Package software.amazon.awscdk.services.ecs

Interface CfnTaskDefinition.KernelCapabilitiesProperty

All Superinterfaces:

software.amazon.jsii.JsiiSerializable

All Known Implementing Classes:

CfnTaskDefinition.KernelCapabilitiesProperty.Jsii$Proxy

Enclosing class:

CfnTaskDefinition

@Stability(Stable)
public static interface CfnTaskDefinition.KernelCapabilitiesProperty
extends software.amazon.jsii.JsiiSerializable

The Linux capabilities to add or remove from the default Docker configuration for a container defined in the task definition.

For more detailed information about these Linux capabilities, see the capabilities(7) Linux manual page.

Example:

 // The code below shows an example of how to instantiate this type.
 // The values are placeholders you should change.
 import software.amazon.awscdk.services.ecs.*;
 KernelCapabilitiesProperty kernelCapabilitiesProperty = KernelCapabilitiesProperty.builder()
         .add(List.of("add"))
         .drop(List.of("drop"))
         .build();
 

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-taskdefinition-kernelcapabilities.html

Nested Class Summary

Nested Classes

Modifier and Type	Interface	Description
static final class	CfnTaskDefinition.KernelCapabilitiesProperty.Builder	A builder for CfnTaskDefinition.KernelCapabilitiesProperty
static final class	CfnTaskDefinition.KernelCapabilitiesProperty.Jsii$Proxy	An implementation for CfnTaskDefinition.KernelCapabilitiesProperty

Method Summary

Modifier and Type	Method	Description
static CfnTaskDefinition.KernelCapabilitiesProperty.Builder	builder()
default List<String>	getAdd()	The Linux capabilities for the container that have been added to the default configuration provided by Docker.
default List<String>	getDrop()	The Linux capabilities for the container that have been removed from the default configuration provided by Docker.

Methods inherited from interface software.amazon.jsii.JsiiSerializable

$jsii$toJson

Method Details

getAdd

@Stability(Stable)
@Nullable
default List<String> getAdd()

The Linux capabilities for the container that have been added to the default configuration provided by Docker.

This parameter maps to CapAdd in the docker container create command and the --cap-add option to docker run.

Tasks launched on AWS Fargate only support adding the SYS_PTRACE kernel capability.

Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-taskdefinition-kernelcapabilities.html#cfn-ecs-taskdefinition-kernelcapabilities-add

getDrop

@Stability(Stable)
@Nullable
default List<String> getDrop()

The Linux capabilities for the container that have been removed from the default configuration provided by Docker.

This parameter maps to CapDrop in the docker container create command and the --cap-drop option to docker run.

Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"

See Also:

• http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ecs-taskdefinition-kernelcapabilities.html#cfn-ecs-taskdefinition-kernelcapabilities-drop

builder

@Stability(Stable)
static CfnTaskDefinition.KernelCapabilitiesProperty.Builder builder()

Returns:

a CfnTaskDefinition.KernelCapabilitiesProperty.Builder of CfnTaskDefinition.KernelCapabilitiesProperty