Skip to content
This repository was archived by the owner on Apr 25, 2024. It is now read-only.

Commit a527771

Browse files
paavan98pmpaavan98pm
committed
updated pod security
1 parent a53c95a commit a527771

File tree

1 file changed

+8
-0
lines changed

1 file changed

+8
-0
lines changed

04-path-security-and-networking/401-configmaps-and-secrets/templates/pod-secretsmanager.yaml

+8
Original file line numberDiff line numberDiff line change
@@ -2,10 +2,18 @@ apiVersion: v1
22
kind: Pod
33
metadata:
44
name: pod-secretsmanager
5+
annotations:
6+
seccomp.security.alpha.kubernetes.io/pod: docker/default
7+
apparmor.security.beta.kubernetes.io/pod: runtime/default
58
spec:
9+
securityContext:
10+
runAsUser: 1337
11+
runAsNonRoot: true
612
containers:
713
- name: pod-secretsmanager
814
image: paavanmistry/node-aws-sm-demo:latest
15+
securityContext:
16+
allowPrivilegeEscalation: false
917
env:
1018
- name: ENDPOINT
1119
value: "https://secretsmanager.us-west-2.amazonaws.com"

0 commit comments

Comments
 (0)