• Home
• org.virtuslab
• pulumi-aws-native-kotlin
• 0.112.0.0
• source code
• JobDefinitionEksContainerSecurityContextArgs.kt

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.pulumi.awsnative.batch.kotlin.inputs.JobDefinitionEksContainerSecurityContextArgs.kt Maven / Gradle / Ivy

@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.awsnative.batch.kotlin.inputs

import com.pulumi.awsnative.batch.inputs.JobDefinitionEksContainerSecurityContextArgs.builder
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.Boolean
import kotlin.Int
import kotlin.Suppress
import kotlin.jvm.JvmName

/**
 *
 * @property allowPrivilegeEscalation Whether or not a container or a Kubernetes pod is allowed to gain more privileges than its parent process. The default value is `false` .
 * @property privileged When this parameter is `true` , the container is given elevated permissions on the host container instance. The level of permissions are similar to the `root` user permissions. The default value is `false` . This parameter maps to `privileged` policy in the [Privileged pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#privileged) in the *Kubernetes documentation* .
 * @property readOnlyRootFilesystem When this parameter is `true` , the container is given read-only access to its root file system. The default value is `false` . This parameter maps to `ReadOnlyRootFilesystem` policy in the [Volumes and file systems pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#volumes-and-file-systems) in the *Kubernetes documentation* .
 * @property runAsGroup When this parameter is specified, the container is run as the specified group ID ( `gid` ). If this parameter isn't specified, the default is the group that's specified in the image metadata. This parameter maps to `RunAsGroup` and `MustRunAs` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* .
 * @property runAsNonRoot When this parameter is specified, the container is run as a user with a `uid` other than 0. If this parameter isn't specified, so such rule is enforced. This parameter maps to `RunAsUser` and `MustRunAsNonRoot` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* .
 * @property runAsUser When this parameter is specified, the container is run as the specified user ID ( `uid` ). If this parameter isn't specified, the default is the user that's specified in the image metadata. This parameter maps to `RunAsUser` and `MustRanAs` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* .
 */
public data class JobDefinitionEksContainerSecurityContextArgs(
    public val allowPrivilegeEscalation: Output? = null,
    public val privileged: Output? = null,
    public val readOnlyRootFilesystem: Output? = null,
    public val runAsGroup: Output? = null,
    public val runAsNonRoot: Output? = null,
    public val runAsUser: Output? = null,
) :
    ConvertibleToJava {
    override fun toJava(): com.pulumi.awsnative.batch.inputs.JobDefinitionEksContainerSecurityContextArgs =
        com.pulumi.awsnative.batch.inputs.JobDefinitionEksContainerSecurityContextArgs.builder()
            .allowPrivilegeEscalation(allowPrivilegeEscalation?.applyValue({ args0 -> args0 }))
            .privileged(privileged?.applyValue({ args0 -> args0 }))
            .readOnlyRootFilesystem(readOnlyRootFilesystem?.applyValue({ args0 -> args0 }))
            .runAsGroup(runAsGroup?.applyValue({ args0 -> args0 }))
            .runAsNonRoot(runAsNonRoot?.applyValue({ args0 -> args0 }))
            .runAsUser(runAsUser?.applyValue({ args0 -> args0 })).build()
}

/**
 * Builder for [JobDefinitionEksContainerSecurityContextArgs].
 */
@PulumiTagMarker
public class JobDefinitionEksContainerSecurityContextArgsBuilder internal constructor() {
    private var allowPrivilegeEscalation: Output? = null

    private var privileged: Output? = null

    private var readOnlyRootFilesystem: Output? = null

    private var runAsGroup: Output? = null

    private var runAsNonRoot: Output? = null

    private var runAsUser: Output? = null

    /**
     * @param value Whether or not a container or a Kubernetes pod is allowed to gain more privileges than its parent process. The default value is `false` .
     */
    @JvmName("jxwagnmfjbvogedj")
    public suspend fun allowPrivilegeEscalation(`value`: Output) {
        this.allowPrivilegeEscalation = value
    }

    /**
     * @param value When this parameter is `true` , the container is given elevated permissions on the host container instance. The level of permissions are similar to the `root` user permissions. The default value is `false` . This parameter maps to `privileged` policy in the [Privileged pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#privileged) in the *Kubernetes documentation* .
     */
    @JvmName("xmowgiggvbyymujr")
    public suspend fun privileged(`value`: Output) {
        this.privileged = value
    }

    /**
     * @param value When this parameter is `true` , the container is given read-only access to its root file system. The default value is `false` . This parameter maps to `ReadOnlyRootFilesystem` policy in the [Volumes and file systems pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#volumes-and-file-systems) in the *Kubernetes documentation* .
     */
    @JvmName("xuaciicppfxqcnoa")
    public suspend fun readOnlyRootFilesystem(`value`: Output) {
        this.readOnlyRootFilesystem = value
    }

    /**
     * @param value When this parameter is specified, the container is run as the specified group ID ( `gid` ). If this parameter isn't specified, the default is the group that's specified in the image metadata. This parameter maps to `RunAsGroup` and `MustRunAs` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* .
     */
    @JvmName("gaimijyiolvxwlmc")
    public suspend fun runAsGroup(`value`: Output) {
        this.runAsGroup = value
    }

    /**
     * @param value When this parameter is specified, the container is run as a user with a `uid` other than 0. If this parameter isn't specified, so such rule is enforced. This parameter maps to `RunAsUser` and `MustRunAsNonRoot` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* .
     */
    @JvmName("cokaqofapskpomlo")
    public suspend fun runAsNonRoot(`value`: Output) {
        this.runAsNonRoot = value
    }

    /**
     * @param value When this parameter is specified, the container is run as the specified user ID ( `uid` ). If this parameter isn't specified, the default is the user that's specified in the image metadata. This parameter maps to `RunAsUser` and `MustRanAs` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* .
     */
    @JvmName("rycghscfysbjlgah")
    public suspend fun runAsUser(`value`: Output) {
        this.runAsUser = value
    }

    /**
     * @param value Whether or not a container or a Kubernetes pod is allowed to gain more privileges than its parent process. The default value is `false` .
     */
    @JvmName("exvdneieyjejjsva")
    public suspend fun allowPrivilegeEscalation(`value`: Boolean?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.allowPrivilegeEscalation = mapped
    }

    /**
     * @param value When this parameter is `true` , the container is given elevated permissions on the host container instance. The level of permissions are similar to the `root` user permissions. The default value is `false` . This parameter maps to `privileged` policy in the [Privileged pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#privileged) in the *Kubernetes documentation* .
     */
    @JvmName("wnitsrwdgytxrsrp")
    public suspend fun privileged(`value`: Boolean?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.privileged = mapped
    }

    /**
     * @param value When this parameter is `true` , the container is given read-only access to its root file system. The default value is `false` . This parameter maps to `ReadOnlyRootFilesystem` policy in the [Volumes and file systems pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#volumes-and-file-systems) in the *Kubernetes documentation* .
     */
    @JvmName("oxboxbkplolytdhd")
    public suspend fun readOnlyRootFilesystem(`value`: Boolean?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.readOnlyRootFilesystem = mapped
    }

    /**
     * @param value When this parameter is specified, the container is run as the specified group ID ( `gid` ). If this parameter isn't specified, the default is the group that's specified in the image metadata. This parameter maps to `RunAsGroup` and `MustRunAs` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* .
     */
    @JvmName("bqwctbivhrckeomp")
    public suspend fun runAsGroup(`value`: Int?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.runAsGroup = mapped
    }

    /**
     * @param value When this parameter is specified, the container is run as a user with a `uid` other than 0. If this parameter isn't specified, so such rule is enforced. This parameter maps to `RunAsUser` and `MustRunAsNonRoot` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* .
     */
    @JvmName("hypyhdbnyrgwvnuk")
    public suspend fun runAsNonRoot(`value`: Boolean?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.runAsNonRoot = mapped
    }

    /**
     * @param value When this parameter is specified, the container is run as the specified user ID ( `uid` ). If this parameter isn't specified, the default is the user that's specified in the image metadata. This parameter maps to `RunAsUser` and `MustRanAs` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* .
     */
    @JvmName("rhxfghbislfxhroh")
    public suspend fun runAsUser(`value`: Int?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.runAsUser = mapped
    }

    internal fun build(): JobDefinitionEksContainerSecurityContextArgs =
        JobDefinitionEksContainerSecurityContextArgs(
            allowPrivilegeEscalation = allowPrivilegeEscalation,
            privileged = privileged,
            readOnlyRootFilesystem = readOnlyRootFilesystem,
            runAsGroup = runAsGroup,
            runAsNonRoot = runAsNonRoot,
            runAsUser = runAsUser,
        )
}