2018-05-05 16:00:51 +00:00
|
|
|
---
|
|
|
|
|
title: Security Context
|
|
|
|
|
id: security-context
|
|
|
|
|
date: 2018-04-12
|
|
|
|
|
full_link: /docs/tasks/configure-pod-container/security-context/
|
|
|
|
|
short_description: >
|
2020-03-16 05:30:35 +00:00
|
|
|
The securityContext field defines privilege and access control settings for a Pod or container.
|
2018-05-05 16:00:51 +00:00
|
|
|
|
|
|
|
|
aka:
|
|
|
|
|
tags:
|
|
|
|
|
- security
|
|
|
|
|
---
|
2020-03-16 05:30:35 +00:00
|
|
|
The `securityContext` field defines privilege and access control settings for
|
|
|
|
|
a {{< glossary_tooltip text="Pod" term_id="pod" >}} or
|
|
|
|
|
{{< glossary_tooltip text="container" term_id="container" >}}.
|
2018-05-05 16:00:51 +00:00
|
|
|
|
2020-03-16 05:30:35 +00:00
|
|
|
<!--more-->
|
2018-05-05 16:00:51 +00:00
|
|
|
|
2020-03-16 05:30:35 +00:00
|
|
|
In a `securityContext`, you can define: the user that processes run as,
|
|
|
|
|
the group that processes run as, and privilege settings.
|
|
|
|
|
You can also configure security policies (for example: SELinux, AppArmor or seccomp).
|
|
|
|
|
|
|
|
|
|
The `PodSpec.securityContext` setting applies to all containers in a Pod.
|
