRunAsGroup in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getRunAsGroup

public V1beta1Policy.RunAsGroupStrategyOptions getRunAsGroup()

 RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
 

optional .k8s.io.api.policy.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

Specified by:

getRunAsGroup in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setRunAsGroup

public V1beta1Policy.PodSecurityPolicySpec.Builder setRunAsGroup(V1beta1Policy.RunAsGroupStrategyOptions value)

 RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
 

optional .k8s.io.api.policy.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

setRunAsGroup

public V1beta1Policy.PodSecurityPolicySpec.Builder setRunAsGroup(V1beta1Policy.RunAsGroupStrategyOptions.Builder builderForValue)

 RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
 

optional .k8s.io.api.policy.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

mergeRunAsGroup

public V1beta1Policy.PodSecurityPolicySpec.Builder mergeRunAsGroup(V1beta1Policy.RunAsGroupStrategyOptions value)

 RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
 

optional .k8s.io.api.policy.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

clearRunAsGroup

public V1beta1Policy.PodSecurityPolicySpec.Builder clearRunAsGroup()

 RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
 

optional .k8s.io.api.policy.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

getRunAsGroupBuilder

public V1beta1Policy.RunAsGroupStrategyOptions.Builder getRunAsGroupBuilder()

 RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
 

optional .k8s.io.api.policy.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

getRunAsGroupOrBuilder

public V1beta1Policy.RunAsGroupStrategyOptionsOrBuilder getRunAsGroupOrBuilder()

 RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
 

optional .k8s.io.api.policy.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

Specified by:

getRunAsGroupOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

hasSupplementalGroups

public boolean hasSupplementalGroups()

 supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
 

optional .k8s.io.api.policy.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

Specified by:

hasSupplementalGroups in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getSupplementalGroups

public V1beta1Policy.SupplementalGroupsStrategyOptions getSupplementalGroups()

 supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
 

optional .k8s.io.api.policy.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

Specified by:

getSupplementalGroups in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setSupplementalGroups

public V1beta1Policy.PodSecurityPolicySpec.Builder setSupplementalGroups(V1beta1Policy.SupplementalGroupsStrategyOptions value)

 supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
 

optional .k8s.io.api.policy.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

setSupplementalGroups

public V1beta1Policy.PodSecurityPolicySpec.Builder setSupplementalGroups(V1beta1Policy.SupplementalGroupsStrategyOptions.Builder builderForValue)

 supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
 

optional .k8s.io.api.policy.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

mergeSupplementalGroups

public V1beta1Policy.PodSecurityPolicySpec.Builder mergeSupplementalGroups(V1beta1Policy.SupplementalGroupsStrategyOptions value)

 supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
 

optional .k8s.io.api.policy.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

clearSupplementalGroups

public V1beta1Policy.PodSecurityPolicySpec.Builder clearSupplementalGroups()

 supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
 

optional .k8s.io.api.policy.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

getSupplementalGroupsBuilder

public V1beta1Policy.SupplementalGroupsStrategyOptions.Builder getSupplementalGroupsBuilder()

 supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
 

optional .k8s.io.api.policy.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

getSupplementalGroupsOrBuilder

public V1beta1Policy.SupplementalGroupsStrategyOptionsOrBuilder getSupplementalGroupsOrBuilder()

 supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
 

optional .k8s.io.api.policy.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

Specified by:

getSupplementalGroupsOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

hasFsGroup

public boolean hasFsGroup()

 fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
 

optional .k8s.io.api.policy.v1beta1.FSGroupStrategyOptions fsGroup = 13;

Specified by:

hasFsGroup in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getFsGroup

public V1beta1Policy.FSGroupStrategyOptions getFsGroup()

 fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
 

optional .k8s.io.api.policy.v1beta1.FSGroupStrategyOptions fsGroup = 13;

Specified by:

getFsGroup in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setFsGroup

public V1beta1Policy.PodSecurityPolicySpec.Builder setFsGroup(V1beta1Policy.FSGroupStrategyOptions value)

 fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
 

optional .k8s.io.api.policy.v1beta1.FSGroupStrategyOptions fsGroup = 13;

setFsGroup

public V1beta1Policy.PodSecurityPolicySpec.Builder setFsGroup(V1beta1Policy.FSGroupStrategyOptions.Builder builderForValue)

 fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
 

optional .k8s.io.api.policy.v1beta1.FSGroupStrategyOptions fsGroup = 13;

mergeFsGroup

public V1beta1Policy.PodSecurityPolicySpec.Builder mergeFsGroup(V1beta1Policy.FSGroupStrategyOptions value)

 fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
 

optional .k8s.io.api.policy.v1beta1.FSGroupStrategyOptions fsGroup = 13;

clearFsGroup

public V1beta1Policy.PodSecurityPolicySpec.Builder clearFsGroup()

 fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
 

optional .k8s.io.api.policy.v1beta1.FSGroupStrategyOptions fsGroup = 13;

getFsGroupBuilder

public V1beta1Policy.FSGroupStrategyOptions.Builder getFsGroupBuilder()

 fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
 

optional .k8s.io.api.policy.v1beta1.FSGroupStrategyOptions fsGroup = 13;

getFsGroupOrBuilder

public V1beta1Policy.FSGroupStrategyOptionsOrBuilder getFsGroupOrBuilder()

 fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
 

optional .k8s.io.api.policy.v1beta1.FSGroupStrategyOptions fsGroup = 13;

Specified by:

getFsGroupOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

hasReadOnlyRootFilesystem

public boolean hasReadOnlyRootFilesystem()

 readOnlyRootFilesystem when set to true will force containers to run with a read only root file
 system.  If the container specifically requests to run with a non-read only root file system
 the PSP should deny the pod.
 If set to false the container may run with a read only root file system if it wishes but it
 will not be forced to.
 +optional
 

optional bool readOnlyRootFilesystem = 14;

Specified by:

hasReadOnlyRootFilesystem in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getReadOnlyRootFilesystem

public boolean getReadOnlyRootFilesystem()

 readOnlyRootFilesystem when set to true will force containers to run with a read only root file
 system.  If the container specifically requests to run with a non-read only root file system
 the PSP should deny the pod.
 If set to false the container may run with a read only root file system if it wishes but it
 will not be forced to.
 +optional
 

optional bool readOnlyRootFilesystem = 14;

Specified by:

getReadOnlyRootFilesystem in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setReadOnlyRootFilesystem

public V1beta1Policy.PodSecurityPolicySpec.Builder setReadOnlyRootFilesystem(boolean value)

 readOnlyRootFilesystem when set to true will force containers to run with a read only root file
 system.  If the container specifically requests to run with a non-read only root file system
 the PSP should deny the pod.
 If set to false the container may run with a read only root file system if it wishes but it
 will not be forced to.
 +optional
 

optional bool readOnlyRootFilesystem = 14;

clearReadOnlyRootFilesystem

public V1beta1Policy.PodSecurityPolicySpec.Builder clearReadOnlyRootFilesystem()

 readOnlyRootFilesystem when set to true will force containers to run with a read only root file
 system.  If the container specifically requests to run with a non-read only root file system
 the PSP should deny the pod.
 If set to false the container may run with a read only root file system if it wishes but it
 will not be forced to.
 +optional
 

optional bool readOnlyRootFilesystem = 14;

hasDefaultAllowPrivilegeEscalation

public boolean hasDefaultAllowPrivilegeEscalation()

 defaultAllowPrivilegeEscalation controls the default setting for whether a
 process can gain more privileges than its parent process.
 +optional
 

optional bool defaultAllowPrivilegeEscalation = 15;

Specified by:

hasDefaultAllowPrivilegeEscalation in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getDefaultAllowPrivilegeEscalation

public boolean getDefaultAllowPrivilegeEscalation()

 defaultAllowPrivilegeEscalation controls the default setting for whether a
 process can gain more privileges than its parent process.
 +optional
 

optional bool defaultAllowPrivilegeEscalation = 15;

Specified by:

getDefaultAllowPrivilegeEscalation in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setDefaultAllowPrivilegeEscalation

public V1beta1Policy.PodSecurityPolicySpec.Builder setDefaultAllowPrivilegeEscalation(boolean value)

 defaultAllowPrivilegeEscalation controls the default setting for whether a
 process can gain more privileges than its parent process.
 +optional
 

optional bool defaultAllowPrivilegeEscalation = 15;

clearDefaultAllowPrivilegeEscalation

public V1beta1Policy.PodSecurityPolicySpec.Builder clearDefaultAllowPrivilegeEscalation()

 defaultAllowPrivilegeEscalation controls the default setting for whether a
 process can gain more privileges than its parent process.
 +optional
 

optional bool defaultAllowPrivilegeEscalation = 15;

hasAllowPrivilegeEscalation

public boolean hasAllowPrivilegeEscalation()

 allowPrivilegeEscalation determines if a pod can request to allow
 privilege escalation. If unspecified, defaults to true.
 +optional
 

optional bool allowPrivilegeEscalation = 16;

Specified by:

hasAllowPrivilegeEscalation in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowPrivilegeEscalation

public boolean getAllowPrivilegeEscalation()

 allowPrivilegeEscalation determines if a pod can request to allow
 privilege escalation. If unspecified, defaults to true.
 +optional
 

optional bool allowPrivilegeEscalation = 16;

Specified by:

getAllowPrivilegeEscalation in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setAllowPrivilegeEscalation

public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowPrivilegeEscalation(boolean value)

 allowPrivilegeEscalation determines if a pod can request to allow
 privilege escalation. If unspecified, defaults to true.
 +optional
 

optional bool allowPrivilegeEscalation = 16;

clearAllowPrivilegeEscalation

public V1beta1Policy.PodSecurityPolicySpec.Builder clearAllowPrivilegeEscalation()

 allowPrivilegeEscalation determines if a pod can request to allow
 privilege escalation. If unspecified, defaults to true.
 +optional
 

optional bool allowPrivilegeEscalation = 16;

getAllowedHostPathsList

public List<V1beta1Policy.AllowedHostPath> getAllowedHostPathsList()

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

Specified by:

getAllowedHostPathsList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedHostPathsCount

public int getAllowedHostPathsCount()

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

Specified by:

getAllowedHostPathsCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedHostPaths

public V1beta1Policy.AllowedHostPath getAllowedHostPaths(int index)

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

Specified by:

getAllowedHostPaths in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setAllowedHostPaths

public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedHostPaths(int index,
                                                                       V1beta1Policy.AllowedHostPath value)

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

setAllowedHostPaths

public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedHostPaths(int index,
                                                                       V1beta1Policy.AllowedHostPath.Builder builderForValue)

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

addAllowedHostPaths

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedHostPaths(V1beta1Policy.AllowedHostPath value)

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

addAllowedHostPaths

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedHostPaths(int index,
                                                                       V1beta1Policy.AllowedHostPath value)

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

addAllowedHostPaths

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedHostPaths(V1beta1Policy.AllowedHostPath.Builder builderForValue)

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

addAllowedHostPaths

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedHostPaths(int index,
                                                                       V1beta1Policy.AllowedHostPath.Builder builderForValue)

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

addAllAllowedHostPaths

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllAllowedHostPaths(Iterable<? extends V1beta1Policy.AllowedHostPath> values)

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

clearAllowedHostPaths

public V1beta1Policy.PodSecurityPolicySpec.Builder clearAllowedHostPaths()

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

removeAllowedHostPaths

public V1beta1Policy.PodSecurityPolicySpec.Builder removeAllowedHostPaths(int index)

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

getAllowedHostPathsBuilder

public V1beta1Policy.AllowedHostPath.Builder getAllowedHostPathsBuilder(int index)

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

getAllowedHostPathsOrBuilder

public V1beta1Policy.AllowedHostPathOrBuilder getAllowedHostPathsOrBuilder(int index)

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

Specified by:

getAllowedHostPathsOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedHostPathsOrBuilderList

public List<? extends V1beta1Policy.AllowedHostPathOrBuilder> getAllowedHostPathsOrBuilderList()

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

Specified by:

getAllowedHostPathsOrBuilderList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

addAllowedHostPathsBuilder

public V1beta1Policy.AllowedHostPath.Builder addAllowedHostPathsBuilder()

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

addAllowedHostPathsBuilder

public V1beta1Policy.AllowedHostPath.Builder addAllowedHostPathsBuilder(int index)

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

getAllowedHostPathsBuilderList

public List<V1beta1Policy.AllowedHostPath.Builder> getAllowedHostPathsBuilderList()

 allowedHostPaths is an allowlist of host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedHostPath allowedHostPaths = 17;

getAllowedFlexVolumesList

public List<V1beta1Policy.AllowedFlexVolume> getAllowedFlexVolumesList()

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

Specified by:

getAllowedFlexVolumesList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedFlexVolumesCount

public int getAllowedFlexVolumesCount()

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

Specified by:

getAllowedFlexVolumesCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedFlexVolumes

public V1beta1Policy.AllowedFlexVolume getAllowedFlexVolumes(int index)

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

Specified by:

getAllowedFlexVolumes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setAllowedFlexVolumes

public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedFlexVolumes(int index,
                                                                         V1beta1Policy.AllowedFlexVolume value)

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

setAllowedFlexVolumes

public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedFlexVolumes(int index,
                                                                         V1beta1Policy.AllowedFlexVolume.Builder builderForValue)

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

addAllowedFlexVolumes

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedFlexVolumes(V1beta1Policy.AllowedFlexVolume value)

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

addAllowedFlexVolumes

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedFlexVolumes(int index,
                                                                         V1beta1Policy.AllowedFlexVolume value)

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

addAllowedFlexVolumes

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedFlexVolumes(V1beta1Policy.AllowedFlexVolume.Builder builderForValue)

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

addAllowedFlexVolumes

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedFlexVolumes(int index,
                                                                         V1beta1Policy.AllowedFlexVolume.Builder builderForValue)

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

addAllAllowedFlexVolumes

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllAllowedFlexVolumes(Iterable<? extends V1beta1Policy.AllowedFlexVolume> values)

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

clearAllowedFlexVolumes

public V1beta1Policy.PodSecurityPolicySpec.Builder clearAllowedFlexVolumes()

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

removeAllowedFlexVolumes

public V1beta1Policy.PodSecurityPolicySpec.Builder removeAllowedFlexVolumes(int index)

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

getAllowedFlexVolumesBuilder

public V1beta1Policy.AllowedFlexVolume.Builder getAllowedFlexVolumesBuilder(int index)

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

getAllowedFlexVolumesOrBuilder

public V1beta1Policy.AllowedFlexVolumeOrBuilder getAllowedFlexVolumesOrBuilder(int index)

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

Specified by:

getAllowedFlexVolumesOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedFlexVolumesOrBuilderList

public List<? extends V1beta1Policy.AllowedFlexVolumeOrBuilder> getAllowedFlexVolumesOrBuilderList()

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

Specified by:

getAllowedFlexVolumesOrBuilderList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

addAllowedFlexVolumesBuilder

public V1beta1Policy.AllowedFlexVolume.Builder addAllowedFlexVolumesBuilder()

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

addAllowedFlexVolumesBuilder

public V1beta1Policy.AllowedFlexVolume.Builder addAllowedFlexVolumesBuilder(int index)

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

getAllowedFlexVolumesBuilderList

public List<V1beta1Policy.AllowedFlexVolume.Builder> getAllowedFlexVolumesBuilderList()

 allowedFlexVolumes is an allowlist of Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

getAllowedCSIDriversList

public List<V1beta1Policy.AllowedCSIDriver> getAllowedCSIDriversList()

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

Specified by:

getAllowedCSIDriversList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedCSIDriversCount

public int getAllowedCSIDriversCount()

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

Specified by:

getAllowedCSIDriversCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedCSIDrivers

public V1beta1Policy.AllowedCSIDriver getAllowedCSIDrivers(int index)

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

Specified by:

getAllowedCSIDrivers in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setAllowedCSIDrivers

public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedCSIDrivers(int index,
                                                                        V1beta1Policy.AllowedCSIDriver value)

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

setAllowedCSIDrivers

public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedCSIDrivers(int index,
                                                                        V1beta1Policy.AllowedCSIDriver.Builder builderForValue)

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

addAllowedCSIDrivers

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedCSIDrivers(V1beta1Policy.AllowedCSIDriver value)

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

addAllowedCSIDrivers

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedCSIDrivers(int index,
                                                                        V1beta1Policy.AllowedCSIDriver value)

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

addAllowedCSIDrivers

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedCSIDrivers(V1beta1Policy.AllowedCSIDriver.Builder builderForValue)

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

addAllowedCSIDrivers

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedCSIDrivers(int index,
                                                                        V1beta1Policy.AllowedCSIDriver.Builder builderForValue)

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

addAllAllowedCSIDrivers

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllAllowedCSIDrivers(Iterable<? extends V1beta1Policy.AllowedCSIDriver> values)

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

clearAllowedCSIDrivers

public V1beta1Policy.PodSecurityPolicySpec.Builder clearAllowedCSIDrivers()

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

removeAllowedCSIDrivers

public V1beta1Policy.PodSecurityPolicySpec.Builder removeAllowedCSIDrivers(int index)

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

getAllowedCSIDriversBuilder

public V1beta1Policy.AllowedCSIDriver.Builder getAllowedCSIDriversBuilder(int index)

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

getAllowedCSIDriversOrBuilder

public V1beta1Policy.AllowedCSIDriverOrBuilder getAllowedCSIDriversOrBuilder(int index)

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

Specified by:

getAllowedCSIDriversOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedCSIDriversOrBuilderList

public List<? extends V1beta1Policy.AllowedCSIDriverOrBuilder> getAllowedCSIDriversOrBuilderList()

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

Specified by:

getAllowedCSIDriversOrBuilderList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

addAllowedCSIDriversBuilder

public V1beta1Policy.AllowedCSIDriver.Builder addAllowedCSIDriversBuilder()

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

addAllowedCSIDriversBuilder

public V1beta1Policy.AllowedCSIDriver.Builder addAllowedCSIDriversBuilder(int index)

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

getAllowedCSIDriversBuilderList

public List<V1beta1Policy.AllowedCSIDriver.Builder> getAllowedCSIDriversBuilderList()

 AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
 An empty value indicates that any CSI driver can be used for inline ephemeral volumes.
 This is a beta field, and is only honored if the API server enables the CSIInlineVolume feature gate.
 +optional
 

repeated .k8s.io.api.policy.v1beta1.AllowedCSIDriver allowedCSIDrivers = 23;

getAllowedUnsafeSysctlsList

public com.google.protobuf.ProtocolStringList getAllowedUnsafeSysctlsList()

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

Specified by:

getAllowedUnsafeSysctlsList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedUnsafeSysctlsCount

public int getAllowedUnsafeSysctlsCount()

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

Specified by:

getAllowedUnsafeSysctlsCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedUnsafeSysctls

public String getAllowedUnsafeSysctls(int index)

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

Specified by:

getAllowedUnsafeSysctls in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedUnsafeSysctlsBytes

public com.google.protobuf.ByteString getAllowedUnsafeSysctlsBytes(int index)

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

Specified by:

getAllowedUnsafeSysctlsBytes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setAllowedUnsafeSysctls

public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedUnsafeSysctls(int index,
                                                                           String value)

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

addAllowedUnsafeSysctls

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedUnsafeSysctls(String value)

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

addAllAllowedUnsafeSysctls

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllAllowedUnsafeSysctls(Iterable<String> values)

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

clearAllowedUnsafeSysctls

public V1beta1Policy.PodSecurityPolicySpec.Builder clearAllowedUnsafeSysctls()

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

addAllowedUnsafeSysctlsBytes

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedUnsafeSysctlsBytes(com.google.protobuf.ByteString value)

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to allowlist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

getForbiddenSysctlsList

public com.google.protobuf.ProtocolStringList getForbiddenSysctlsList()

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

Specified by:

getForbiddenSysctlsList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getForbiddenSysctlsCount

public int getForbiddenSysctlsCount()

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

Specified by:

getForbiddenSysctlsCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getForbiddenSysctls

public String getForbiddenSysctls(int index)

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

Specified by:

getForbiddenSysctls in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getForbiddenSysctlsBytes

public com.google.protobuf.ByteString getForbiddenSysctlsBytes(int index)

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

Specified by:

getForbiddenSysctlsBytes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setForbiddenSysctls

public V1beta1Policy.PodSecurityPolicySpec.Builder setForbiddenSysctls(int index,
                                                                       String value)

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

addForbiddenSysctls

public V1beta1Policy.PodSecurityPolicySpec.Builder addForbiddenSysctls(String value)

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

addAllForbiddenSysctls

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllForbiddenSysctls(Iterable<String> values)

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

clearForbiddenSysctls

public V1beta1Policy.PodSecurityPolicySpec.Builder clearForbiddenSysctls()

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

addForbiddenSysctlsBytes

public V1beta1Policy.PodSecurityPolicySpec.Builder addForbiddenSysctlsBytes(com.google.protobuf.ByteString value)

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

getAllowedProcMountTypesList

public com.google.protobuf.ProtocolStringList getAllowedProcMountTypesList()

 AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

Specified by:

getAllowedProcMountTypesList in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedProcMountTypesCount

public int getAllowedProcMountTypesCount()

 AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

Specified by:

getAllowedProcMountTypesCount in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedProcMountTypes

public String getAllowedProcMountTypes(int index)

 AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

Specified by:

getAllowedProcMountTypes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getAllowedProcMountTypesBytes

public com.google.protobuf.ByteString getAllowedProcMountTypesBytes(int index)

 AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

Specified by:

getAllowedProcMountTypesBytes in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setAllowedProcMountTypes

public V1beta1Policy.PodSecurityPolicySpec.Builder setAllowedProcMountTypes(int index,
                                                                            String value)

 AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

addAllowedProcMountTypes

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedProcMountTypes(String value)

 AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

addAllAllowedProcMountTypes

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllAllowedProcMountTypes(Iterable<String> values)

 AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

clearAllowedProcMountTypes

public V1beta1Policy.PodSecurityPolicySpec.Builder clearAllowedProcMountTypes()

 AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

addAllowedProcMountTypesBytes

public V1beta1Policy.PodSecurityPolicySpec.Builder addAllowedProcMountTypesBytes(com.google.protobuf.ByteString value)

 AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

hasRuntimeClass

public boolean hasRuntimeClass()

 runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
 If this field is omitted, the pod's runtimeClassName field is unrestricted.
 Enforcement of this field depends on the RuntimeClass feature gate being enabled.
 +optional
 

optional .k8s.io.api.policy.v1beta1.RuntimeClassStrategyOptions runtimeClass = 24;

Specified by:

hasRuntimeClass in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

getRuntimeClass

public V1beta1Policy.RuntimeClassStrategyOptions getRuntimeClass()

 runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
 If this field is omitted, the pod's runtimeClassName field is unrestricted.
 Enforcement of this field depends on the RuntimeClass feature gate being enabled.
 +optional
 

optional .k8s.io.api.policy.v1beta1.RuntimeClassStrategyOptions runtimeClass = 24;

Specified by:

getRuntimeClass in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setRuntimeClass

public V1beta1Policy.PodSecurityPolicySpec.Builder setRuntimeClass(V1beta1Policy.RuntimeClassStrategyOptions value)

 runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
 If this field is omitted, the pod's runtimeClassName field is unrestricted.
 Enforcement of this field depends on the RuntimeClass feature gate being enabled.
 +optional
 

optional .k8s.io.api.policy.v1beta1.RuntimeClassStrategyOptions runtimeClass = 24;

setRuntimeClass

public V1beta1Policy.PodSecurityPolicySpec.Builder setRuntimeClass(V1beta1Policy.RuntimeClassStrategyOptions.Builder builderForValue)

 runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
 If this field is omitted, the pod's runtimeClassName field is unrestricted.
 Enforcement of this field depends on the RuntimeClass feature gate being enabled.
 +optional
 

optional .k8s.io.api.policy.v1beta1.RuntimeClassStrategyOptions runtimeClass = 24;

mergeRuntimeClass

public V1beta1Policy.PodSecurityPolicySpec.Builder mergeRuntimeClass(V1beta1Policy.RuntimeClassStrategyOptions value)

 runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
 If this field is omitted, the pod's runtimeClassName field is unrestricted.
 Enforcement of this field depends on the RuntimeClass feature gate being enabled.
 +optional
 

optional .k8s.io.api.policy.v1beta1.RuntimeClassStrategyOptions runtimeClass = 24;

clearRuntimeClass

public V1beta1Policy.PodSecurityPolicySpec.Builder clearRuntimeClass()

 runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
 If this field is omitted, the pod's runtimeClassName field is unrestricted.
 Enforcement of this field depends on the RuntimeClass feature gate being enabled.
 +optional
 

optional .k8s.io.api.policy.v1beta1.RuntimeClassStrategyOptions runtimeClass = 24;

getRuntimeClassBuilder

public V1beta1Policy.RuntimeClassStrategyOptions.Builder getRuntimeClassBuilder()

 runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
 If this field is omitted, the pod's runtimeClassName field is unrestricted.
 Enforcement of this field depends on the RuntimeClass feature gate being enabled.
 +optional
 

optional .k8s.io.api.policy.v1beta1.RuntimeClassStrategyOptions runtimeClass = 24;

getRuntimeClassOrBuilder

public V1beta1Policy.RuntimeClassStrategyOptionsOrBuilder getRuntimeClassOrBuilder()

 runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
 If this field is omitted, the pod's runtimeClassName field is unrestricted.
 Enforcement of this field depends on the RuntimeClass feature gate being enabled.
 +optional
 

optional .k8s.io.api.policy.v1beta1.RuntimeClassStrategyOptions runtimeClass = 24;

Specified by:

getRuntimeClassOrBuilder in interface V1beta1Policy.PodSecurityPolicySpecOrBuilder

setUnknownFields

public final V1beta1Policy.PodSecurityPolicySpec.Builder setUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)

Specified by:

setUnknownFields in interface com.google.protobuf.Message.Builder

Overrides:

setUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>

mergeUnknownFields

public final V1beta1Policy.PodSecurityPolicySpec.Builder mergeUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)

Specified by:

mergeUnknownFields in interface com.google.protobuf.Message.Builder

Overrides:

mergeUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Policy.PodSecurityPolicySpec.Builder>