Class: Aws::ECS::Types::KernelCapabilities
- Inherits:
-
Struct
- Object
- Struct
- Aws::ECS::Types::KernelCapabilities
- Defined in:
- gems/aws-sdk-ecs/lib/aws-sdk-ecs/types.rb
Overview
The Linux capabilities to add or remove from the default Docker configuration for a container defined in the task definition. For more information about the default capabilities and the non-default available capabilities, see Runtime privilege and Linux capabilities in the Docker run reference. For more detailed information about these Linux capabilities, see the capabilities(7) Linux manual page.
Constant Summary collapse
- SENSITIVE =
[]
Instance Attribute Summary collapse
-
#add ⇒ Array<String>
The Linux capabilities for the container that have been added to the default configuration provided by Docker.
-
#drop ⇒ Array<String>
The Linux capabilities for the container that have been removed from the default configuration provided by Docker.
Instance Attribute Details
#add ⇒ Array<String>
The Linux capabilities for the container that have been added to the
default configuration provided by Docker. This parameter maps to
CapAdd
in the Create a container section of the Docker
Remote API and the --cap-add
option to docker run.
SYS_PTRACE
kernel capability.
Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" |
"BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" |
"FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" |
"LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" |
"NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" |
"SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" |
"SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT"
| "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" |
"SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"
5514 5515 5516 5517 5518 5519 |
# File 'gems/aws-sdk-ecs/lib/aws-sdk-ecs/types.rb', line 5514 class KernelCapabilities < Struct.new( :add, :drop) SENSITIVE = [] include Aws::Structure end |
#drop ⇒ Array<String>
The Linux capabilities for the container that have been removed from
the default configuration provided by Docker. This parameter maps to
CapDrop
in the Create a container section of the Docker
Remote API and the --cap-drop
option to docker run.
Valid values: "ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" |
"BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" |
"FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" |
"LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" |
"NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" |
"SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" |
"SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT"
| "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" |
"SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"
5514 5515 5516 5517 5518 5519 |
# File 'gems/aws-sdk-ecs/lib/aws-sdk-ecs/types.rb', line 5514 class KernelCapabilities < Struct.new( :add, :drop) SENSITIVE = [] include Aws::Structure end |