io.kubernetes.client.proto

Class V1beta1Extensions.PodSecurityPolicySpec.Builder

java.lang.Object

com.google.protobuf.AbstractMessageLite.Builder

com.google.protobuf.AbstractMessage.Builder<BuilderType>

com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Extensions.PodSecurityPolicySpec.Builder>

io.kubernetes.client.proto.V1beta1Extensions.PodSecurityPolicySpec.Builder

All Implemented Interfaces:

com.google.protobuf.Message.Builder, com.google.protobuf.MessageLite.Builder, com.google.protobuf.MessageLiteOrBuilder, com.google.protobuf.MessageOrBuilder, V1beta1Extensions.PodSecurityPolicySpecOrBuilder, Cloneable

Enclosing class:

V1beta1Extensions.PodSecurityPolicySpec

public static final class V1beta1Extensions.PodSecurityPolicySpec.Builder
extends com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Extensions.PodSecurityPolicySpec.Builder>
implements V1beta1Extensions.PodSecurityPolicySpecOrBuilder

 PodSecurityPolicySpec defines the policy enforced.
 Deprecated: use PodSecurityPolicySpec from policy API Group instead.
 

Protobuf type k8s.io.api.extensions.v1beta1.PodSecurityPolicySpec

Method Summary

Modifier and Type	Method and Description
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllAllowedCapabilities(Iterable<String> values) allowedCapabilities is a list of capabilities that can be requested to add to the container.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllAllowedFlexVolumes(Iterable<? extends V1beta1Extensions.AllowedFlexVolume> values) allowedFlexVolumes is a whitelist of allowed Flexvolumes.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllAllowedHostPaths(Iterable<? extends V1beta1Extensions.AllowedHostPath> values) allowedHostPaths is a white list of allowed host paths.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllAllowedProcMountTypes(Iterable<String> values) AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllAllowedUnsafeSysctls(Iterable<String> values) allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllDefaultAddCapabilities(Iterable<String> values) defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllForbiddenSysctls(Iterable<String> values) forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllHostPorts(Iterable<? extends V1beta1Extensions.HostPortRange> values) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllowedCapabilities(String value) allowedCapabilities is a list of capabilities that can be requested to add to the container.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllowedCapabilitiesBytes(com.google.protobuf.ByteString value) allowedCapabilities is a list of capabilities that can be requested to add to the container.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllowedFlexVolumes(int index, V1beta1Extensions.AllowedFlexVolume.Builder builderForValue) allowedFlexVolumes is a whitelist of allowed Flexvolumes.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllowedFlexVolumes(int index, V1beta1Extensions.AllowedFlexVolume value) allowedFlexVolumes is a whitelist of allowed Flexvolumes.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllowedFlexVolumes(V1beta1Extensions.AllowedFlexVolume.Builder builderForValue) allowedFlexVolumes is a whitelist of allowed Flexvolumes.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllowedFlexVolumes(V1beta1Extensions.AllowedFlexVolume value) allowedFlexVolumes is a whitelist of allowed Flexvolumes.
V1beta1Extensions.AllowedFlexVolume.Builder	addAllowedFlexVolumesBuilder() allowedFlexVolumes is a whitelist of allowed Flexvolumes.
V1beta1Extensions.AllowedFlexVolume.Builder	addAllowedFlexVolumesBuilder(int index) allowedFlexVolumes is a whitelist of allowed Flexvolumes.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllowedHostPaths(int index, V1beta1Extensions.AllowedHostPath.Builder builderForValue) allowedHostPaths is a white list of allowed host paths.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllowedHostPaths(int index, V1beta1Extensions.AllowedHostPath value) allowedHostPaths is a white list of allowed host paths.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllowedHostPaths(V1beta1Extensions.AllowedHostPath.Builder builderForValue) allowedHostPaths is a white list of allowed host paths.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllowedHostPaths(V1beta1Extensions.AllowedHostPath value) allowedHostPaths is a white list of allowed host paths.
V1beta1Extensions.AllowedHostPath.Builder	addAllowedHostPathsBuilder() allowedHostPaths is a white list of allowed host paths.
V1beta1Extensions.AllowedHostPath.Builder	addAllowedHostPathsBuilder(int index) allowedHostPaths is a white list of allowed host paths.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllowedProcMountTypes(String value) AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllowedProcMountTypesBytes(com.google.protobuf.ByteString value) AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllowedUnsafeSysctls(String value) allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllowedUnsafeSysctlsBytes(com.google.protobuf.ByteString value) allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllRequiredDropCapabilities(Iterable<String> values) requiredDropCapabilities are the capabilities that will be dropped from the container.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addAllVolumes(Iterable<String> values) volumes is a white list of allowed volume plugins.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addDefaultAddCapabilities(String value) defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addDefaultAddCapabilitiesBytes(com.google.protobuf.ByteString value) defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addForbiddenSysctls(String value) forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addForbiddenSysctlsBytes(com.google.protobuf.ByteString value) forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addHostPorts(int index, V1beta1Extensions.HostPortRange.Builder builderForValue) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addHostPorts(int index, V1beta1Extensions.HostPortRange value) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addHostPorts(V1beta1Extensions.HostPortRange.Builder builderForValue) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addHostPorts(V1beta1Extensions.HostPortRange value) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Extensions.HostPortRange.Builder	addHostPortsBuilder() hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Extensions.HostPortRange.Builder	addHostPortsBuilder(int index) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
V1beta1Extensions.PodSecurityPolicySpec.Builder	addRequiredDropCapabilities(String value) requiredDropCapabilities are the capabilities that will be dropped from the container.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addRequiredDropCapabilitiesBytes(com.google.protobuf.ByteString value) requiredDropCapabilities are the capabilities that will be dropped from the container.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addVolumes(String value) volumes is a white list of allowed volume plugins.
V1beta1Extensions.PodSecurityPolicySpec.Builder	addVolumesBytes(com.google.protobuf.ByteString value) volumes is a white list of allowed volume plugins.
V1beta1Extensions.PodSecurityPolicySpec	build()
V1beta1Extensions.PodSecurityPolicySpec	buildPartial()
V1beta1Extensions.PodSecurityPolicySpec.Builder	clear()
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearAllowedCapabilities() allowedCapabilities is a list of capabilities that can be requested to add to the container.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearAllowedFlexVolumes() allowedFlexVolumes is a whitelist of allowed Flexvolumes.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearAllowedHostPaths() allowedHostPaths is a white list of allowed host paths.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearAllowedProcMountTypes() AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearAllowedUnsafeSysctls() allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearAllowPrivilegeEscalation() allowPrivilegeEscalation determines if a pod can request to allow privilege escalation.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearDefaultAddCapabilities() defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearDefaultAllowPrivilegeEscalation() defaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearField(com.google.protobuf.Descriptors.FieldDescriptor field)
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearForbiddenSysctls() forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearFsGroup() fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearHostIPC() hostIPC determines if the policy allows the use of HostIPC in the pod spec.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearHostNetwork() hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearHostPID() hostPID determines if the policy allows the use of HostPID in the pod spec.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearHostPorts() hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearPrivileged() privileged determines if a pod can request to be run as privileged.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearReadOnlyRootFilesystem() readOnlyRootFilesystem when set to true will force containers to run with a read only root file system.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearRequiredDropCapabilities() requiredDropCapabilities are the capabilities that will be dropped from the container.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearRunAsGroup() RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearRunAsUser() runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearSeLinux() seLinux is the strategy that will dictate the allowable labels that may be set.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearSupplementalGroups() supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clearVolumes() volumes is a white list of allowed volume plugins.
V1beta1Extensions.PodSecurityPolicySpec.Builder	clone()
String	getAllowedCapabilities(int index) allowedCapabilities is a list of capabilities that can be requested to add to the container.
com.google.protobuf.ByteString	getAllowedCapabilitiesBytes(int index) allowedCapabilities is a list of capabilities that can be requested to add to the container.
int	getAllowedCapabilitiesCount() allowedCapabilities is a list of capabilities that can be requested to add to the container.
com.google.protobuf.ProtocolStringList	getAllowedCapabilitiesList() allowedCapabilities is a list of capabilities that can be requested to add to the container.
V1beta1Extensions.AllowedFlexVolume	getAllowedFlexVolumes(int index) allowedFlexVolumes is a whitelist of allowed Flexvolumes.
V1beta1Extensions.AllowedFlexVolume.Builder	getAllowedFlexVolumesBuilder(int index) allowedFlexVolumes is a whitelist of allowed Flexvolumes.
List<V1beta1Extensions.AllowedFlexVolume.Builder>	getAllowedFlexVolumesBuilderList() allowedFlexVolumes is a whitelist of allowed Flexvolumes.
int	getAllowedFlexVolumesCount() allowedFlexVolumes is a whitelist of allowed Flexvolumes.
List<V1beta1Extensions.AllowedFlexVolume>	getAllowedFlexVolumesList() allowedFlexVolumes is a whitelist of allowed Flexvolumes.
V1beta1Extensions.AllowedFlexVolumeOrBuilder	getAllowedFlexVolumesOrBuilder(int index) allowedFlexVolumes is a whitelist of allowed Flexvolumes.
List<? extends V1beta1Extensions.AllowedFlexVolumeOrBuilder>	getAllowedFlexVolumesOrBuilderList() allowedFlexVolumes is a whitelist of allowed Flexvolumes.
V1beta1Extensions.AllowedHostPath	getAllowedHostPaths(int index) allowedHostPaths is a white list of allowed host paths.
V1beta1Extensions.AllowedHostPath.Builder	getAllowedHostPathsBuilder(int index) allowedHostPaths is a white list of allowed host paths.
List<V1beta1Extensions.AllowedHostPath.Builder>	getAllowedHostPathsBuilderList() allowedHostPaths is a white list of allowed host paths.
int	getAllowedHostPathsCount() allowedHostPaths is a white list of allowed host paths.
List<V1beta1Extensions.AllowedHostPath>	getAllowedHostPathsList() allowedHostPaths is a white list of allowed host paths.
V1beta1Extensions.AllowedHostPathOrBuilder	getAllowedHostPathsOrBuilder(int index) allowedHostPaths is a white list of allowed host paths.
List<? extends V1beta1Extensions.AllowedHostPathOrBuilder>	getAllowedHostPathsOrBuilderList() allowedHostPaths is a white list of allowed host paths.
String	getAllowedProcMountTypes(int index) AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
com.google.protobuf.ByteString	getAllowedProcMountTypesBytes(int index) AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
int	getAllowedProcMountTypesCount() AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
com.google.protobuf.ProtocolStringList	getAllowedProcMountTypesList() AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
String	getAllowedUnsafeSysctls(int index) allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
com.google.protobuf.ByteString	getAllowedUnsafeSysctlsBytes(int index) allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
int	getAllowedUnsafeSysctlsCount() allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
com.google.protobuf.ProtocolStringList	getAllowedUnsafeSysctlsList() allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
boolean	getAllowPrivilegeEscalation() allowPrivilegeEscalation determines if a pod can request to allow privilege escalation.
String	getDefaultAddCapabilities(int index) defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
com.google.protobuf.ByteString	getDefaultAddCapabilitiesBytes(int index) defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
int	getDefaultAddCapabilitiesCount() defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
com.google.protobuf.ProtocolStringList	getDefaultAddCapabilitiesList() defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
boolean	getDefaultAllowPrivilegeEscalation() defaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.
V1beta1Extensions.PodSecurityPolicySpec	getDefaultInstanceForType()
static com.google.protobuf.Descriptors.Descriptor	getDescriptor()
com.google.protobuf.Descriptors.Descriptor	getDescriptorForType()
String	getForbiddenSysctls(int index) forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
com.google.protobuf.ByteString	getForbiddenSysctlsBytes(int index) forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
int	getForbiddenSysctlsCount() forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
com.google.protobuf.ProtocolStringList	getForbiddenSysctlsList() forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
V1beta1Extensions.FSGroupStrategyOptions	getFsGroup() fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
V1beta1Extensions.FSGroupStrategyOptions.Builder	getFsGroupBuilder() fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
V1beta1Extensions.FSGroupStrategyOptionsOrBuilder	getFsGroupOrBuilder() fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
boolean	getHostIPC() hostIPC determines if the policy allows the use of HostIPC in the pod spec.
boolean	getHostNetwork() hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
boolean	getHostPID() hostPID determines if the policy allows the use of HostPID in the pod spec.
V1beta1Extensions.HostPortRange	getHostPorts(int index) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Extensions.HostPortRange.Builder	getHostPortsBuilder(int index) hostPorts determines which host port ranges are allowed to be exposed.
List<V1beta1Extensions.HostPortRange.Builder>	getHostPortsBuilderList() hostPorts determines which host port ranges are allowed to be exposed.
int	getHostPortsCount() hostPorts determines which host port ranges are allowed to be exposed.
List<V1beta1Extensions.HostPortRange>	getHostPortsList() hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Extensions.HostPortRangeOrBuilder	getHostPortsOrBuilder(int index) hostPorts determines which host port ranges are allowed to be exposed.
List<? extends V1beta1Extensions.HostPortRangeOrBuilder>	getHostPortsOrBuilderList() hostPorts determines which host port ranges are allowed to be exposed.
boolean	getPrivileged() privileged determines if a pod can request to be run as privileged.
boolean	getReadOnlyRootFilesystem() readOnlyRootFilesystem when set to true will force containers to run with a read only root file system.
String	getRequiredDropCapabilities(int index) requiredDropCapabilities are the capabilities that will be dropped from the container.
com.google.protobuf.ByteString	getRequiredDropCapabilitiesBytes(int index) requiredDropCapabilities are the capabilities that will be dropped from the container.
int	getRequiredDropCapabilitiesCount() requiredDropCapabilities are the capabilities that will be dropped from the container.
com.google.protobuf.ProtocolStringList	getRequiredDropCapabilitiesList() requiredDropCapabilities are the capabilities that will be dropped from the container.
V1beta1Extensions.RunAsGroupStrategyOptions	getRunAsGroup() RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
V1beta1Extensions.RunAsGroupStrategyOptions.Builder	getRunAsGroupBuilder() RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
V1beta1Extensions.RunAsGroupStrategyOptionsOrBuilder	getRunAsGroupOrBuilder() RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
V1beta1Extensions.RunAsUserStrategyOptions	getRunAsUser() runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
V1beta1Extensions.RunAsUserStrategyOptions.Builder	getRunAsUserBuilder() runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
V1beta1Extensions.RunAsUserStrategyOptionsOrBuilder	getRunAsUserOrBuilder() runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
V1beta1Extensions.SELinuxStrategyOptions	getSeLinux() seLinux is the strategy that will dictate the allowable labels that may be set.
V1beta1Extensions.SELinuxStrategyOptions.Builder	getSeLinuxBuilder() seLinux is the strategy that will dictate the allowable labels that may be set.
V1beta1Extensions.SELinuxStrategyOptionsOrBuilder	getSeLinuxOrBuilder() seLinux is the strategy that will dictate the allowable labels that may be set.
V1beta1Extensions.SupplementalGroupsStrategyOptions	getSupplementalGroups() supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
V1beta1Extensions.SupplementalGroupsStrategyOptions.Builder	getSupplementalGroupsBuilder() supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
V1beta1Extensions.SupplementalGroupsStrategyOptionsOrBuilder	getSupplementalGroupsOrBuilder() supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
String	getVolumes(int index) volumes is a white list of allowed volume plugins.
com.google.protobuf.ByteString	getVolumesBytes(int index) volumes is a white list of allowed volume plugins.
int	getVolumesCount() volumes is a white list of allowed volume plugins.
com.google.protobuf.ProtocolStringList	getVolumesList() volumes is a white list of allowed volume plugins.
boolean	hasAllowPrivilegeEscalation() allowPrivilegeEscalation determines if a pod can request to allow privilege escalation.
boolean	hasDefaultAllowPrivilegeEscalation() defaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.
boolean	hasFsGroup() fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
boolean	hasHostIPC() hostIPC determines if the policy allows the use of HostIPC in the pod spec.
boolean	hasHostNetwork() hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
boolean	hasHostPID() hostPID determines if the policy allows the use of HostPID in the pod spec.
boolean	hasPrivileged() privileged determines if a pod can request to be run as privileged.
boolean	hasReadOnlyRootFilesystem() readOnlyRootFilesystem when set to true will force containers to run with a read only root file system.
boolean	hasRunAsGroup() RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
boolean	hasRunAsUser() runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
boolean	hasSeLinux() seLinux is the strategy that will dictate the allowable labels that may be set.
boolean	hasSupplementalGroups() supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable	internalGetFieldAccessorTable()
boolean	isInitialized()
V1beta1Extensions.PodSecurityPolicySpec.Builder	mergeFrom(com.google.protobuf.CodedInputStream input, com.google.protobuf.ExtensionRegistryLite extensionRegistry)
V1beta1Extensions.PodSecurityPolicySpec.Builder	mergeFrom(com.google.protobuf.Message other)
V1beta1Extensions.PodSecurityPolicySpec.Builder	mergeFrom(V1beta1Extensions.PodSecurityPolicySpec other)
V1beta1Extensions.PodSecurityPolicySpec.Builder	mergeFsGroup(V1beta1Extensions.FSGroupStrategyOptions value) fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
V1beta1Extensions.PodSecurityPolicySpec.Builder	mergeRunAsGroup(V1beta1Extensions.RunAsGroupStrategyOptions value) RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
V1beta1Extensions.PodSecurityPolicySpec.Builder	mergeRunAsUser(V1beta1Extensions.RunAsUserStrategyOptions value) runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
V1beta1Extensions.PodSecurityPolicySpec.Builder	mergeSeLinux(V1beta1Extensions.SELinuxStrategyOptions value) seLinux is the strategy that will dictate the allowable labels that may be set.
V1beta1Extensions.PodSecurityPolicySpec.Builder	mergeSupplementalGroups(V1beta1Extensions.SupplementalGroupsStrategyOptions value) supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
V1beta1Extensions.PodSecurityPolicySpec.Builder	mergeUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
V1beta1Extensions.PodSecurityPolicySpec.Builder	removeAllowedFlexVolumes(int index) allowedFlexVolumes is a whitelist of allowed Flexvolumes.
V1beta1Extensions.PodSecurityPolicySpec.Builder	removeAllowedHostPaths(int index) allowedHostPaths is a white list of allowed host paths.
V1beta1Extensions.PodSecurityPolicySpec.Builder	removeHostPorts(int index) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setAllowedCapabilities(int index, String value) allowedCapabilities is a list of capabilities that can be requested to add to the container.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setAllowedFlexVolumes(int index, V1beta1Extensions.AllowedFlexVolume.Builder builderForValue) allowedFlexVolumes is a whitelist of allowed Flexvolumes.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setAllowedFlexVolumes(int index, V1beta1Extensions.AllowedFlexVolume value) allowedFlexVolumes is a whitelist of allowed Flexvolumes.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setAllowedHostPaths(int index, V1beta1Extensions.AllowedHostPath.Builder builderForValue) allowedHostPaths is a white list of allowed host paths.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setAllowedHostPaths(int index, V1beta1Extensions.AllowedHostPath value) allowedHostPaths is a white list of allowed host paths.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setAllowedProcMountTypes(int index, String value) AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setAllowedUnsafeSysctls(int index, String value) allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setAllowPrivilegeEscalation(boolean value) allowPrivilegeEscalation determines if a pod can request to allow privilege escalation.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setDefaultAddCapabilities(int index, String value) defaultAddCapabilities is the default set of capabilities that will be added to the container unless the pod spec specifically drops the capability.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setDefaultAllowPrivilegeEscalation(boolean value) defaultAllowPrivilegeEscalation controls the default setting for whether a process can gain more privileges than its parent process.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setField(com.google.protobuf.Descriptors.FieldDescriptor field, Object value)
V1beta1Extensions.PodSecurityPolicySpec.Builder	setForbiddenSysctls(int index, String value) forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setFsGroup(V1beta1Extensions.FSGroupStrategyOptions.Builder builderForValue) fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setFsGroup(V1beta1Extensions.FSGroupStrategyOptions value) fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setHostIPC(boolean value) hostIPC determines if the policy allows the use of HostIPC in the pod spec.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setHostNetwork(boolean value) hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setHostPID(boolean value) hostPID determines if the policy allows the use of HostPID in the pod spec.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setHostPorts(int index, V1beta1Extensions.HostPortRange.Builder builderForValue) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setHostPorts(int index, V1beta1Extensions.HostPortRange value) hostPorts determines which host port ranges are allowed to be exposed.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setPrivileged(boolean value) privileged determines if a pod can request to be run as privileged.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setReadOnlyRootFilesystem(boolean value) readOnlyRootFilesystem when set to true will force containers to run with a read only root file system.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field, int index, Object value)
V1beta1Extensions.PodSecurityPolicySpec.Builder	setRequiredDropCapabilities(int index, String value) requiredDropCapabilities are the capabilities that will be dropped from the container.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setRunAsGroup(V1beta1Extensions.RunAsGroupStrategyOptions.Builder builderForValue) RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setRunAsGroup(V1beta1Extensions.RunAsGroupStrategyOptions value) RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setRunAsUser(V1beta1Extensions.RunAsUserStrategyOptions.Builder builderForValue) runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setRunAsUser(V1beta1Extensions.RunAsUserStrategyOptions value) runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setSeLinux(V1beta1Extensions.SELinuxStrategyOptions.Builder builderForValue) seLinux is the strategy that will dictate the allowable labels that may be set.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setSeLinux(V1beta1Extensions.SELinuxStrategyOptions value) seLinux is the strategy that will dictate the allowable labels that may be set.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setSupplementalGroups(V1beta1Extensions.SupplementalGroupsStrategyOptions.Builder builderForValue) supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setSupplementalGroups(V1beta1Extensions.SupplementalGroupsStrategyOptions value) supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
V1beta1Extensions.PodSecurityPolicySpec.Builder	setUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)
V1beta1Extensions.PodSecurityPolicySpec.Builder	setVolumes(int index, String value) volumes is a white list of allowed volume plugins.

Methods inherited from class com.google.protobuf.GeneratedMessageV3.Builder

getAllFields, getField, getFieldBuilder, getOneofFieldDescriptor, getParentForChildren, getRepeatedField, getRepeatedFieldBuilder, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof, internalGetMapField, internalGetMutableMapField, isClean, markClean, newBuilderForField, onBuilt, onChanged, setUnknownFieldsProto3

Methods inherited from class com.google.protobuf.AbstractMessage.Builder

findInitializationErrors, getInitializationErrorString, internalMergeFrom, mergeDelimitedFrom, mergeDelimitedFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, mergeFrom, newUninitializedMessageException, toString

Methods inherited from class com.google.protobuf.AbstractMessageLite.Builder

addAll, addAll, mergeFrom, newUninitializedMessageException

Methods inherited from class java.lang.Object

equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

Methods inherited from interface com.google.protobuf.MessageOrBuilder

findInitializationErrors, getAllFields, getField, getInitializationErrorString, getOneofFieldDescriptor, getRepeatedField, getRepeatedFieldCount, getUnknownFields, hasField, hasOneof

Methods inherited from interface com.google.protobuf.MessageLite.Builder

mergeFrom

Method Detail

getDescriptor

public static final com.google.protobuf.Descriptors.Descriptor getDescriptor()

internalGetFieldAccessorTable

protected com.google.protobuf.GeneratedMessageV3.FieldAccessorTable internalGetFieldAccessorTable()

Specified by:

internalGetFieldAccessorTable in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Extensions.PodSecurityPolicySpec.Builder>

clear

public V1beta1Extensions.PodSecurityPolicySpec.Builder clear()

Specified by:

clear in interface com.google.protobuf.Message.Builder

Specified by:

clear in interface com.google.protobuf.MessageLite.Builder

Overrides:

clear in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Extensions.PodSecurityPolicySpec.Builder>

getDescriptorForType

public com.google.protobuf.Descriptors.Descriptor getDescriptorForType()

Specified by:

getDescriptorForType in interface com.google.protobuf.Message.Builder

Specified by:

getDescriptorForType in interface com.google.protobuf.MessageOrBuilder

Overrides:

getDescriptorForType in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Extensions.PodSecurityPolicySpec.Builder>

getDefaultInstanceForType

public V1beta1Extensions.PodSecurityPolicySpec getDefaultInstanceForType()

Specified by:

getDefaultInstanceForType in interface com.google.protobuf.MessageLiteOrBuilder

Specified by:

getDefaultInstanceForType in interface com.google.protobuf.MessageOrBuilder

build

public V1beta1Extensions.PodSecurityPolicySpec build()

Specified by:

build in interface com.google.protobuf.Message.Builder

Specified by:

build in interface com.google.protobuf.MessageLite.Builder

buildPartial

public V1beta1Extensions.PodSecurityPolicySpec buildPartial()

Specified by:

buildPartial in interface com.google.protobuf.Message.Builder

Specified by:

buildPartial in interface com.google.protobuf.MessageLite.Builder

clone

public V1beta1Extensions.PodSecurityPolicySpec.Builder clone()

Specified by:

clone in interface com.google.protobuf.Message.Builder

Specified by:

clone in interface com.google.protobuf.MessageLite.Builder

Overrides:

clone in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Extensions.PodSecurityPolicySpec.Builder>

setField

public V1beta1Extensions.PodSecurityPolicySpec.Builder setField(com.google.protobuf.Descriptors.FieldDescriptor field,
                                                                Object value)

Specified by:

setField in interface com.google.protobuf.Message.Builder

Overrides:

setField in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Extensions.PodSecurityPolicySpec.Builder>

clearField

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearField(com.google.protobuf.Descriptors.FieldDescriptor field)

Specified by:

clearField in interface com.google.protobuf.Message.Builder

Overrides:

clearField in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Extensions.PodSecurityPolicySpec.Builder>

clearOneof

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearOneof(com.google.protobuf.Descriptors.OneofDescriptor oneof)

Specified by:

clearOneof in interface com.google.protobuf.Message.Builder

Overrides:

clearOneof in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Extensions.PodSecurityPolicySpec.Builder>

setRepeatedField

public V1beta1Extensions.PodSecurityPolicySpec.Builder setRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field,
                                                                        int index,
                                                                        Object value)

Specified by:

setRepeatedField in interface com.google.protobuf.Message.Builder

Overrides:

setRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Extensions.PodSecurityPolicySpec.Builder>

addRepeatedField

public V1beta1Extensions.PodSecurityPolicySpec.Builder addRepeatedField(com.google.protobuf.Descriptors.FieldDescriptor field,
                                                                        Object value)

Specified by:

addRepeatedField in interface com.google.protobuf.Message.Builder

Overrides:

addRepeatedField in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Extensions.PodSecurityPolicySpec.Builder>

mergeFrom

public V1beta1Extensions.PodSecurityPolicySpec.Builder mergeFrom(com.google.protobuf.Message other)

Specified by:

mergeFrom in interface com.google.protobuf.Message.Builder

Overrides:

mergeFrom in class com.google.protobuf.AbstractMessage.Builder<V1beta1Extensions.PodSecurityPolicySpec.Builder>

mergeFrom

public V1beta1Extensions.PodSecurityPolicySpec.Builder mergeFrom(V1beta1Extensions.PodSecurityPolicySpec other)

isInitialized

public final boolean isInitialized()

Specified by:

isInitialized in interface com.google.protobuf.MessageLiteOrBuilder

Overrides:

isInitialized in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Extensions.PodSecurityPolicySpec.Builder>

mergeFrom

public V1beta1Extensions.PodSecurityPolicySpec.Builder mergeFrom(com.google.protobuf.CodedInputStream input,
                                                                 com.google.protobuf.ExtensionRegistryLite extensionRegistry)
                                                          throws IOException

Specified by:

mergeFrom in interface com.google.protobuf.Message.Builder

Specified by:

mergeFrom in interface com.google.protobuf.MessageLite.Builder

Overrides:

mergeFrom in class com.google.protobuf.AbstractMessage.Builder<V1beta1Extensions.PodSecurityPolicySpec.Builder>

Throws:

IOException

hasPrivileged

public boolean hasPrivileged()

 privileged determines if a pod can request to be run as privileged.
 +optional
 

optional bool privileged = 1;

Specified by:

hasPrivileged in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getPrivileged

public boolean getPrivileged()

 privileged determines if a pod can request to be run as privileged.
 +optional
 

optional bool privileged = 1;

Specified by:

getPrivileged in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setPrivileged

public V1beta1Extensions.PodSecurityPolicySpec.Builder setPrivileged(boolean value)

 privileged determines if a pod can request to be run as privileged.
 +optional
 

optional bool privileged = 1;

clearPrivileged

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearPrivileged()

 privileged determines if a pod can request to be run as privileged.
 +optional
 

optional bool privileged = 1;

getDefaultAddCapabilitiesList

public com.google.protobuf.ProtocolStringList getDefaultAddCapabilitiesList()

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

Specified by:

getDefaultAddCapabilitiesList in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getDefaultAddCapabilitiesCount

public int getDefaultAddCapabilitiesCount()

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

Specified by:

getDefaultAddCapabilitiesCount in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getDefaultAddCapabilities

public String getDefaultAddCapabilities(int index)

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

Specified by:

getDefaultAddCapabilities in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getDefaultAddCapabilitiesBytes

public com.google.protobuf.ByteString getDefaultAddCapabilitiesBytes(int index)

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

Specified by:

getDefaultAddCapabilitiesBytes in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setDefaultAddCapabilities

public V1beta1Extensions.PodSecurityPolicySpec.Builder setDefaultAddCapabilities(int index,
                                                                                 String value)

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

addDefaultAddCapabilities

public V1beta1Extensions.PodSecurityPolicySpec.Builder addDefaultAddCapabilities(String value)

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

addAllDefaultAddCapabilities

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllDefaultAddCapabilities(Iterable<String> values)

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

clearDefaultAddCapabilities

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearDefaultAddCapabilities()

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

addDefaultAddCapabilitiesBytes

public V1beta1Extensions.PodSecurityPolicySpec.Builder addDefaultAddCapabilitiesBytes(com.google.protobuf.ByteString value)

 defaultAddCapabilities is the default set of capabilities that will be added to the container
 unless the pod spec specifically drops the capability.  You may not list a capability in both
 defaultAddCapabilities and requiredDropCapabilities. Capabilities added here are implicitly
 allowed, and need not be included in the allowedCapabilities list.
 +optional
 

repeated string defaultAddCapabilities = 2;

getRequiredDropCapabilitiesList

public com.google.protobuf.ProtocolStringList getRequiredDropCapabilitiesList()

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

Specified by:

getRequiredDropCapabilitiesList in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getRequiredDropCapabilitiesCount

public int getRequiredDropCapabilitiesCount()

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

Specified by:

getRequiredDropCapabilitiesCount in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getRequiredDropCapabilities

public String getRequiredDropCapabilities(int index)

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

Specified by:

getRequiredDropCapabilities in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getRequiredDropCapabilitiesBytes

public com.google.protobuf.ByteString getRequiredDropCapabilitiesBytes(int index)

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

Specified by:

getRequiredDropCapabilitiesBytes in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setRequiredDropCapabilities

public V1beta1Extensions.PodSecurityPolicySpec.Builder setRequiredDropCapabilities(int index,
                                                                                   String value)

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

addRequiredDropCapabilities

public V1beta1Extensions.PodSecurityPolicySpec.Builder addRequiredDropCapabilities(String value)

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

addAllRequiredDropCapabilities

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllRequiredDropCapabilities(Iterable<String> values)

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

clearRequiredDropCapabilities

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearRequiredDropCapabilities()

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

addRequiredDropCapabilitiesBytes

public V1beta1Extensions.PodSecurityPolicySpec.Builder addRequiredDropCapabilitiesBytes(com.google.protobuf.ByteString value)

 requiredDropCapabilities are the capabilities that will be dropped from the container.  These
 are required to be dropped and cannot be added.
 +optional
 

repeated string requiredDropCapabilities = 3;

getAllowedCapabilitiesList

public com.google.protobuf.ProtocolStringList getAllowedCapabilitiesList()

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

Specified by:

getAllowedCapabilitiesList in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getAllowedCapabilitiesCount

public int getAllowedCapabilitiesCount()

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

Specified by:

getAllowedCapabilitiesCount in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getAllowedCapabilities

public String getAllowedCapabilities(int index)

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

Specified by:

getAllowedCapabilities in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getAllowedCapabilitiesBytes

public com.google.protobuf.ByteString getAllowedCapabilitiesBytes(int index)

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

Specified by:

getAllowedCapabilitiesBytes in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setAllowedCapabilities

public V1beta1Extensions.PodSecurityPolicySpec.Builder setAllowedCapabilities(int index,
                                                                              String value)

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

addAllowedCapabilities

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllowedCapabilities(String value)

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

addAllAllowedCapabilities

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllAllowedCapabilities(Iterable<String> values)

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

clearAllowedCapabilities

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearAllowedCapabilities()

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

addAllowedCapabilitiesBytes

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllowedCapabilitiesBytes(com.google.protobuf.ByteString value)

 allowedCapabilities is a list of capabilities that can be requested to add to the container.
 Capabilities in this field may be added at the pod author's discretion.
 You must not list a capability in both allowedCapabilities and requiredDropCapabilities.
 +optional
 

repeated string allowedCapabilities = 4;

getVolumesList

public com.google.protobuf.ProtocolStringList getVolumesList()

 volumes is a white list of allowed volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

Specified by:

getVolumesList in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getVolumesCount

public int getVolumesCount()

 volumes is a white list of allowed volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

Specified by:

getVolumesCount in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getVolumes

public String getVolumes(int index)

 volumes is a white list of allowed volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

Specified by:

getVolumes in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getVolumesBytes

public com.google.protobuf.ByteString getVolumesBytes(int index)

 volumes is a white list of allowed volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

Specified by:

getVolumesBytes in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setVolumes

public V1beta1Extensions.PodSecurityPolicySpec.Builder setVolumes(int index,
                                                                  String value)

 volumes is a white list of allowed volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

addVolumes

public V1beta1Extensions.PodSecurityPolicySpec.Builder addVolumes(String value)

 volumes is a white list of allowed volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

addAllVolumes

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllVolumes(Iterable<String> values)

 volumes is a white list of allowed volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

clearVolumes

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearVolumes()

 volumes is a white list of allowed volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

addVolumesBytes

public V1beta1Extensions.PodSecurityPolicySpec.Builder addVolumesBytes(com.google.protobuf.ByteString value)

 volumes is a white list of allowed volume plugins. Empty indicates that
 no volumes may be used. To allow all volumes you may use '*'.
 +optional
 

repeated string volumes = 5;

hasHostNetwork

public boolean hasHostNetwork()

 hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
 +optional
 

optional bool hostNetwork = 6;

Specified by:

hasHostNetwork in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getHostNetwork

public boolean getHostNetwork()

 hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
 +optional
 

optional bool hostNetwork = 6;

Specified by:

getHostNetwork in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setHostNetwork

public V1beta1Extensions.PodSecurityPolicySpec.Builder setHostNetwork(boolean value)

 hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
 +optional
 

optional bool hostNetwork = 6;

clearHostNetwork

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearHostNetwork()

 hostNetwork determines if the policy allows the use of HostNetwork in the pod spec.
 +optional
 

optional bool hostNetwork = 6;

getHostPortsList

public List<V1beta1Extensions.HostPortRange> getHostPortsList()

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

Specified by:

getHostPortsList in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getHostPortsCount

public int getHostPortsCount()

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

Specified by:

getHostPortsCount in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getHostPorts

public V1beta1Extensions.HostPortRange getHostPorts(int index)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

Specified by:

getHostPorts in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setHostPorts

public V1beta1Extensions.PodSecurityPolicySpec.Builder setHostPorts(int index,
                                                                    V1beta1Extensions.HostPortRange value)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

setHostPorts

public V1beta1Extensions.PodSecurityPolicySpec.Builder setHostPorts(int index,
                                                                    V1beta1Extensions.HostPortRange.Builder builderForValue)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

addHostPorts

public V1beta1Extensions.PodSecurityPolicySpec.Builder addHostPorts(V1beta1Extensions.HostPortRange value)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

addHostPorts

public V1beta1Extensions.PodSecurityPolicySpec.Builder addHostPorts(int index,
                                                                    V1beta1Extensions.HostPortRange value)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

addHostPorts

public V1beta1Extensions.PodSecurityPolicySpec.Builder addHostPorts(V1beta1Extensions.HostPortRange.Builder builderForValue)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

addHostPorts

public V1beta1Extensions.PodSecurityPolicySpec.Builder addHostPorts(int index,
                                                                    V1beta1Extensions.HostPortRange.Builder builderForValue)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

addAllHostPorts

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllHostPorts(Iterable<? extends V1beta1Extensions.HostPortRange> values)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

clearHostPorts

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearHostPorts()

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

removeHostPorts

public V1beta1Extensions.PodSecurityPolicySpec.Builder removeHostPorts(int index)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

getHostPortsBuilder

public V1beta1Extensions.HostPortRange.Builder getHostPortsBuilder(int index)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

getHostPortsOrBuilder

public V1beta1Extensions.HostPortRangeOrBuilder getHostPortsOrBuilder(int index)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

Specified by:

getHostPortsOrBuilder in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getHostPortsOrBuilderList

public List<? extends V1beta1Extensions.HostPortRangeOrBuilder> getHostPortsOrBuilderList()

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

Specified by:

getHostPortsOrBuilderList in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

addHostPortsBuilder

public V1beta1Extensions.HostPortRange.Builder addHostPortsBuilder()

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

addHostPortsBuilder

public V1beta1Extensions.HostPortRange.Builder addHostPortsBuilder(int index)

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

getHostPortsBuilderList

public List<V1beta1Extensions.HostPortRange.Builder> getHostPortsBuilderList()

 hostPorts determines which host port ranges are allowed to be exposed.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.HostPortRange hostPorts = 7;

hasHostPID

public boolean hasHostPID()

 hostPID determines if the policy allows the use of HostPID in the pod spec.
 +optional
 

optional bool hostPID = 8;

Specified by:

hasHostPID in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getHostPID

public boolean getHostPID()

 hostPID determines if the policy allows the use of HostPID in the pod spec.
 +optional
 

optional bool hostPID = 8;

Specified by:

getHostPID in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setHostPID

public V1beta1Extensions.PodSecurityPolicySpec.Builder setHostPID(boolean value)

 hostPID determines if the policy allows the use of HostPID in the pod spec.
 +optional
 

optional bool hostPID = 8;

clearHostPID

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearHostPID()

 hostPID determines if the policy allows the use of HostPID in the pod spec.
 +optional
 

optional bool hostPID = 8;

hasHostIPC

public boolean hasHostIPC()

 hostIPC determines if the policy allows the use of HostIPC in the pod spec.
 +optional
 

optional bool hostIPC = 9;

Specified by:

hasHostIPC in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getHostIPC

public boolean getHostIPC()

 hostIPC determines if the policy allows the use of HostIPC in the pod spec.
 +optional
 

optional bool hostIPC = 9;

Specified by:

getHostIPC in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setHostIPC

public V1beta1Extensions.PodSecurityPolicySpec.Builder setHostIPC(boolean value)

 hostIPC determines if the policy allows the use of HostIPC in the pod spec.
 +optional
 

optional bool hostIPC = 9;

clearHostIPC

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearHostIPC()

 hostIPC determines if the policy allows the use of HostIPC in the pod spec.
 +optional
 

optional bool hostIPC = 9;

hasSeLinux

public boolean hasSeLinux()

 seLinux is the strategy that will dictate the allowable labels that may be set.
 

optional .k8s.io.api.extensions.v1beta1.SELinuxStrategyOptions seLinux = 10;

Specified by:

hasSeLinux in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getSeLinux

public V1beta1Extensions.SELinuxStrategyOptions getSeLinux()

 seLinux is the strategy that will dictate the allowable labels that may be set.
 

optional .k8s.io.api.extensions.v1beta1.SELinuxStrategyOptions seLinux = 10;

Specified by:

getSeLinux in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setSeLinux

public V1beta1Extensions.PodSecurityPolicySpec.Builder setSeLinux(V1beta1Extensions.SELinuxStrategyOptions value)

 seLinux is the strategy that will dictate the allowable labels that may be set.
 

optional .k8s.io.api.extensions.v1beta1.SELinuxStrategyOptions seLinux = 10;

setSeLinux

public V1beta1Extensions.PodSecurityPolicySpec.Builder setSeLinux(V1beta1Extensions.SELinuxStrategyOptions.Builder builderForValue)

 seLinux is the strategy that will dictate the allowable labels that may be set.
 

optional .k8s.io.api.extensions.v1beta1.SELinuxStrategyOptions seLinux = 10;

mergeSeLinux

public V1beta1Extensions.PodSecurityPolicySpec.Builder mergeSeLinux(V1beta1Extensions.SELinuxStrategyOptions value)

 seLinux is the strategy that will dictate the allowable labels that may be set.
 

optional .k8s.io.api.extensions.v1beta1.SELinuxStrategyOptions seLinux = 10;

clearSeLinux

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearSeLinux()

 seLinux is the strategy that will dictate the allowable labels that may be set.
 

optional .k8s.io.api.extensions.v1beta1.SELinuxStrategyOptions seLinux = 10;

getSeLinuxBuilder

public V1beta1Extensions.SELinuxStrategyOptions.Builder getSeLinuxBuilder()

 seLinux is the strategy that will dictate the allowable labels that may be set.
 

optional .k8s.io.api.extensions.v1beta1.SELinuxStrategyOptions seLinux = 10;

getSeLinuxOrBuilder

public V1beta1Extensions.SELinuxStrategyOptionsOrBuilder getSeLinuxOrBuilder()

 seLinux is the strategy that will dictate the allowable labels that may be set.
 

optional .k8s.io.api.extensions.v1beta1.SELinuxStrategyOptions seLinux = 10;

Specified by:

getSeLinuxOrBuilder in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

hasRunAsUser

public boolean hasRunAsUser()

 runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
 

optional .k8s.io.api.extensions.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

Specified by:

hasRunAsUser in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getRunAsUser

public V1beta1Extensions.RunAsUserStrategyOptions getRunAsUser()

 runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
 

optional .k8s.io.api.extensions.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

Specified by:

getRunAsUser in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setRunAsUser

public V1beta1Extensions.PodSecurityPolicySpec.Builder setRunAsUser(V1beta1Extensions.RunAsUserStrategyOptions value)

 runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
 

optional .k8s.io.api.extensions.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

setRunAsUser

public V1beta1Extensions.PodSecurityPolicySpec.Builder setRunAsUser(V1beta1Extensions.RunAsUserStrategyOptions.Builder builderForValue)

 runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
 

optional .k8s.io.api.extensions.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

mergeRunAsUser

public V1beta1Extensions.PodSecurityPolicySpec.Builder mergeRunAsUser(V1beta1Extensions.RunAsUserStrategyOptions value)

 runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
 

optional .k8s.io.api.extensions.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

clearRunAsUser

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearRunAsUser()

 runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
 

optional .k8s.io.api.extensions.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

getRunAsUserBuilder

public V1beta1Extensions.RunAsUserStrategyOptions.Builder getRunAsUserBuilder()

 runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
 

optional .k8s.io.api.extensions.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

getRunAsUserOrBuilder

public V1beta1Extensions.RunAsUserStrategyOptionsOrBuilder getRunAsUserOrBuilder()

 runAsUser is the strategy that will dictate the allowable RunAsUser values that may be set.
 

optional .k8s.io.api.extensions.v1beta1.RunAsUserStrategyOptions runAsUser = 11;

Specified by:

getRunAsUserOrBuilder in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

hasRunAsGroup

public boolean hasRunAsGroup()

 RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
 

optional .k8s.io.api.extensions.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

Specified by:

hasRunAsGroup in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getRunAsGroup

public V1beta1Extensions.RunAsGroupStrategyOptions getRunAsGroup()

 RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
 

optional .k8s.io.api.extensions.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

Specified by:

getRunAsGroup in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setRunAsGroup

public V1beta1Extensions.PodSecurityPolicySpec.Builder setRunAsGroup(V1beta1Extensions.RunAsGroupStrategyOptions value)

 RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
 

optional .k8s.io.api.extensions.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

setRunAsGroup

public V1beta1Extensions.PodSecurityPolicySpec.Builder setRunAsGroup(V1beta1Extensions.RunAsGroupStrategyOptions.Builder builderForValue)

 RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
 

optional .k8s.io.api.extensions.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

mergeRunAsGroup

public V1beta1Extensions.PodSecurityPolicySpec.Builder mergeRunAsGroup(V1beta1Extensions.RunAsGroupStrategyOptions value)

 RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
 

optional .k8s.io.api.extensions.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

clearRunAsGroup

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearRunAsGroup()

 RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
 

optional .k8s.io.api.extensions.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

getRunAsGroupBuilder

public V1beta1Extensions.RunAsGroupStrategyOptions.Builder getRunAsGroupBuilder()

 RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
 

optional .k8s.io.api.extensions.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

getRunAsGroupOrBuilder

public V1beta1Extensions.RunAsGroupStrategyOptionsOrBuilder getRunAsGroupOrBuilder()

 RunAsGroup is the strategy that will dictate the allowable RunAsGroup values that may be set.
 If this field is omitted, the pod's RunAsGroup can take any value. This field requires the
 RunAsGroup feature gate to be enabled.
 +optional
 

optional .k8s.io.api.extensions.v1beta1.RunAsGroupStrategyOptions runAsGroup = 22;

Specified by:

getRunAsGroupOrBuilder in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

hasSupplementalGroups

public boolean hasSupplementalGroups()

 supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
 

optional .k8s.io.api.extensions.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

Specified by:

hasSupplementalGroups in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getSupplementalGroups

public V1beta1Extensions.SupplementalGroupsStrategyOptions getSupplementalGroups()

 supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
 

optional .k8s.io.api.extensions.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

Specified by:

getSupplementalGroups in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setSupplementalGroups

public V1beta1Extensions.PodSecurityPolicySpec.Builder setSupplementalGroups(V1beta1Extensions.SupplementalGroupsStrategyOptions value)

 supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
 

optional .k8s.io.api.extensions.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

setSupplementalGroups

public V1beta1Extensions.PodSecurityPolicySpec.Builder setSupplementalGroups(V1beta1Extensions.SupplementalGroupsStrategyOptions.Builder builderForValue)

 supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
 

optional .k8s.io.api.extensions.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

mergeSupplementalGroups

public V1beta1Extensions.PodSecurityPolicySpec.Builder mergeSupplementalGroups(V1beta1Extensions.SupplementalGroupsStrategyOptions value)

 supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
 

optional .k8s.io.api.extensions.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

clearSupplementalGroups

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearSupplementalGroups()

 supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
 

optional .k8s.io.api.extensions.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

getSupplementalGroupsBuilder

public V1beta1Extensions.SupplementalGroupsStrategyOptions.Builder getSupplementalGroupsBuilder()

 supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
 

optional .k8s.io.api.extensions.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

getSupplementalGroupsOrBuilder

public V1beta1Extensions.SupplementalGroupsStrategyOptionsOrBuilder getSupplementalGroupsOrBuilder()

 supplementalGroups is the strategy that will dictate what supplemental groups are used by the SecurityContext.
 

optional .k8s.io.api.extensions.v1beta1.SupplementalGroupsStrategyOptions supplementalGroups = 12;

Specified by:

getSupplementalGroupsOrBuilder in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

hasFsGroup

public boolean hasFsGroup()

 fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
 

optional .k8s.io.api.extensions.v1beta1.FSGroupStrategyOptions fsGroup = 13;

Specified by:

hasFsGroup in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getFsGroup

public V1beta1Extensions.FSGroupStrategyOptions getFsGroup()

 fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
 

optional .k8s.io.api.extensions.v1beta1.FSGroupStrategyOptions fsGroup = 13;

Specified by:

getFsGroup in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setFsGroup

public V1beta1Extensions.PodSecurityPolicySpec.Builder setFsGroup(V1beta1Extensions.FSGroupStrategyOptions value)

 fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
 

optional .k8s.io.api.extensions.v1beta1.FSGroupStrategyOptions fsGroup = 13;

setFsGroup

public V1beta1Extensions.PodSecurityPolicySpec.Builder setFsGroup(V1beta1Extensions.FSGroupStrategyOptions.Builder builderForValue)

 fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
 

optional .k8s.io.api.extensions.v1beta1.FSGroupStrategyOptions fsGroup = 13;

mergeFsGroup

public V1beta1Extensions.PodSecurityPolicySpec.Builder mergeFsGroup(V1beta1Extensions.FSGroupStrategyOptions value)

 fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
 

optional .k8s.io.api.extensions.v1beta1.FSGroupStrategyOptions fsGroup = 13;

clearFsGroup

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearFsGroup()

 fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
 

optional .k8s.io.api.extensions.v1beta1.FSGroupStrategyOptions fsGroup = 13;

getFsGroupBuilder

public V1beta1Extensions.FSGroupStrategyOptions.Builder getFsGroupBuilder()

 fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
 

optional .k8s.io.api.extensions.v1beta1.FSGroupStrategyOptions fsGroup = 13;

getFsGroupOrBuilder

public V1beta1Extensions.FSGroupStrategyOptionsOrBuilder getFsGroupOrBuilder()

 fsGroup is the strategy that will dictate what fs group is used by the SecurityContext.
 

optional .k8s.io.api.extensions.v1beta1.FSGroupStrategyOptions fsGroup = 13;

Specified by:

getFsGroupOrBuilder in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

hasReadOnlyRootFilesystem

public boolean hasReadOnlyRootFilesystem()

 readOnlyRootFilesystem when set to true will force containers to run with a read only root file
 system.  If the container specifically requests to run with a non-read only root file system
 the PSP should deny the pod.
 If set to false the container may run with a read only root file system if it wishes but it
 will not be forced to.
 +optional
 

optional bool readOnlyRootFilesystem = 14;

Specified by:

hasReadOnlyRootFilesystem in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getReadOnlyRootFilesystem

public boolean getReadOnlyRootFilesystem()

 readOnlyRootFilesystem when set to true will force containers to run with a read only root file
 system.  If the container specifically requests to run with a non-read only root file system
 the PSP should deny the pod.
 If set to false the container may run with a read only root file system if it wishes but it
 will not be forced to.
 +optional
 

optional bool readOnlyRootFilesystem = 14;

Specified by:

getReadOnlyRootFilesystem in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setReadOnlyRootFilesystem

public V1beta1Extensions.PodSecurityPolicySpec.Builder setReadOnlyRootFilesystem(boolean value)

 readOnlyRootFilesystem when set to true will force containers to run with a read only root file
 system.  If the container specifically requests to run with a non-read only root file system
 the PSP should deny the pod.
 If set to false the container may run with a read only root file system if it wishes but it
 will not be forced to.
 +optional
 

optional bool readOnlyRootFilesystem = 14;

clearReadOnlyRootFilesystem

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearReadOnlyRootFilesystem()

 readOnlyRootFilesystem when set to true will force containers to run with a read only root file
 system.  If the container specifically requests to run with a non-read only root file system
 the PSP should deny the pod.
 If set to false the container may run with a read only root file system if it wishes but it
 will not be forced to.
 +optional
 

optional bool readOnlyRootFilesystem = 14;

hasDefaultAllowPrivilegeEscalation

public boolean hasDefaultAllowPrivilegeEscalation()

 defaultAllowPrivilegeEscalation controls the default setting for whether a
 process can gain more privileges than its parent process.
 +optional
 

optional bool defaultAllowPrivilegeEscalation = 15;

Specified by:

hasDefaultAllowPrivilegeEscalation in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getDefaultAllowPrivilegeEscalation

public boolean getDefaultAllowPrivilegeEscalation()

 defaultAllowPrivilegeEscalation controls the default setting for whether a
 process can gain more privileges than its parent process.
 +optional
 

optional bool defaultAllowPrivilegeEscalation = 15;

Specified by:

getDefaultAllowPrivilegeEscalation in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setDefaultAllowPrivilegeEscalation

public V1beta1Extensions.PodSecurityPolicySpec.Builder setDefaultAllowPrivilegeEscalation(boolean value)

 defaultAllowPrivilegeEscalation controls the default setting for whether a
 process can gain more privileges than its parent process.
 +optional
 

optional bool defaultAllowPrivilegeEscalation = 15;

clearDefaultAllowPrivilegeEscalation

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearDefaultAllowPrivilegeEscalation()

 defaultAllowPrivilegeEscalation controls the default setting for whether a
 process can gain more privileges than its parent process.
 +optional
 

optional bool defaultAllowPrivilegeEscalation = 15;

hasAllowPrivilegeEscalation

public boolean hasAllowPrivilegeEscalation()

 allowPrivilegeEscalation determines if a pod can request to allow
 privilege escalation. If unspecified, defaults to true.
 +optional
 

optional bool allowPrivilegeEscalation = 16;

Specified by:

hasAllowPrivilegeEscalation in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getAllowPrivilegeEscalation

public boolean getAllowPrivilegeEscalation()

 allowPrivilegeEscalation determines if a pod can request to allow
 privilege escalation. If unspecified, defaults to true.
 +optional
 

optional bool allowPrivilegeEscalation = 16;

Specified by:

getAllowPrivilegeEscalation in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setAllowPrivilegeEscalation

public V1beta1Extensions.PodSecurityPolicySpec.Builder setAllowPrivilegeEscalation(boolean value)

 allowPrivilegeEscalation determines if a pod can request to allow
 privilege escalation. If unspecified, defaults to true.
 +optional
 

optional bool allowPrivilegeEscalation = 16;

clearAllowPrivilegeEscalation

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearAllowPrivilegeEscalation()

 allowPrivilegeEscalation determines if a pod can request to allow
 privilege escalation. If unspecified, defaults to true.
 +optional
 

optional bool allowPrivilegeEscalation = 16;

getAllowedHostPathsList

public List<V1beta1Extensions.AllowedHostPath> getAllowedHostPathsList()

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

Specified by:

getAllowedHostPathsList in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getAllowedHostPathsCount

public int getAllowedHostPathsCount()

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

Specified by:

getAllowedHostPathsCount in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getAllowedHostPaths

public V1beta1Extensions.AllowedHostPath getAllowedHostPaths(int index)

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

Specified by:

getAllowedHostPaths in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setAllowedHostPaths

public V1beta1Extensions.PodSecurityPolicySpec.Builder setAllowedHostPaths(int index,
                                                                           V1beta1Extensions.AllowedHostPath value)

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

setAllowedHostPaths

public V1beta1Extensions.PodSecurityPolicySpec.Builder setAllowedHostPaths(int index,
                                                                           V1beta1Extensions.AllowedHostPath.Builder builderForValue)

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

addAllowedHostPaths

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllowedHostPaths(V1beta1Extensions.AllowedHostPath value)

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

addAllowedHostPaths

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllowedHostPaths(int index,
                                                                           V1beta1Extensions.AllowedHostPath value)

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

addAllowedHostPaths

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllowedHostPaths(V1beta1Extensions.AllowedHostPath.Builder builderForValue)

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

addAllowedHostPaths

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllowedHostPaths(int index,
                                                                           V1beta1Extensions.AllowedHostPath.Builder builderForValue)

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

addAllAllowedHostPaths

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllAllowedHostPaths(Iterable<? extends V1beta1Extensions.AllowedHostPath> values)

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

clearAllowedHostPaths

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearAllowedHostPaths()

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

removeAllowedHostPaths

public V1beta1Extensions.PodSecurityPolicySpec.Builder removeAllowedHostPaths(int index)

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

getAllowedHostPathsBuilder

public V1beta1Extensions.AllowedHostPath.Builder getAllowedHostPathsBuilder(int index)

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

getAllowedHostPathsOrBuilder

public V1beta1Extensions.AllowedHostPathOrBuilder getAllowedHostPathsOrBuilder(int index)

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

Specified by:

getAllowedHostPathsOrBuilder in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getAllowedHostPathsOrBuilderList

public List<? extends V1beta1Extensions.AllowedHostPathOrBuilder> getAllowedHostPathsOrBuilderList()

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

Specified by:

getAllowedHostPathsOrBuilderList in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

addAllowedHostPathsBuilder

public V1beta1Extensions.AllowedHostPath.Builder addAllowedHostPathsBuilder()

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

addAllowedHostPathsBuilder

public V1beta1Extensions.AllowedHostPath.Builder addAllowedHostPathsBuilder(int index)

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

getAllowedHostPathsBuilderList

public List<V1beta1Extensions.AllowedHostPath.Builder> getAllowedHostPathsBuilderList()

 allowedHostPaths is a white list of allowed host paths. Empty indicates
 that all host paths may be used.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedHostPath allowedHostPaths = 17;

getAllowedFlexVolumesList

public List<V1beta1Extensions.AllowedFlexVolume> getAllowedFlexVolumesList()

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

Specified by:

getAllowedFlexVolumesList in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getAllowedFlexVolumesCount

public int getAllowedFlexVolumesCount()

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

Specified by:

getAllowedFlexVolumesCount in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getAllowedFlexVolumes

public V1beta1Extensions.AllowedFlexVolume getAllowedFlexVolumes(int index)

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

Specified by:

getAllowedFlexVolumes in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setAllowedFlexVolumes

public V1beta1Extensions.PodSecurityPolicySpec.Builder setAllowedFlexVolumes(int index,
                                                                             V1beta1Extensions.AllowedFlexVolume value)

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

setAllowedFlexVolumes

public V1beta1Extensions.PodSecurityPolicySpec.Builder setAllowedFlexVolumes(int index,
                                                                             V1beta1Extensions.AllowedFlexVolume.Builder builderForValue)

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

addAllowedFlexVolumes

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllowedFlexVolumes(V1beta1Extensions.AllowedFlexVolume value)

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

addAllowedFlexVolumes

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllowedFlexVolumes(int index,
                                                                             V1beta1Extensions.AllowedFlexVolume value)

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

addAllowedFlexVolumes

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllowedFlexVolumes(V1beta1Extensions.AllowedFlexVolume.Builder builderForValue)

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

addAllowedFlexVolumes

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllowedFlexVolumes(int index,
                                                                             V1beta1Extensions.AllowedFlexVolume.Builder builderForValue)

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

addAllAllowedFlexVolumes

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllAllowedFlexVolumes(Iterable<? extends V1beta1Extensions.AllowedFlexVolume> values)

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

clearAllowedFlexVolumes

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearAllowedFlexVolumes()

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

removeAllowedFlexVolumes

public V1beta1Extensions.PodSecurityPolicySpec.Builder removeAllowedFlexVolumes(int index)

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

getAllowedFlexVolumesBuilder

public V1beta1Extensions.AllowedFlexVolume.Builder getAllowedFlexVolumesBuilder(int index)

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

getAllowedFlexVolumesOrBuilder

public V1beta1Extensions.AllowedFlexVolumeOrBuilder getAllowedFlexVolumesOrBuilder(int index)

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

Specified by:

getAllowedFlexVolumesOrBuilder in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getAllowedFlexVolumesOrBuilderList

public List<? extends V1beta1Extensions.AllowedFlexVolumeOrBuilder> getAllowedFlexVolumesOrBuilderList()

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

Specified by:

getAllowedFlexVolumesOrBuilderList in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

addAllowedFlexVolumesBuilder

public V1beta1Extensions.AllowedFlexVolume.Builder addAllowedFlexVolumesBuilder()

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

addAllowedFlexVolumesBuilder

public V1beta1Extensions.AllowedFlexVolume.Builder addAllowedFlexVolumesBuilder(int index)

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

getAllowedFlexVolumesBuilderList

public List<V1beta1Extensions.AllowedFlexVolume.Builder> getAllowedFlexVolumesBuilderList()

 allowedFlexVolumes is a whitelist of allowed Flexvolumes.  Empty or nil indicates that all
 Flexvolumes may be used.  This parameter is effective only when the usage of the Flexvolumes
 is allowed in the "volumes" field.
 +optional
 

repeated .k8s.io.api.extensions.v1beta1.AllowedFlexVolume allowedFlexVolumes = 18;

getAllowedUnsafeSysctlsList

public com.google.protobuf.ProtocolStringList getAllowedUnsafeSysctlsList()

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

Specified by:

getAllowedUnsafeSysctlsList in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getAllowedUnsafeSysctlsCount

public int getAllowedUnsafeSysctlsCount()

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

Specified by:

getAllowedUnsafeSysctlsCount in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getAllowedUnsafeSysctls

public String getAllowedUnsafeSysctls(int index)

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

Specified by:

getAllowedUnsafeSysctls in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getAllowedUnsafeSysctlsBytes

public com.google.protobuf.ByteString getAllowedUnsafeSysctlsBytes(int index)

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

Specified by:

getAllowedUnsafeSysctlsBytes in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setAllowedUnsafeSysctls

public V1beta1Extensions.PodSecurityPolicySpec.Builder setAllowedUnsafeSysctls(int index,
                                                                               String value)

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

addAllowedUnsafeSysctls

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllowedUnsafeSysctls(String value)

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

addAllAllowedUnsafeSysctls

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllAllowedUnsafeSysctls(Iterable<String> values)

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

clearAllowedUnsafeSysctls

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearAllowedUnsafeSysctls()

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

addAllowedUnsafeSysctlsBytes

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllowedUnsafeSysctlsBytes(com.google.protobuf.ByteString value)

 allowedUnsafeSysctls is a list of explicitly allowed unsafe sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of allowed sysctls. Single * means all unsafe sysctls are allowed.
 Kubelet has to whitelist all allowed unsafe sysctls explicitly to avoid rejection.
 Examples:
 e.g. "foo/*" allows "foo/bar", "foo/baz", etc.
 e.g. "foo.*" allows "foo.bar", "foo.baz", etc.
 +optional
 

repeated string allowedUnsafeSysctls = 19;

getForbiddenSysctlsList

public com.google.protobuf.ProtocolStringList getForbiddenSysctlsList()

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

Specified by:

getForbiddenSysctlsList in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getForbiddenSysctlsCount

public int getForbiddenSysctlsCount()

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

Specified by:

getForbiddenSysctlsCount in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getForbiddenSysctls

public String getForbiddenSysctls(int index)

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

Specified by:

getForbiddenSysctls in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getForbiddenSysctlsBytes

public com.google.protobuf.ByteString getForbiddenSysctlsBytes(int index)

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

Specified by:

getForbiddenSysctlsBytes in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setForbiddenSysctls

public V1beta1Extensions.PodSecurityPolicySpec.Builder setForbiddenSysctls(int index,
                                                                           String value)

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

addForbiddenSysctls

public V1beta1Extensions.PodSecurityPolicySpec.Builder addForbiddenSysctls(String value)

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

addAllForbiddenSysctls

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllForbiddenSysctls(Iterable<String> values)

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

clearForbiddenSysctls

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearForbiddenSysctls()

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

addForbiddenSysctlsBytes

public V1beta1Extensions.PodSecurityPolicySpec.Builder addForbiddenSysctlsBytes(com.google.protobuf.ByteString value)

 forbiddenSysctls is a list of explicitly forbidden sysctls, defaults to none.
 Each entry is either a plain sysctl name or ends in "*" in which case it is considered
 as a prefix of forbidden sysctls. Single * means all sysctls are forbidden.
 Examples:
 e.g. "foo/*" forbids "foo/bar", "foo/baz", etc.
 e.g. "foo.*" forbids "foo.bar", "foo.baz", etc.
 +optional
 

repeated string forbiddenSysctls = 20;

getAllowedProcMountTypesList

public com.google.protobuf.ProtocolStringList getAllowedProcMountTypesList()

 AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

Specified by:

getAllowedProcMountTypesList in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getAllowedProcMountTypesCount

public int getAllowedProcMountTypesCount()

 AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

Specified by:

getAllowedProcMountTypesCount in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getAllowedProcMountTypes

public String getAllowedProcMountTypes(int index)

 AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

Specified by:

getAllowedProcMountTypes in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

getAllowedProcMountTypesBytes

public com.google.protobuf.ByteString getAllowedProcMountTypesBytes(int index)

 AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

Specified by:

getAllowedProcMountTypesBytes in interface V1beta1Extensions.PodSecurityPolicySpecOrBuilder

setAllowedProcMountTypes

public V1beta1Extensions.PodSecurityPolicySpec.Builder setAllowedProcMountTypes(int index,
                                                                                String value)

 AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

addAllowedProcMountTypes

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllowedProcMountTypes(String value)

 AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

addAllAllowedProcMountTypes

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllAllowedProcMountTypes(Iterable<String> values)

 AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

clearAllowedProcMountTypes

public V1beta1Extensions.PodSecurityPolicySpec.Builder clearAllowedProcMountTypes()

 AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

addAllowedProcMountTypesBytes

public V1beta1Extensions.PodSecurityPolicySpec.Builder addAllowedProcMountTypesBytes(com.google.protobuf.ByteString value)

 AllowedProcMountTypes is a whitelist of allowed ProcMountTypes.
 Empty or nil indicates that only the DefaultProcMountType may be used.
 This requires the ProcMountType feature flag to be enabled.
 +optional
 

repeated string allowedProcMountTypes = 21;

setUnknownFields

public final V1beta1Extensions.PodSecurityPolicySpec.Builder setUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)

Specified by:

setUnknownFields in interface com.google.protobuf.Message.Builder

Overrides:

setUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Extensions.PodSecurityPolicySpec.Builder>

mergeUnknownFields

public final V1beta1Extensions.PodSecurityPolicySpec.Builder mergeUnknownFields(com.google.protobuf.UnknownFieldSet unknownFields)

Specified by:

mergeUnknownFields in interface com.google.protobuf.Message.Builder

Overrides:

mergeUnknownFields in class com.google.protobuf.GeneratedMessageV3.Builder<V1beta1Extensions.PodSecurityPolicySpec.Builder>