Class EksContainerSecurityContext
- All Implemented Interfaces:
Serializable
,SdkPojo
,ToCopyableBuilder<EksContainerSecurityContext.Builder,
EksContainerSecurityContext>
The security context for a job. For more information, see Configure a security context for a pod or container in the Kubernetes documentation.
- See Also:
-
Nested Class Summary
-
Method Summary
Modifier and TypeMethodDescriptionfinal Boolean
Whether or not a container or a Kubernetes pod is allowed to gain more privileges than its parent process.builder()
final boolean
final boolean
equalsBySdkFields
(Object obj) Indicates whether some other object is "equal to" this one by SDK fields.final <T> Optional
<T> getValueForField
(String fieldName, Class<T> clazz) final int
hashCode()
final Boolean
When this parameter istrue
, the container is given elevated permissions on the host container instance.final Boolean
When this parameter istrue
, the container is given read-only access to its root file system.final Long
When this parameter is specified, the container is run as the specified group ID (gid
).final Boolean
When this parameter is specified, the container is run as a user with auid
other than 0.final Long
When this parameter is specified, the container is run as the specified user ID (uid
).static Class
<? extends EksContainerSecurityContext.Builder> Take this object and create a builder that contains all of the current property values of this object.final String
toString()
Returns a string representation of this object.Methods inherited from interface software.amazon.awssdk.utils.builder.ToCopyableBuilder
copy
-
Method Details
-
runAsUser
When this parameter is specified, the container is run as the specified user ID (
uid
). If this parameter isn't specified, the default is the user that's specified in the image metadata. This parameter maps toRunAsUser
andMustRanAs
policy in the Users and groups pod security policies in the Kubernetes documentation.- Returns:
- When this parameter is specified, the container is run as the specified user ID (
uid
). If this parameter isn't specified, the default is the user that's specified in the image metadata. This parameter maps toRunAsUser
andMustRanAs
policy in the Users and groups pod security policies in the Kubernetes documentation.
-
runAsGroup
When this parameter is specified, the container is run as the specified group ID (
gid
). If this parameter isn't specified, the default is the group that's specified in the image metadata. This parameter maps toRunAsGroup
andMustRunAs
policy in the Users and groups pod security policies in the Kubernetes documentation.- Returns:
- When this parameter is specified, the container is run as the specified group ID (
gid
). If this parameter isn't specified, the default is the group that's specified in the image metadata. This parameter maps toRunAsGroup
andMustRunAs
policy in the Users and groups pod security policies in the Kubernetes documentation.
-
privileged
When this parameter is
true
, the container is given elevated permissions on the host container instance. The level of permissions are similar to theroot
user permissions. The default value isfalse
. This parameter maps toprivileged
policy in the Privileged pod security policies in the Kubernetes documentation.- Returns:
- When this parameter is
true
, the container is given elevated permissions on the host container instance. The level of permissions are similar to theroot
user permissions. The default value isfalse
. This parameter maps toprivileged
policy in the Privileged pod security policies in the Kubernetes documentation.
-
allowPrivilegeEscalation
Whether or not a container or a Kubernetes pod is allowed to gain more privileges than its parent process. The default value is
false
.- Returns:
- Whether or not a container or a Kubernetes pod is allowed to gain more privileges than its parent
process. The default value is
false
.
-
readOnlyRootFilesystem
When this parameter is
true
, the container is given read-only access to its root file system. The default value isfalse
. This parameter maps toReadOnlyRootFilesystem
policy in the Volumes and file systems pod security policies in the Kubernetes documentation.- Returns:
- When this parameter is
true
, the container is given read-only access to its root file system. The default value isfalse
. This parameter maps toReadOnlyRootFilesystem
policy in the Volumes and file systems pod security policies in the Kubernetes documentation.
-
runAsNonRoot
When this parameter is specified, the container is run as a user with a
uid
other than 0. If this parameter isn't specified, so such rule is enforced. This parameter maps toRunAsUser
andMustRunAsNonRoot
policy in the Users and groups pod security policies in the Kubernetes documentation.- Returns:
- When this parameter is specified, the container is run as a user with a
uid
other than 0. If this parameter isn't specified, so such rule is enforced. This parameter maps toRunAsUser
andMustRunAsNonRoot
policy in the Users and groups pod security policies in the Kubernetes documentation.
-
toBuilder
Description copied from interface:ToCopyableBuilder
Take this object and create a builder that contains all of the current property values of this object.- Specified by:
toBuilder
in interfaceToCopyableBuilder<EksContainerSecurityContext.Builder,
EksContainerSecurityContext> - Returns:
- a builder for type T
-
builder
-
serializableBuilderClass
-
hashCode
public final int hashCode() -
equals
-
equalsBySdkFields
Description copied from interface:SdkPojo
Indicates whether some other object is "equal to" this one by SDK fields. An SDK field is a modeled, non-inherited field in anSdkPojo
class, and is generated based on a service model.If an
SdkPojo
class does not have any inherited fields,equalsBySdkFields
andequals
are essentially the same.- Specified by:
equalsBySdkFields
in interfaceSdkPojo
- Parameters:
obj
- the object to be compared with- Returns:
- true if the other object equals to this object by sdk fields, false otherwise.
-
toString
Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be redacted from this string using a placeholder value. -
getValueForField
-
sdkFields
-