Support fsGroupPolicy: File for Pod security context

gardener / gardener-extension-provider-azure

Gardener extension controller for the Azure cloud provider (https://azure.microsoft.com).

https://gardener.cloud

Apache License 2.0

10 stars 79 forks source link

Support fsGroupPolicy: File for Pod security context #530

Open abbi-gaurav opened 2 years ago

abbi-gaurav commented 2 years ago

How to categorize this issue?

/area security /kind enhancement /platform azure

What would you like to be added: Provide support for enable fsGroupPolicy: File in the Pod security context. Comments from Dev It seems to be enabled by default in newer releases, so as a first estimation it shouldn’t be much effort to do so

Why is this needed: Better security for the workloads

gardener-robot commented 2 years ago

@abbi-gaurav Label area/todo does not exist.

dkistner commented 2 years ago

/assign

dkistner commented 2 years ago

Short status update I didn't find the time to look further into it. I'm planning to have a look into until end of the week.