Is your feature request related to a problem? Please describe.
Sometimes only a specific container within a pod needs escalated privileges. It would be nice if policy exemptions allowed us to specify narrow exemptions for specific containers rather than targeting the entire pod.
Describe the solution you'd like
Add a containers regex field to the matcher spec, to function similarly to (pod) name.
Is your feature request related to a problem? Please describe.
Sometimes only a specific container within a pod needs escalated privileges. It would be nice if policy exemptions allowed us to specify narrow exemptions for specific containers rather than targeting the entire pod.
Describe the solution you'd like
Add a
containers
regex field to thematcher
spec, to function similarly to (pod)name
.