apiVersion: policy/v1beta1
kind: PodSecurityPolicy
metadata:
annotations:
annotationsKey: annotationsValue
creationTimestamp: "2008-01-01T01:01:01Z"
deletionGracePeriodSeconds: 10
deletionTimestamp: "2009-01-01T01:01:01Z"
finalizers:
- finalizersValue
generateName: generateNameValue
generation: 7
labels:
labelsKey: labelsValue
managedFields:
- apiVersion: apiVersionValue
fieldsType: fieldsTypeValue
fieldsV1: {}
manager: managerValue
operation: operationValue
subresource: subresourceValue
time: "2004-01-01T01:01:01Z"
name: nameValue
namespace: namespaceValue
ownerReferences:
- apiVersion: apiVersionValue
blockOwnerDeletion: true
controller: true
kind: kindValue
name: nameValue
uid: uidValue
resourceVersion: resourceVersionValue
selfLink: selfLinkValue
uid: uidValue
spec:
allowPrivilegeEscalation: true
allowedCSIDrivers:
- name: nameValue
allowedCapabilities:
- allowedCapabilitiesValue
allowedFlexVolumes:
- driver: driverValue
allowedHostPaths:
- pathPrefix: pathPrefixValue
readOnly: true
allowedProcMountTypes:
- allowedProcMountTypesValue
allowedUnsafeSysctls:
- allowedUnsafeSysctlsValue
defaultAddCapabilities:
- defaultAddCapabilitiesValue
defaultAllowPrivilegeEscalation: true
forbiddenSysctls:
- forbiddenSysctlsValue
fsGroup:
ranges:
- max: 2
min: 1
rule: ruleValue
hostIPC: true
hostNetwork: true
hostPID: true
hostPorts:
- max: 2
min: 1
privileged: true
readOnlyRootFilesystem: true
requiredDropCapabilities:
- requiredDropCapabilitiesValue
runAsGroup:
ranges:
- max: 2
min: 1
rule: ruleValue
runAsUser:
ranges:
- max: 2
min: 1
rule: ruleValue
runtimeClass:
allowedRuntimeClassNames:
- allowedRuntimeClassNamesValue
defaultRuntimeClassName: defaultRuntimeClassNameValue
seLinux:
rule: ruleValue
seLinuxOptions:
level: levelValue
role: roleValue
type: typeValue
user: userValue
supplementalGroups:
ranges:
- max: 2
min: 1
rule: ruleValue
volumes:
- volumesValue