ves-io-schema-k8s_pod_security_policy-API-Replace
On This Page:
Examples of replacing k8spodsecurity_policy
Usecase:
Replace pod-security-policy-1 to modify privilege to true.
Request using vesctl:
vesctl configuration replace k8s_pod_security_policy -i k8s_pod_security_policy.yaml
where file k8spodsecuritypolicy.yaml has following contents (k8spodsecuritypolicy.ReplaceRequest):
metadata:
name: pod-security-policy-1
namespace: system
spec:
pspSpec:
hostNetwork: true
noAllowedCapabilities: {}
noDefaultCapabilities: {}
noDropCapabilities: {}
noFsGroups: {}
noRunAsGroup: {}
noRunAsUser: {}
noRuntimeClass: {}
noSeLinuxOptions: {}
noSupplementalGroups: {}
privileged: true
readOnlyRootFilesystem: true
volumes:
- config
vesctl yaml response: None
Request using curl:
curl -X 'PUT' -d '{"metadata":{"name":"pod-security-policy-1","namespace":"system"},"spec":{"pspSpec":{"privileged":true,"noDefaultCapabilities":{},"noAllowedCapabilities":{},"noDropCapabilities":{},"volumes":["config"],"readOnlyRootFilesystem":true,"hostNetwork":true,"noRunAsUser":{},"noRunAsGroup":{},"noSupplementalGroups":{},"noFsGroups":{},"noSeLinuxOptions":{},"noRuntimeClass":{}}}}' -H 'X-Volterra-Useragent: v1/pgm=_tmp_go-build817539475_b001_apidocs.test/host=docker-desktop' 'https://acmecorp.console.ves.volterra.io/api/config/namespaces/system/k8s_pod_security_policys/pod-security-policy-1'
curl response:
HTTP/1.1 200 OK
Content-Length: 4
Content-Type: application/json
Date: Mon, 22 Feb 2021 15:44:06 GMT
Vary: Accept-Encoding
{
}