elasticmachine
commented
2 months ago Pinging @elastic/elastic-agent-control-plane (Team:Elastic-Agent-Control-Plane)
Open cmacknz opened 2 months ago
elasticmachine
commented
2 months ago Pinging @elastic/elastic-agent-control-plane (Team:Elastic-Agent-Control-Plane)
We frequently get asked for the configuration of the Elastic Agent container that requires the least amount of privileges for a given application. The first problem is we run as the root user by default in our reference manifests, bypassing the need to think about capabilities.
Running as root is required for several security applications, but not common observability applications. We should create or document the configuration needed to run the Kubernetes and System integrations as a non-root user in our reference YAML so we can stop having to answer these questions.
https://github.com/elastic/elastic-agent/blob/a1fd2c9d9a7cc3931f8f1d452a730b6d216f8bd3/deploy/kubernetes/elastic-agent-managed/elastic-agent-managed-daemonset.yaml#L68-L83