| Modifier and Type | Method and Description |
|---|---|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllAllowedCapabilities(Iterable<String> values)
allowedCapabilities is a list of capabilities that can be requested to add to the container.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllAllowedCSIDrivers(Iterable<? extends V1beta1Extensions.AllowedCSIDriver> values)
AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllAllowedFlexVolumes(Iterable<? extends V1beta1Extensions.AllowedFlexVolume> values)
allowedFlexVolumes is an allowlist of Flexvolumes.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllAllowedHostPaths(Iterable<? extends V1beta1Extensions.AllowedHostPath> values)
allowedHostPaths is an allowlist of host paths.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllAllowedProcMountTypes(Iterable<String> values)
AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllAllowedUnsafeSysctls(Iterable<String> values)
allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllDefaultAddCapabilities(Iterable<String> values)
defaultAddCapabilities is the default set of capabilities that will be added to the container
unless the pod spec specifically drops the capability.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllForbiddenSysctls(Iterable<String> values)
forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllHostPorts(Iterable<? extends V1beta1Extensions.HostPortRange> values)
hostPorts determines which host port ranges are allowed to be exposed.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedCapabilities(String value)
allowedCapabilities is a list of capabilities that can be requested to add to the container.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedCapabilitiesBytes(com.google.protobuf.ByteString value)
allowedCapabilities is a list of capabilities that can be requested to add to the container.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedCSIDrivers(int index,
V1beta1Extensions.AllowedCSIDriver.Builder builderForValue)
AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedCSIDrivers(int index,
V1beta1Extensions.AllowedCSIDriver value)
AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedCSIDrivers(V1beta1Extensions.AllowedCSIDriver.Builder builderForValue)
AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedCSIDrivers(V1beta1Extensions.AllowedCSIDriver value)
AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedFlexVolumes(int index,
V1beta1Extensions.AllowedFlexVolume.Builder builderForValue)
allowedFlexVolumes is an allowlist of Flexvolumes.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedFlexVolumes(int index,
V1beta1Extensions.AllowedFlexVolume value)
allowedFlexVolumes is an allowlist of Flexvolumes.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedFlexVolumes(V1beta1Extensions.AllowedFlexVolume.Builder builderForValue)
allowedFlexVolumes is an allowlist of Flexvolumes.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedFlexVolumes(V1beta1Extensions.AllowedFlexVolume value)
allowedFlexVolumes is an allowlist of Flexvolumes.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedHostPaths(int index,
V1beta1Extensions.AllowedHostPath.Builder builderForValue)
allowedHostPaths is an allowlist of host paths.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedHostPaths(int index,
V1beta1Extensions.AllowedHostPath value)
allowedHostPaths is an allowlist of host paths.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedHostPaths(V1beta1Extensions.AllowedHostPath.Builder builderForValue)
allowedHostPaths is an allowlist of host paths.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedHostPaths(V1beta1Extensions.AllowedHostPath value)
allowedHostPaths is an allowlist of host paths.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedProcMountTypes(String value)
AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedProcMountTypesBytes(com.google.protobuf.ByteString value)
AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedUnsafeSysctls(String value)
allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllowedUnsafeSysctlsBytes(com.google.protobuf.ByteString value)
allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllRequiredDropCapabilities(Iterable<String> values)
requiredDropCapabilities are the capabilities that will be dropped from the container.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addAllVolumes(Iterable<String> values)
volumes is an allowlist of volume plugins.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addDefaultAddCapabilities(String value)
defaultAddCapabilities is the default set of capabilities that will be added to the container
unless the pod spec specifically drops the capability.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addDefaultAddCapabilitiesBytes(com.google.protobuf.ByteString value)
defaultAddCapabilities is the default set of capabilities that will be added to the container
unless the pod spec specifically drops the capability.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addForbiddenSysctls(String value)
forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addForbiddenSysctlsBytes(com.google.protobuf.ByteString value)
forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addHostPorts(int index,
V1beta1Extensions.HostPortRange.Builder builderForValue)
hostPorts determines which host port ranges are allowed to be exposed.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addHostPorts(int index,
V1beta1Extensions.HostPortRange value)
hostPorts determines which host port ranges are allowed to be exposed.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addHostPorts(V1beta1Extensions.HostPortRange.Builder builderForValue)
hostPorts determines which host port ranges are allowed to be exposed.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addHostPorts(V1beta1Extensions.HostPortRange value)
hostPorts determines which host port ranges are allowed to be exposed.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field,
Object value) |
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addRequiredDropCapabilities(String value)
requiredDropCapabilities are the capabilities that will be dropped from the container.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addRequiredDropCapabilitiesBytes(com.google.protobuf.ByteString value)
requiredDropCapabilities are the capabilities that will be dropped from the container.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addVolumes(String value)
volumes is an allowlist of volume plugins.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.addVolumesBytes(com.google.protobuf.ByteString value)
volumes is an allowlist of volume plugins.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clear() |
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearAllowedCapabilities()
allowedCapabilities is a list of capabilities that can be requested to add to the container.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearAllowedCSIDrivers()
AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearAllowedFlexVolumes()
allowedFlexVolumes is an allowlist of Flexvolumes.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearAllowedHostPaths()
allowedHostPaths is an allowlist of host paths.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearAllowedProcMountTypes()
AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearAllowedUnsafeSysctls()
allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearAllowPrivilegeEscalation()
allowPrivilegeEscalation determines if a pod can request to allow
privilege escalation.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearDefaultAddCapabilities()
defaultAddCapabilities is the default set of capabilities that will be added to the container
unless the pod spec specifically drops the capability.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearDefaultAllowPrivilegeEscalation()
defaultAllowPrivilegeEscalation controls the default setting for whether a
process can gain more privileges than its parent process.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearField(com.google.protobuf.Descriptors.FieldDescriptor field) |
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearForbiddenSysctls()
forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearFsGroup()
fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearHostIPC()
hostIPC determines if the policy allows the use of HostIPC in the pod spec.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearHostNetwork()
hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearHostPID()
hostPID determines if the policy allows the use of HostPID in the pod spec.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearHostPorts()
hostPorts determines which host port ranges are allowed to be exposed.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof) |
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearPrivileged()
privileged determines if a pod can request to be run as privileged.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearReadOnlyRootFilesystem()
readOnlyRootFilesystem when set to true will force containers to run with a read only root file
system.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearRequiredDropCapabilities()
requiredDropCapabilities are the capabilities that will be dropped from the container.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearRunAsGroup()
RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearRunAsUser()
runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearRuntimeClass()
runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearSeLinux()
seLinux is the strategy that will dictate the allowable labels that may be set.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearSupplementalGroups()
supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clearVolumes()
volumes is an allowlist of volume plugins.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.clone() |
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicy.Builder.getSpecBuilder()
spec defines the policy enforced.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.mergeFrom(com.google.protobuf.CodedInputStream input,
com.google.protobuf.ExtensionRegistryLite extensionRegistry) |
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.mergeFrom(com.google.protobuf.Message other) |
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.mergeFrom(V1beta1Extensions.PodSecurityPolicySpec other) |
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.mergeFsGroup(V1beta1Extensions.FSGroupStrategyOptions value)
fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.mergeRunAsGroup(V1beta1Extensions.RunAsGroupStrategyOptions value)
RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.mergeRunAsUser(V1beta1Extensions.RunAsUserStrategyOptions value)
runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.mergeRuntimeClass(V1beta1Extensions.RuntimeClassStrategyOptions value)
runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.mergeSeLinux(V1beta1Extensions.SELinuxStrategyOptions value)
seLinux is the strategy that will dictate the allowable labels that may be set.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.mergeSupplementalGroups(V1beta1Extensions.SupplementalGroupsStrategyOptions value)
supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.mergeUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields) |
static V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.newBuilder() |
static V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.newBuilder(V1beta1Extensions.PodSecurityPolicySpec prototype) |
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.newBuilderForType() |
protected V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.newBuilderForType(com.google.protobuf.GeneratedMessageV3.BuilderParent parent) |
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.removeAllowedCSIDrivers(int index)
AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.removeAllowedFlexVolumes(int index)
allowedFlexVolumes is an allowlist of Flexvolumes.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.removeAllowedHostPaths(int index)
allowedHostPaths is an allowlist of host paths.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.removeHostPorts(int index)
hostPorts determines which host port ranges are allowed to be exposed.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setAllowedCapabilities(int index,
String value)
allowedCapabilities is a list of capabilities that can be requested to add to the container.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setAllowedCSIDrivers(int index,
V1beta1Extensions.AllowedCSIDriver.Builder builderForValue)
AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setAllowedCSIDrivers(int index,
V1beta1Extensions.AllowedCSIDriver value)
AllowedCSIDrivers is an allowlist of inline CSI drivers that must be explicitly set to be embedded within a pod spec.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setAllowedFlexVolumes(int index,
V1beta1Extensions.AllowedFlexVolume.Builder builderForValue)
allowedFlexVolumes is an allowlist of Flexvolumes.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setAllowedFlexVolumes(int index,
V1beta1Extensions.AllowedFlexVolume value)
allowedFlexVolumes is an allowlist of Flexvolumes.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setAllowedHostPaths(int index,
V1beta1Extensions.AllowedHostPath.Builder builderForValue)
allowedHostPaths is an allowlist of host paths.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setAllowedHostPaths(int index,
V1beta1Extensions.AllowedHostPath value)
allowedHostPaths is an allowlist of host paths.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setAllowedProcMountTypes(int index,
String value)
AllowedProcMountTypes is an allowlist of allowed ProcMountTypes.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setAllowedUnsafeSysctls(int index,
String value)
allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setAllowPrivilegeEscalation(boolean value)
allowPrivilegeEscalation determines if a pod can request to allow
privilege escalation.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setDefaultAddCapabilities(int index,
String value)
defaultAddCapabilities is the default set of capabilities that will be added to the container
unless the pod spec specifically drops the capability.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setDefaultAllowPrivilegeEscalation(boolean value)
defaultAllowPrivilegeEscalation controls the default setting for whether a
process can gain more privileges than its parent process.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setField(com.google.protobuf.Descriptors.FieldDescriptor field,
Object value) |
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setForbiddenSysctls(int index,
String value)
forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setFsGroup(V1beta1Extensions.FSGroupStrategyOptions.Builder builderForValue)
fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setFsGroup(V1beta1Extensions.FSGroupStrategyOptions value)
fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setHostIPC(boolean value)
hostIPC determines if the policy allows the use of HostIPC in the pod spec.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setHostNetwork(boolean value)
hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setHostPID(boolean value)
hostPID determines if the policy allows the use of HostPID in the pod spec.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setHostPorts(int index,
V1beta1Extensions.HostPortRange.Builder builderForValue)
hostPorts determines which host port ranges are allowed to be exposed.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setHostPorts(int index,
V1beta1Extensions.HostPortRange value)
hostPorts determines which host port ranges are allowed to be exposed.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setPrivileged(boolean value)
privileged determines if a pod can request to be run as privileged.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setReadOnlyRootFilesystem(boolean value)
readOnlyRootFilesystem when set to true will force containers to run with a read only root file
system.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field,
int index,
Object value) |
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setRequiredDropCapabilities(int index,
String value)
requiredDropCapabilities are the capabilities that will be dropped from the container.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setRunAsGroup(V1beta1Extensions.RunAsGroupStrategyOptions.Builder builderForValue)
RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setRunAsGroup(V1beta1Extensions.RunAsGroupStrategyOptions value)
RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setRunAsUser(V1beta1Extensions.RunAsUserStrategyOptions.Builder builderForValue)
runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setRunAsUser(V1beta1Extensions.RunAsUserStrategyOptions value)
runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setRuntimeClass(V1beta1Extensions.RuntimeClassStrategyOptions.Builder builderForValue)
runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setRuntimeClass(V1beta1Extensions.RuntimeClassStrategyOptions value)
runtimeClass is the strategy that will dictate the allowable RuntimeClasses for a pod.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setSeLinux(V1beta1Extensions.SELinuxStrategyOptions.Builder builderForValue)
seLinux is the strategy that will dictate the allowable labels that may be set.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setSeLinux(V1beta1Extensions.SELinuxStrategyOptions value)
seLinux is the strategy that will dictate the allowable labels that may be set.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setSupplementalGroups(V1beta1Extensions.SupplementalGroupsStrategyOptions.Builder builderForValue)
supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setSupplementalGroups(V1beta1Extensions.SupplementalGroupsStrategyOptions value)
supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields) |
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.Builder.setVolumes(int index,
String value)
volumes is an allowlist of volume plugins.
|
V1beta1Extensions.PodSecurityPolicySpec.Builder |
V1beta1Extensions.PodSecurityPolicySpec.toBuilder() |
| Modifier and Type | Method and Description |
|---|---|
V1beta1Extensions.PodSecurityPolicy.Builder |
V1beta1Extensions.PodSecurityPolicy.Builder.setSpec(V1beta1Extensions.PodSecurityPolicySpec.Builder builderForValue)
spec defines the policy enforced.
|
Copyright © 2023. All rights reserved.