container must have FSGroup of X applied.

container may make requests for any FSGroup labels.

container must run as a particular uid.

container must run as a non-root uid.

container must run as a particular uid.

container may make requests for any uid.

container must have SELinux labels of X applied.

container may make requests for any SELinux context labels.

container must run as a particular gid.

container may make requests for any gid.

SchemeGroupVersion is group version used to register these objects.

SchemeGroupVersion is group version used to register these objects.

AllowAllCapabilities can be used as a value for the SecurityContextConstraints.AllowAllCapabilities field and means that any capabilities are allowed to be requested.

SchemeGroupVersion is group version used to register these objects.

SchemeGroupVersion is group version used to register these objects.

SchemeGroupVersion is group version used to register these objects.

SchemeGroupVersion is group version used to register these objects.

AllowedFlexVolume represents a single Flexvolume that is allowed to be used.

FSGroupStrategyOptions defines the strategy type and options used to create the strategy.

IDRange provides a min/max of an allowed range of IDs.

PodSecurityPolicyReview checks which service accounts (not users, since that would be cluster-wide) can create the `PodTemplateSpec` in question.

PodSecurityPolicyReviewSpec defines specification for PodSecurityPolicyReview.

PodSecurityPolicyReviewStatus represents the status of PodSecurityPolicyReview.

PodSecurityPolicySelfSubjectReview checks whether this user/SA tuple can create the PodTemplateSpec.

PodSecurityPolicySelfSubjectReviewSpec contains specification for PodSecurityPolicySelfSubjectReview.

PodSecurityPolicySubjectReview checks whether a particular user/SA tuple can create the PodTemplateSpec.

PodSecurityPolicySubjectReviewSpec defines specification for PodSecurityPolicySubjectReview.

PodSecurityPolicySubjectReviewStatus contains information/status for PodSecurityPolicySubjectReview.

RunAsUserStrategyOptions defines the strategy type and any options used to create the strategy.

SecurityContextConstraints governs the ability to make requests that affect the SecurityContext that will be applied to a container.

SecurityContextConstraintsList is a list of SecurityContextConstraints objects.

SELinuxContextStrategyOptions defines the strategy type and any options used to create the strategy.

ServiceAccountPodSecurityPolicyReviewStatus represents ServiceAccount name and related review status.

SupplementalGroupsStrategyOptions defines the strategy type and options used to create the strategy.

FSGroupStrategyType denotes strategy types for generating FSGroup values for a SecurityContext.

FS Type gives strong typing to different file systems that are used by volumes.

RunAsUserStrategyType denotes strategy types for generating RunAsUser values for a SecurityContext.

SELinuxContextStrategyType denotes strategy types for generating SELinux options for a SecurityContext.

SupplementalGroupsStrategyType denotes strategy types for determining valid supplemental groups for a SecurityContext.