Package install installs the experimental API group, making it available as an option to all of the API encoding/decoding machinery.

Package policy is for any kind of policy object.

Kind takes an unqualified kind and returns a Group qualified GroupKind.

PodAnnotationsFromSysctls creates an annotation value for a slice of Sysctls.

Resource takes an unqualified resource and returns a Group qualified GroupResource.

SysctlsFromPodSecurityPolicyAnnotation parses an annotation value of the key SysctlsSecurityPolicyAnnotationKey into a slice of sysctls.

FSGroupStrategyMustRunAs means that container must have FSGroup of X applied.

FSGroupStrategyRunAsAny means that container may make requests for any FSGroup labels.

GroupName is the group name use in this package.

RunAsUserStrategyMustRunAs means that container must run as a particular uid.

RunAsUserStrategyMustRunAsNonRoot means that container must run as a non-root uid.

RunAsUserStrategyRunAsAny means that container may make requests for any uid.

SELinuxStrategyMustRunAs means that container must have SELinux labels of X applied.

SELinuxStrategyRunAsAny means that container may make requests for any SELinux context labels.

SupplementalGroupsStrategyMustRunAs means that container must run as a particular gid.

SupplementalGroupsStrategyRunAsAny means that container may make requests for any gid.

SysctlsPodSecurityPolicyAnnotationKey represents the key of a whitelist of allowed safe and unsafe sysctls in a pod spec.

AllowAllCapabilities can be used as a value for the PodSecurityPolicy.AllowAllCapabilities field and means that any capabilities are allowed to be requested.

SchemeGroupVersion is group version used to register these objects.

AllowedFlexVolume represents a single Flexvolume that is allowed to be used.

AllowedHostPath defines the host volume conditions that will be enabled by a policy for pods to use.

Eviction evicts a pod from its node subject to certain policies and safety constraints.

FSGroupStrategyOptions defines the strategy type and options used to create the strategy.

GroupIDRange provides a min/max of an allowed range of GroupIDs.

HostPortRange defines a range of host ports that will be enabled by a policy for pods to use.

PodDisruptionBudget is an object to define the max disruption that can be caused to a collection of pods.

PodDisruptionBudgetList is a collection of PodDisruptionBudgets.

PodDisruptionBudgetSpec is a description of a PodDisruptionBudget.

PodDisruptionBudgetStatus represents information about the status of a PodDisruptionBudget.

PodSecurityPolicy governs the ability to make requests that affect the SecurityContext that will be applied to a pod and container.

PodSecurityPolicyList is a list of PodSecurityPolicy objects.

PodSecurityPolicySpec defines the policy enforced.

RunAsUserStrategyOptions defines the strategy type and any options used to create the strategy.

SELinuxStrategyOptions defines the strategy type and any options used to create the strategy.

SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy.

UserIDRange provides a min/max of an allowed range of UserIDs.

FSGroupStrategyType denotes strategy types for generating FSGroup values for a SecurityContext.

FSType gives strong typing to different file systems that are used by volumes.

RunAsUserStrategy denotes strategy types for generating RunAsUser values for a SecurityContext.

SELinuxStrategy denotes strategy types for generating SELinux options for a Security.

SupplementalGroupsStrategyType denotes strategy types for determining valid supplemental groups for a SecurityContext.