WindowsSecurityContextOptions

WindowsSecurityContextOptions contain Windows-specific options and credentials.

Schema URL

https://raw.githubusercontent.com/nlamirault/schema-hub/main/schemas/core.api.k8s.io/WindowsSecurityContextOptions_v1.json

▶ Usage examples

VS Code / yaml-language-server

# yaml-language-server: $schema=https://raw.githubusercontent.com/nlamirault/schema-hub/main/schemas/core.api.k8s.io/WindowsSecurityContextOptions_v1.json

kubeconform

kubeconform -schema-location 'https://raw.githubusercontent.com/nlamirault/schema-hub/main/schemas/{{ .Group }}/{{ .ResourceKind }}_{{ .ResourceAPIVersion }}.json' manifest.yaml

Resource Structure

gmsaCredentialSpecstring

GMSACredentialSpec is where the GMSA admission webhook (https://github.com/kubernetes-sigs/windows-gmsa) inlines the contents of the GMSA credential spec named by the GMSACredentialSpecName field.

gmsaCredentialSpecNamestring

GMSACredentialSpecName is the name of the GMSA credential spec to use.

hostProcessboolean

HostProcess determines if a container should be run as a 'Host Process' container. All of a Pod's containers must have the same effective HostProcess value (it is not allowed to have a mix of HostProcess containers and non-HostProcess containers). In addition, if HostProcess is true then HostNetwork must also be set to true.

runAsUserNamestring

The UserName in Windows to run the entrypoint of the container process. Defaults to the user specified in image metadata if unspecified. May also be set in PodSecurityContext. If set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext takes precedence.