Trivy misconfig : Use High Uid #86
Assignees
Comments
|
This violation can not be fixed, please find the details below Eventhough we didn’t set UID in helm template of the Job yaml (which creates the pod), the pod which actually gets created will get the runAsUser injected via the Openshift default SecurityContextConstraints. Please find the pod YAML which has the runAsUser https://ibm.box.com/s/cio2il1xsz6e0j2ymegchiuc4k0r6wm9 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Issue: https://avd.aquasec.com/misconfig/kubernetes/general/avd-ksv-0020/
Runs with UID <= 10000
Force the container to run with user ID > 10000 to avoid conflicts with the host’s user table.
Links : https://kubesec.io/basics/containers-securitycontext-runasuser/
Check: CKV_K8S_40: "Containers should run as a high UID to avoid host conflict"
Guide: https://docs.prismacloud.io/en/enterprise-edition/policy-reference/kubernetes-policies/kubernetes-policy-index/bc-k8s-37
The text was updated successfully, but these errors were encountered: