Documentation ¶
Index ¶
Constants ¶
View Source
const PluginName = "SecurityContextDeny"
PluginName indicates name of admission plugin.
Variables ¶
This section is empty.
Functions ¶
Types ¶
type Plugin ¶
Plugin implements admission.Interface.
func NewSecurityContextDeny ¶
func NewSecurityContextDeny() *Plugin
NewSecurityContextDeny creates a new instance of the SecurityContextDeny admission controller
func (*Plugin) Validate ¶
func (p *Plugin) Validate(ctx context.Context, a admission.Attributes, o admission.ObjectInterfaces) (err error)
Validate will deny any pod that defines SupplementalGroups, SELinuxOptions, RunAsUser or FSGroup
Click to show internal directories.
Click to hide internal directories.