Package org.cdk8s.plus24

Class ContainerSecurityContext.Builder

java.lang.Object

org.cdk8s.plus24.ContainerSecurityContext.Builder

All Implemented Interfaces:

software.amazon.jsii.Builder<ContainerSecurityContext>

Enclosing class:

ContainerSecurityContext

@Stability(Stable)
public static final class ContainerSecurityContext.Builder
extends Object
implements software.amazon.jsii.Builder<ContainerSecurityContext>

A fluent builder for ContainerSecurityContext.

Method Summary

Modifier and Type	Method	Description
ContainerSecurityContext	build()
static ContainerSecurityContext.Builder	create()
ContainerSecurityContext.Builder	ensureNonRoot(Boolean ensureNonRoot)	Indicates that the container must run as a non-root user.
ContainerSecurityContext.Builder	group(Number group)	The GID to run the entrypoint of the container process.
ContainerSecurityContext.Builder	privileged(Boolean privileged)	Run container in privileged mode.
ContainerSecurityContext.Builder	readOnlyRootFilesystem(Boolean readOnlyRootFilesystem)	Whether this container has a read-only root filesystem.
ContainerSecurityContext.Builder	user(Number user)	The UID to run the entrypoint of the container process.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Method Detail

create

@Stability(Stable)
public static ContainerSecurityContext.Builder create()

Returns:

a new instance of ContainerSecurityContext.Builder.

ensureNonRoot

@Stability(Stable)
public ContainerSecurityContext.Builder ensureNonRoot(Boolean ensureNonRoot)

Indicates that the container must run as a non-root user.

If true, the Kubelet will validate the image at runtime to ensure that it does not run as UID 0 (root) and fail to start the container if it does.

Default: false

Parameters:

ensureNonRoot - Indicates that the container must run as a non-root user. This parameter is required.

Returns:

this

group

@Stability(Stable)
public ContainerSecurityContext.Builder group(Number group)

The GID to run the entrypoint of the container process.

Default: - Group configured by container runtime

Parameters:

group - The GID to run the entrypoint of the container process. This parameter is required.

Returns:

this

privileged

@Stability(Stable)
public ContainerSecurityContext.Builder privileged(Boolean privileged)

Run container in privileged mode.

Processes in privileged containers are essentially equivalent to root on the host.

Default: false

Parameters:

privileged - Run container in privileged mode. This parameter is required.

Returns:

this

readOnlyRootFilesystem

@Stability(Stable)
public ContainerSecurityContext.Builder readOnlyRootFilesystem(Boolean readOnlyRootFilesystem)

Whether this container has a read-only root filesystem.

Default: false

Parameters:

readOnlyRootFilesystem - Whether this container has a read-only root filesystem. This parameter is required.

Returns:

this

user

@Stability(Stable)
public ContainerSecurityContext.Builder user(Number user)

The UID to run the entrypoint of the container process.

Default: - User specified in image metadata

Parameters:

user - The UID to run the entrypoint of the container process. This parameter is required.

Returns:

this

build

@Stability(Stable)
public ContainerSecurityContext build()

Specified by:

build in interface software.amazon.jsii.Builder<ContainerSecurityContext>