GetPodSecurityPolicyTemplate

Use this data source to retrieve information about a Rancher v2 PodSecurityPolicyTemplate.

Example Usage

using Pulumi;
using Rancher2 = Pulumi.Rancher2;

class MyStack : Stack
{
    public MyStack()
    {
        var foo = Output.Create(Rancher2.GetPodSecurityPolicyTemplate.InvokeAsync(new Rancher2.GetPodSecurityPolicyTemplateArgs
        {
            Name = "foo",
        }));
    }

}

Coming soon!

import pulumi
import pulumi_rancher2 as rancher2

foo = rancher2.get_pod_security_policy_template(name="foo")

import * as pulumi from "@pulumi/pulumi";
import * as rancher2 from "@pulumi/rancher2";

const foo = pulumi.output(rancher2.getPodSecurityPolicyTemplate({
    name: "foo",
}, { async: true }));

Using GetPodSecurityPolicyTemplate

function getPodSecurityPolicyTemplate(args: GetPodSecurityPolicyTemplateArgs, opts?: InvokeOptions): Promise<GetPodSecurityPolicyTemplateResult>

function  get_pod_security_policy_template(allow_privilege_escalation=None, allowed_capabilities=None, allowed_csi_drivers=None, allowed_flex_volumes=None, allowed_host_paths=None, allowed_proc_mount_types=None, allowed_unsafe_sysctls=None, annotations=None, default_add_capabilities=None, default_allow_privilege_escalation=None, description=None, forbidden_sysctls=None, fs_group=None, host_ipc=None, host_network=None, host_pid=None, host_ports=None, labels=None, name=None, privileged=None, read_only_root_filesystem=None, required_drop_capabilities=None, run_as_group=None, run_as_user=None, runtime_class=None, se_linux=None, supplemental_group=None, volumes=None, opts=None)

func LookupPodSecurityPolicyTemplate(ctx *Context, args *LookupPodSecurityPolicyTemplateArgs, opts ...InvokeOption) (*LookupPodSecurityPolicyTemplateResult, error)

Note: This function is named LookupPodSecurityPolicyTemplate in the Go SDK.

public static class GetPodSecurityPolicyTemplate {
    public static Task<GetPodSecurityPolicyTemplateResult> InvokeAsync(GetPodSecurityPolicyTemplateArgs args, InvokeOptions? opts = null)
}

The following arguments are supported:

Name string: The name of the PodSecurityPolicyTemplate (string)
AllowPrivilegeEscalation bool: = (Optional)
AllowedCapabilities List<string>: (list)
AllowedCsiDrivers List<GetPodSecurityPolicyTemplateAllowedCsiDriverArgs>: (list)
AllowedFlexVolumes List<GetPodSecurityPolicyTemplateAllowedFlexVolumeArgs>: (list)
AllowedHostPaths List<GetPodSecurityPolicyTemplateAllowedHostPathArgs>: (list)
AllowedProcMountTypes List<string>: (list)
AllowedUnsafeSysctls List<string>: (list)
Annotations Dictionary<string, object>: Annotations for PodSecurityPolicyTemplate object (map)
DefaultAddCapabilities List<string>: (list)
DefaultAllowPrivilegeEscalation bool: (list)
Description string: The PodSecurityPolicyTemplate description (string)
ForbiddenSysctls List<string>: (list)
FsGroup GetPodSecurityPolicyTemplateFsGroupArgs: (list maxitems:1)
HostIpc bool: (bool)
HostNetwork bool
HostPid bool: (bool)
HostPorts List<GetPodSecurityPolicyTemplateHostPortArgs>: (list)
Labels Dictionary<string, object>: Labels for PodSecurityPolicyTemplate object (map)
Privileged bool: (bool)
ReadOnlyRootFilesystem bool: (bool)
RequiredDropCapabilities List<string>: (list)
RunAsGroup GetPodSecurityPolicyTemplateRunAsGroupArgs: (list maxitems:1)
RunAsUser GetPodSecurityPolicyTemplateRunAsUserArgs: (list maxitems:1)
RuntimeClass GetPodSecurityPolicyTemplateRuntimeClassArgs: (list maxitems:1)
SeLinux GetPodSecurityPolicyTemplateSeLinuxArgs: (list maxitems:1)
SupplementalGroup GetPodSecurityPolicyTemplateSupplementalGroupArgs: (list maxitems:1)
Volumes List<string>: (list)

Name string: The name of the PodSecurityPolicyTemplate (string)
AllowPrivilegeEscalation bool: = (Optional)
AllowedCapabilities []string: (list)
AllowedCsiDrivers []GetPodSecurityPolicyTemplateAllowedCsiDriver: (list)
AllowedFlexVolumes []GetPodSecurityPolicyTemplateAllowedFlexVolume: (list)
AllowedHostPaths []GetPodSecurityPolicyTemplateAllowedHostPath: (list)
AllowedProcMountTypes []string: (list)
AllowedUnsafeSysctls []string: (list)
Annotations map[string]interface{}: Annotations for PodSecurityPolicyTemplate object (map)
DefaultAddCapabilities []string: (list)
DefaultAllowPrivilegeEscalation bool: (list)
Description string: The PodSecurityPolicyTemplate description (string)
ForbiddenSysctls []string: (list)
FsGroup GetPodSecurityPolicyTemplateFsGroup: (list maxitems:1)
HostIpc bool: (bool)
HostNetwork bool
HostPid bool: (bool)
HostPorts []GetPodSecurityPolicyTemplateHostPort: (list)
Labels map[string]interface{}: Labels for PodSecurityPolicyTemplate object (map)
Privileged bool: (bool)
ReadOnlyRootFilesystem bool: (bool)
RequiredDropCapabilities []string: (list)
RunAsGroup GetPodSecurityPolicyTemplateRunAsGroup: (list maxitems:1)
RunAsUser GetPodSecurityPolicyTemplateRunAsUser: (list maxitems:1)
RuntimeClass GetPodSecurityPolicyTemplateRuntimeClass: (list maxitems:1)
SeLinux GetPodSecurityPolicyTemplateSeLinux: (list maxitems:1)
SupplementalGroup GetPodSecurityPolicyTemplateSupplementalGroup: (list maxitems:1)
Volumes []string: (list)

name string: The name of the PodSecurityPolicyTemplate (string)
allowPrivilegeEscalation boolean: = (Optional)
allowedCapabilities string[]: (list)
allowedCsiDrivers GetPodSecurityPolicyTemplateAllowedCsiDriver[]: (list)
allowedFlexVolumes GetPodSecurityPolicyTemplateAllowedFlexVolume[]: (list)
allowedHostPaths GetPodSecurityPolicyTemplateAllowedHostPath[]: (list)
allowedProcMountTypes string[]: (list)
allowedUnsafeSysctls string[]: (list)
annotations {[key: string]: any}: Annotations for PodSecurityPolicyTemplate object (map)
defaultAddCapabilities string[]: (list)
defaultAllowPrivilegeEscalation boolean: (list)
description string: The PodSecurityPolicyTemplate description (string)
forbiddenSysctls string[]: (list)
fsGroup GetPodSecurityPolicyTemplateFsGroup: (list maxitems:1)
hostIpc boolean: (bool)
hostNetwork boolean
hostPid boolean: (bool)
hostPorts GetPodSecurityPolicyTemplateHostPort[]: (list)
labels {[key: string]: any}: Labels for PodSecurityPolicyTemplate object (map)
privileged boolean: (bool)
readOnlyRootFilesystem boolean: (bool)
requiredDropCapabilities string[]: (list)
runAsGroup GetPodSecurityPolicyTemplateRunAsGroup: (list maxitems:1)
runAsUser GetPodSecurityPolicyTemplateRunAsUser: (list maxitems:1)
runtimeClass GetPodSecurityPolicyTemplateRuntimeClass: (list maxitems:1)
seLinux GetPodSecurityPolicyTemplateSeLinux: (list maxitems:1)
supplementalGroup GetPodSecurityPolicyTemplateSupplementalGroup: (list maxitems:1)
volumes string[]: (list)

name str: The name of the PodSecurityPolicyTemplate (string)
allow_privilege_escalation bool: = (Optional)
allowed_capabilities List[str]: (list)
allowed_csi_drivers List[GetPodSecurityPolicyTemplateAllowedCsiDriver]: (list)
allowed_flex_volumes List[GetPodSecurityPolicyTemplateAllowedFlexVolume]: (list)
allowed_host_paths List[GetPodSecurityPolicyTemplateAllowedHostPath]: (list)
allowed_proc_mount_types List[str]: (list)
allowed_unsafe_sysctls List[str]: (list)
annotations Dict[str, Any]: Annotations for PodSecurityPolicyTemplate object (map)
default_add_capabilities List[str]: (list)
default_allow_privilege_escalation bool: (list)
description str: The PodSecurityPolicyTemplate description (string)
forbidden_sysctls List[str]: (list)
fs_group Dict[GetPodSecurityPolicyTemplateFsGroup]: (list maxitems:1)
host_ipc bool: (bool)
host_network bool
host_pid bool: (bool)
host_ports List[GetPodSecurityPolicyTemplateHostPort]: (list)
labels Dict[str, Any]: Labels for PodSecurityPolicyTemplate object (map)
privileged bool: (bool)
read_only_root_filesystem bool: (bool)
required_drop_capabilities List[str]: (list)
run_as_group Dict[GetPodSecurityPolicyTemplateRunAsGroup]: (list maxitems:1)
run_as_user Dict[GetPodSecurityPolicyTemplateRunAsUser]: (list maxitems:1)
runtime_class Dict[GetPodSecurityPolicyTemplateRuntimeClass]: (list maxitems:1)
se_linux Dict[GetPodSecurityPolicyTemplateSeLinux]: (list maxitems:1)
supplemental_group Dict[GetPodSecurityPolicyTemplateSupplementalGroup]: (list maxitems:1)
volumes List[str]: (list)

GetPodSecurityPolicyTemplate Result

The following output properties are available:

AllowPrivilegeEscalation bool
Annotations Dictionary<string, object>
Description string
FsGroup GetPodSecurityPolicyTemplateFsGroup
HostIpc bool
HostNetwork bool
HostPid bool
HostPorts List<GetPodSecurityPolicyTemplateHostPort>
Id string: The provider-assigned unique ID for this managed resource.
Labels Dictionary<string, object>
Name string
Privileged bool
ReadOnlyRootFilesystem bool
RunAsUser GetPodSecurityPolicyTemplateRunAsUser
SeLinux GetPodSecurityPolicyTemplateSeLinux
SupplementalGroup GetPodSecurityPolicyTemplateSupplementalGroup
Volumes List<string>
AllowedCapabilities List<string>
AllowedCsiDrivers List<GetPodSecurityPolicyTemplateAllowedCsiDriver>
AllowedFlexVolumes List<GetPodSecurityPolicyTemplateAllowedFlexVolume>
AllowedHostPaths List<GetPodSecurityPolicyTemplateAllowedHostPath>
AllowedProcMountTypes List<string>
AllowedUnsafeSysctls List<string>
DefaultAddCapabilities List<string>
DefaultAllowPrivilegeEscalation bool
ForbiddenSysctls List<string>
RequiredDropCapabilities List<string>
RunAsGroup GetPodSecurityPolicyTemplateRunAsGroup
RuntimeClass GetPodSecurityPolicyTemplateRuntimeClass

AllowPrivilegeEscalation bool
Annotations map[string]interface{}
Description string
FsGroup GetPodSecurityPolicyTemplateFsGroup
HostIpc bool
HostNetwork bool
HostPid bool
HostPorts []GetPodSecurityPolicyTemplateHostPort
Id string: The provider-assigned unique ID for this managed resource.
Labels map[string]interface{}
Name string
Privileged bool
ReadOnlyRootFilesystem bool
RunAsUser GetPodSecurityPolicyTemplateRunAsUser
SeLinux GetPodSecurityPolicyTemplateSeLinux
SupplementalGroup GetPodSecurityPolicyTemplateSupplementalGroup
Volumes []string
AllowedCapabilities []string
AllowedCsiDrivers []GetPodSecurityPolicyTemplateAllowedCsiDriver
AllowedFlexVolumes []GetPodSecurityPolicyTemplateAllowedFlexVolume
AllowedHostPaths []GetPodSecurityPolicyTemplateAllowedHostPath
AllowedProcMountTypes []string
AllowedUnsafeSysctls []string
DefaultAddCapabilities []string
DefaultAllowPrivilegeEscalation bool
ForbiddenSysctls []string
RequiredDropCapabilities []string
RunAsGroup GetPodSecurityPolicyTemplateRunAsGroup
RuntimeClass GetPodSecurityPolicyTemplateRuntimeClass

allowPrivilegeEscalation boolean
annotations {[key: string]: any}
description string
fsGroup GetPodSecurityPolicyTemplateFsGroup
hostIpc boolean
hostNetwork boolean
hostPid boolean
hostPorts GetPodSecurityPolicyTemplateHostPort[]
id string: The provider-assigned unique ID for this managed resource.
labels {[key: string]: any}
name string
privileged boolean
readOnlyRootFilesystem boolean
runAsUser GetPodSecurityPolicyTemplateRunAsUser
seLinux GetPodSecurityPolicyTemplateSeLinux
supplementalGroup GetPodSecurityPolicyTemplateSupplementalGroup
volumes string[]
allowedCapabilities string[]
allowedCsiDrivers GetPodSecurityPolicyTemplateAllowedCsiDriver[]
allowedFlexVolumes GetPodSecurityPolicyTemplateAllowedFlexVolume[]
allowedHostPaths GetPodSecurityPolicyTemplateAllowedHostPath[]
allowedProcMountTypes string[]
allowedUnsafeSysctls string[]
defaultAddCapabilities string[]
defaultAllowPrivilegeEscalation boolean
forbiddenSysctls string[]
requiredDropCapabilities string[]
runAsGroup GetPodSecurityPolicyTemplateRunAsGroup
runtimeClass GetPodSecurityPolicyTemplateRuntimeClass

allow_privilege_escalation bool
annotations Dict[str, Any]
description str
fs_group Dict[GetPodSecurityPolicyTemplateFsGroup]
host_ipc bool
host_network bool
host_pid bool
host_ports List[GetPodSecurityPolicyTemplateHostPort]
id str: The provider-assigned unique ID for this managed resource.
labels Dict[str, Any]
name str
privileged bool
read_only_root_filesystem bool
run_as_user Dict[GetPodSecurityPolicyTemplateRunAsUser]
se_linux Dict[GetPodSecurityPolicyTemplateSeLinux]
supplemental_group Dict[GetPodSecurityPolicyTemplateSupplementalGroup]
volumes List[str]
allowed_capabilities List[str]
allowed_csi_drivers List[GetPodSecurityPolicyTemplateAllowedCsiDriver]
allowed_flex_volumes List[GetPodSecurityPolicyTemplateAllowedFlexVolume]
allowed_host_paths List[GetPodSecurityPolicyTemplateAllowedHostPath]
allowed_proc_mount_types List[str]
allowed_unsafe_sysctls List[str]
default_add_capabilities List[str]
default_allow_privilege_escalation bool
forbidden_sysctls List[str]
required_drop_capabilities List[str]
run_as_group Dict[GetPodSecurityPolicyTemplateRunAsGroup]
runtime_class Dict[GetPodSecurityPolicyTemplateRuntimeClass]

Supporting Types

GetPodSecurityPolicyTemplateAllowedCsiDriver

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Name string: The name of the PodSecurityPolicyTemplate (string)

Name string: The name of the PodSecurityPolicyTemplate (string)

name string: The name of the PodSecurityPolicyTemplate (string)

name str: The name of the PodSecurityPolicyTemplate (string)

GetPodSecurityPolicyTemplateAllowedFlexVolume

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Driver string

Driver string

driver string

driver str

GetPodSecurityPolicyTemplateAllowedHostPath

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

PathPrefix string
ReadOnly bool

PathPrefix string
ReadOnly bool

pathPrefix string
readOnly boolean

pathPrefix str
readOnly bool

GetPodSecurityPolicyTemplateFsGroup

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Ranges List<GetPodSecurityPolicyTemplateFsGroupRangeArgs>
Rule string

Ranges []GetPodSecurityPolicyTemplateFsGroupRange
Rule string

ranges GetPodSecurityPolicyTemplateFsGroupRange[]
rule string

ranges List[GetPodSecurityPolicyTemplateFsGroupRange]
rule str

GetPodSecurityPolicyTemplateFsGroupRange

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Max int
Min int

Max int
Min int

max number
min number

max float
min float

GetPodSecurityPolicyTemplateHostPort

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Max int
Min int

Max int
Min int

max number
min number

max float
min float

GetPodSecurityPolicyTemplateRunAsGroup

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Rule string
Ranges List<GetPodSecurityPolicyTemplateRunAsGroupRangeArgs>

Rule string
Ranges []GetPodSecurityPolicyTemplateRunAsGroupRange

rule string
ranges GetPodSecurityPolicyTemplateRunAsGroupRange[]

rule str
ranges List[GetPodSecurityPolicyTemplateRunAsGroupRange]

GetPodSecurityPolicyTemplateRunAsGroupRange

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Max int
Min int

Max int
Min int

max number
min number

max float
min float

GetPodSecurityPolicyTemplateRunAsUser

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Rule string
Ranges List<GetPodSecurityPolicyTemplateRunAsUserRangeArgs>

Rule string
Ranges []GetPodSecurityPolicyTemplateRunAsUserRange

rule string
ranges GetPodSecurityPolicyTemplateRunAsUserRange[]

rule str
ranges List[GetPodSecurityPolicyTemplateRunAsUserRange]

GetPodSecurityPolicyTemplateRunAsUserRange

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Max int
Min int

Max int
Min int

max number
min number

max float
min float

GetPodSecurityPolicyTemplateRuntimeClass

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

AllowedRuntimeClassNames List<string>
DefaultRuntimeClassName string

AllowedRuntimeClassNames []string
DefaultRuntimeClassName string

allowedRuntimeClassNames string[]
defaultRuntimeClassName string

allowedRuntimeClassNames List[str]
defaultRuntimeClassName str

GetPodSecurityPolicyTemplateSeLinux

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Rule string
SeLinuxOption GetPodSecurityPolicyTemplateSeLinuxSeLinuxOptionArgs

Rule string
SeLinuxOption GetPodSecurityPolicyTemplateSeLinuxSeLinuxOption

rule string
seLinuxOption GetPodSecurityPolicyTemplateSeLinuxSeLinuxOption

rule str
seLinuxOption Dict[GetPodSecurityPolicyTemplateSeLinuxSeLinuxOption]

GetPodSecurityPolicyTemplateSeLinuxSeLinuxOption

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Level string
Role string
Type string
User string

Level string
Role string
Type string
User string

level string
role string
type string
user string

level str
role str
type str
user str

GetPodSecurityPolicyTemplateSupplementalGroup

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Ranges List<GetPodSecurityPolicyTemplateSupplementalGroupRangeArgs>
Rule string

Ranges []GetPodSecurityPolicyTemplateSupplementalGroupRange
Rule string

ranges GetPodSecurityPolicyTemplateSupplementalGroupRange[]
rule string

ranges List[GetPodSecurityPolicyTemplateSupplementalGroupRange]
rule str

GetPodSecurityPolicyTemplateSupplementalGroupRange

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Max int
Min int

Max int
Min int

max number
min number

max float
min float

Package Details

Repository: https://github.com/pulumi/pulumi-rancher2
License: Apache-2.0
Notes: This Pulumi package is based on the rancher2 Terraform Provider.