Ready to level-up your engineering skills? Join a Pulumi Workshop. Register Now

getPodSecurityPolicyTemplate

Use this data source to retrieve information about a Rancher v2 PodSecurityPolicyTemplate.

Example Usage

using Pulumi;
using Rancher2 = Pulumi.Rancher2;

class MyStack : Stack
{
    public MyStack()
    {
        var foo = Output.Create(Rancher2.GetPodSecurityPolicyTemplate.InvokeAsync(new Rancher2.GetPodSecurityPolicyTemplateArgs
        {
            Name = "foo",
        }));
    }

}
package main

import (
    "github.com/pulumi/pulumi-rancher2/sdk/v2/go/rancher2"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        _, err := rancher2.LookupPodSecurityPolicyTemplate(ctx, &rancher2.LookupPodSecurityPolicyTemplateArgs{
            Name: "foo",
        }, nil)
        if err != nil {
            return err
        }
        return nil
    })
}
import pulumi
import pulumi_rancher2 as rancher2

foo = rancher2.get_pod_security_policy_template(name="foo")
import * as pulumi from "@pulumi/pulumi";
import * as rancher2 from "@pulumi/rancher2";

const foo = pulumi.output(rancher2.getPodSecurityPolicyTemplate({
    name: "foo",
}, { async: true }));

Using getPodSecurityPolicyTemplate

function getPodSecurityPolicyTemplate(args: GetPodSecurityPolicyTemplateArgs, opts?: InvokeOptions): Promise<GetPodSecurityPolicyTemplateResult>
def get_pod_security_policy_template(allow_privilege_escalation: Optional[bool] = None, allowed_capabilities: Optional[Sequence[str]] = None, allowed_csi_drivers: Optional[Sequence[GetPodSecurityPolicyTemplateAllowedCsiDriverArgs]] = None, allowed_flex_volumes: Optional[Sequence[GetPodSecurityPolicyTemplateAllowedFlexVolumeArgs]] = None, allowed_host_paths: Optional[Sequence[GetPodSecurityPolicyTemplateAllowedHostPathArgs]] = None, allowed_proc_mount_types: Optional[Sequence[str]] = None, allowed_unsafe_sysctls: Optional[Sequence[str]] = None, annotations: Optional[Mapping[str, Any]] = None, default_add_capabilities: Optional[Sequence[str]] = None, default_allow_privilege_escalation: Optional[bool] = None, description: Optional[str] = None, forbidden_sysctls: Optional[Sequence[str]] = None, fs_group: Optional[GetPodSecurityPolicyTemplateFsGroupArgs] = None, host_ipc: Optional[bool] = None, host_network: Optional[bool] = None, host_pid: Optional[bool] = None, host_ports: Optional[Sequence[GetPodSecurityPolicyTemplateHostPortArgs]] = None, labels: Optional[Mapping[str, Any]] = None, name: Optional[str] = None, privileged: Optional[bool] = None, read_only_root_filesystem: Optional[bool] = None, required_drop_capabilities: Optional[Sequence[str]] = None, run_as_group: Optional[GetPodSecurityPolicyTemplateRunAsGroupArgs] = None, run_as_user: Optional[GetPodSecurityPolicyTemplateRunAsUserArgs] = None, runtime_class: Optional[GetPodSecurityPolicyTemplateRuntimeClassArgs] = None, se_linux: Optional[GetPodSecurityPolicyTemplateSeLinuxArgs] = None, supplemental_group: Optional[GetPodSecurityPolicyTemplateSupplementalGroupArgs] = None, volumes: Optional[Sequence[str]] = None, opts: Optional[InvokeOptions] = None) -> GetPodSecurityPolicyTemplateResult
func LookupPodSecurityPolicyTemplate(ctx *Context, args *LookupPodSecurityPolicyTemplateArgs, opts ...InvokeOption) (*LookupPodSecurityPolicyTemplateResult, error)

Note: This function is named LookupPodSecurityPolicyTemplate in the Go SDK.

public static class GetPodSecurityPolicyTemplate {
    public static Task<GetPodSecurityPolicyTemplateResult> InvokeAsync(GetPodSecurityPolicyTemplateArgs args, InvokeOptions? opts = null)
}

The following arguments are supported:

Name string

The name of the PodSecurityPolicyTemplate (string)

AllowPrivilegeEscalation bool

= (Optional)

AllowedCapabilities List<string>

(list)

AllowedCsiDrivers List<GetPodSecurityPolicyTemplateAllowedCsiDriverArgs>

(list)

AllowedFlexVolumes List<GetPodSecurityPolicyTemplateAllowedFlexVolumeArgs>

(list)

AllowedHostPaths List<GetPodSecurityPolicyTemplateAllowedHostPathArgs>

(list)

AllowedProcMountTypes List<string>

(list)

AllowedUnsafeSysctls List<string>

(list)

Annotations Dictionary<string, object>

Annotations for PodSecurityPolicyTemplate object (map)

DefaultAddCapabilities List<string>

(list)

DefaultAllowPrivilegeEscalation bool

(list)

Description string

The PodSecurityPolicyTemplate description (string)

ForbiddenSysctls List<string>

(list)

FsGroup GetPodSecurityPolicyTemplateFsGroupArgs

(list maxitems:1)

HostIpc bool

(bool)

HostNetwork bool
HostPid bool

(bool)

HostPorts List<GetPodSecurityPolicyTemplateHostPortArgs>

(list)

Labels Dictionary<string, object>

Labels for PodSecurityPolicyTemplate object (map)

Privileged bool

(bool)

ReadOnlyRootFilesystem bool

(bool)

RequiredDropCapabilities List<string>

(list)

RunAsGroup GetPodSecurityPolicyTemplateRunAsGroupArgs

(list maxitems:1)

RunAsUser GetPodSecurityPolicyTemplateRunAsUserArgs

(list maxitems:1)

RuntimeClass GetPodSecurityPolicyTemplateRuntimeClassArgs

(list maxitems:1)

SeLinux GetPodSecurityPolicyTemplateSeLinuxArgs

(list maxitems:1)

SupplementalGroup GetPodSecurityPolicyTemplateSupplementalGroupArgs

(list maxitems:1)

Volumes List<string>

(list)

Name string

The name of the PodSecurityPolicyTemplate (string)

AllowPrivilegeEscalation bool

= (Optional)

AllowedCapabilities []string

(list)

AllowedCsiDrivers []GetPodSecurityPolicyTemplateAllowedCsiDriver

(list)

AllowedFlexVolumes []GetPodSecurityPolicyTemplateAllowedFlexVolume

(list)

AllowedHostPaths []GetPodSecurityPolicyTemplateAllowedHostPath

(list)

AllowedProcMountTypes []string

(list)

AllowedUnsafeSysctls []string

(list)

Annotations map[string]interface{}

Annotations for PodSecurityPolicyTemplate object (map)

DefaultAddCapabilities []string

(list)

DefaultAllowPrivilegeEscalation bool

(list)

Description string

The PodSecurityPolicyTemplate description (string)

ForbiddenSysctls []string

(list)

FsGroup GetPodSecurityPolicyTemplateFsGroup

(list maxitems:1)

HostIpc bool

(bool)

HostNetwork bool
HostPid bool

(bool)

HostPorts []GetPodSecurityPolicyTemplateHostPort

(list)

Labels map[string]interface{}

Labels for PodSecurityPolicyTemplate object (map)

Privileged bool

(bool)

ReadOnlyRootFilesystem bool

(bool)

RequiredDropCapabilities []string

(list)

RunAsGroup GetPodSecurityPolicyTemplateRunAsGroup

(list maxitems:1)

RunAsUser GetPodSecurityPolicyTemplateRunAsUser

(list maxitems:1)

RuntimeClass GetPodSecurityPolicyTemplateRuntimeClass

(list maxitems:1)

SeLinux GetPodSecurityPolicyTemplateSeLinux

(list maxitems:1)

SupplementalGroup GetPodSecurityPolicyTemplateSupplementalGroup

(list maxitems:1)

Volumes []string

(list)

name string

The name of the PodSecurityPolicyTemplate (string)

allowPrivilegeEscalation boolean

= (Optional)

allowedCapabilities string[]

(list)

allowedCsiDrivers GetPodSecurityPolicyTemplateAllowedCsiDriver[]

(list)

allowedFlexVolumes GetPodSecurityPolicyTemplateAllowedFlexVolume[]

(list)

allowedHostPaths GetPodSecurityPolicyTemplateAllowedHostPath[]

(list)

allowedProcMountTypes string[]

(list)

allowedUnsafeSysctls string[]

(list)

annotations {[key: string]: any}

Annotations for PodSecurityPolicyTemplate object (map)

defaultAddCapabilities string[]

(list)

defaultAllowPrivilegeEscalation boolean

(list)

description string

The PodSecurityPolicyTemplate description (string)

forbiddenSysctls string[]

(list)

fsGroup GetPodSecurityPolicyTemplateFsGroup

(list maxitems:1)

hostIpc boolean

(bool)

hostNetwork boolean
hostPid boolean

(bool)

hostPorts GetPodSecurityPolicyTemplateHostPort[]

(list)

labels {[key: string]: any}

Labels for PodSecurityPolicyTemplate object (map)

privileged boolean

(bool)

readOnlyRootFilesystem boolean

(bool)

requiredDropCapabilities string[]

(list)

runAsGroup GetPodSecurityPolicyTemplateRunAsGroup

(list maxitems:1)

runAsUser GetPodSecurityPolicyTemplateRunAsUser

(list maxitems:1)

runtimeClass GetPodSecurityPolicyTemplateRuntimeClass

(list maxitems:1)

seLinux GetPodSecurityPolicyTemplateSeLinux

(list maxitems:1)

supplementalGroup GetPodSecurityPolicyTemplateSupplementalGroup

(list maxitems:1)

volumes string[]

(list)

name str

The name of the PodSecurityPolicyTemplate (string)

allow_privilege_escalation bool

= (Optional)

allowed_capabilities Sequence[str]

(list)

allowed_csi_drivers Sequence[GetPodSecurityPolicyTemplateAllowedCsiDriverArgs]

(list)

allowed_flex_volumes Sequence[GetPodSecurityPolicyTemplateAllowedFlexVolumeArgs]

(list)

allowed_host_paths Sequence[GetPodSecurityPolicyTemplateAllowedHostPathArgs]

(list)

allowed_proc_mount_types Sequence[str]

(list)

allowed_unsafe_sysctls Sequence[str]

(list)

annotations Mapping[str, Any]

Annotations for PodSecurityPolicyTemplate object (map)

default_add_capabilities Sequence[str]

(list)

default_allow_privilege_escalation bool

(list)

description str

The PodSecurityPolicyTemplate description (string)

forbidden_sysctls Sequence[str]

(list)

fs_group GetPodSecurityPolicyTemplateFsGroupArgs

(list maxitems:1)

host_ipc bool

(bool)

host_network bool
host_pid bool

(bool)

host_ports Sequence[GetPodSecurityPolicyTemplateHostPortArgs]

(list)

labels Mapping[str, Any]

Labels for PodSecurityPolicyTemplate object (map)

privileged bool

(bool)

read_only_root_filesystem bool

(bool)

required_drop_capabilities Sequence[str]

(list)

run_as_group GetPodSecurityPolicyTemplateRunAsGroupArgs

(list maxitems:1)

run_as_user GetPodSecurityPolicyTemplateRunAsUserArgs

(list maxitems:1)

runtime_class GetPodSecurityPolicyTemplateRuntimeClassArgs

(list maxitems:1)

se_linux GetPodSecurityPolicyTemplateSeLinuxArgs

(list maxitems:1)

supplemental_group GetPodSecurityPolicyTemplateSupplementalGroupArgs

(list maxitems:1)

volumes Sequence[str]

(list)

getPodSecurityPolicyTemplate Result

The following output properties are available:

AllowPrivilegeEscalation bool
Annotations Dictionary<string, object>
Description string
FsGroup GetPodSecurityPolicyTemplateFsGroup
HostIpc bool
HostNetwork bool
HostPid bool
HostPorts List<GetPodSecurityPolicyTemplateHostPort>
Id string

The provider-assigned unique ID for this managed resource.

Labels Dictionary<string, object>
Name string
Privileged bool
ReadOnlyRootFilesystem bool
RunAsUser GetPodSecurityPolicyTemplateRunAsUser
SeLinux GetPodSecurityPolicyTemplateSeLinux
SupplementalGroup GetPodSecurityPolicyTemplateSupplementalGroup
Volumes List<string>
AllowedCapabilities List<string>
AllowedCsiDrivers List<GetPodSecurityPolicyTemplateAllowedCsiDriver>
AllowedFlexVolumes List<GetPodSecurityPolicyTemplateAllowedFlexVolume>
AllowedHostPaths List<GetPodSecurityPolicyTemplateAllowedHostPath>
AllowedProcMountTypes List<string>
AllowedUnsafeSysctls List<string>
DefaultAddCapabilities List<string>
DefaultAllowPrivilegeEscalation bool
ForbiddenSysctls List<string>
RequiredDropCapabilities List<string>
RunAsGroup GetPodSecurityPolicyTemplateRunAsGroup
RuntimeClass GetPodSecurityPolicyTemplateRuntimeClass
AllowPrivilegeEscalation bool
Annotations map[string]interface{}
Description string
FsGroup GetPodSecurityPolicyTemplateFsGroup
HostIpc bool
HostNetwork bool
HostPid bool
HostPorts []GetPodSecurityPolicyTemplateHostPort
Id string

The provider-assigned unique ID for this managed resource.

Labels map[string]interface{}
Name string
Privileged bool
ReadOnlyRootFilesystem bool
RunAsUser GetPodSecurityPolicyTemplateRunAsUser
SeLinux GetPodSecurityPolicyTemplateSeLinux
SupplementalGroup GetPodSecurityPolicyTemplateSupplementalGroup
Volumes []string
AllowedCapabilities []string
AllowedCsiDrivers []GetPodSecurityPolicyTemplateAllowedCsiDriver
AllowedFlexVolumes []GetPodSecurityPolicyTemplateAllowedFlexVolume
AllowedHostPaths []GetPodSecurityPolicyTemplateAllowedHostPath
AllowedProcMountTypes []string
AllowedUnsafeSysctls []string
DefaultAddCapabilities []string
DefaultAllowPrivilegeEscalation bool
ForbiddenSysctls []string
RequiredDropCapabilities []string
RunAsGroup GetPodSecurityPolicyTemplateRunAsGroup
RuntimeClass GetPodSecurityPolicyTemplateRuntimeClass
allowPrivilegeEscalation boolean
annotations {[key: string]: any}
description string
fsGroup GetPodSecurityPolicyTemplateFsGroup
hostIpc boolean
hostNetwork boolean
hostPid boolean
hostPorts GetPodSecurityPolicyTemplateHostPort[]
id string

The provider-assigned unique ID for this managed resource.

labels {[key: string]: any}
name string
privileged boolean
readOnlyRootFilesystem boolean
runAsUser GetPodSecurityPolicyTemplateRunAsUser
seLinux GetPodSecurityPolicyTemplateSeLinux
supplementalGroup GetPodSecurityPolicyTemplateSupplementalGroup
volumes string[]
allowedCapabilities string[]
allowedCsiDrivers GetPodSecurityPolicyTemplateAllowedCsiDriver[]
allowedFlexVolumes GetPodSecurityPolicyTemplateAllowedFlexVolume[]
allowedHostPaths GetPodSecurityPolicyTemplateAllowedHostPath[]
allowedProcMountTypes string[]
allowedUnsafeSysctls string[]
defaultAddCapabilities string[]
defaultAllowPrivilegeEscalation boolean
forbiddenSysctls string[]
requiredDropCapabilities string[]
runAsGroup GetPodSecurityPolicyTemplateRunAsGroup
runtimeClass GetPodSecurityPolicyTemplateRuntimeClass
allow_privilege_escalation bool
annotations Mapping[str, Any]
description str
fs_group GetPodSecurityPolicyTemplateFsGroup
host_ipc bool
host_network bool
host_pid bool
host_ports Sequence[GetPodSecurityPolicyTemplateHostPort]
id str

The provider-assigned unique ID for this managed resource.

labels Mapping[str, Any]
name str
privileged bool
read_only_root_filesystem bool
run_as_user GetPodSecurityPolicyTemplateRunAsUser
se_linux GetPodSecurityPolicyTemplateSeLinux
supplemental_group GetPodSecurityPolicyTemplateSupplementalGroup
volumes Sequence[str]
allowed_capabilities Sequence[str]
allowed_csi_drivers Sequence[GetPodSecurityPolicyTemplateAllowedCsiDriver]
allowed_flex_volumes Sequence[GetPodSecurityPolicyTemplateAllowedFlexVolume]
allowed_host_paths Sequence[GetPodSecurityPolicyTemplateAllowedHostPath]
allowed_proc_mount_types Sequence[str]
allowed_unsafe_sysctls Sequence[str]
default_add_capabilities Sequence[str]
default_allow_privilege_escalation bool
forbidden_sysctls Sequence[str]
required_drop_capabilities Sequence[str]
run_as_group GetPodSecurityPolicyTemplateRunAsGroup
runtime_class GetPodSecurityPolicyTemplateRuntimeClass

Supporting Types

GetPodSecurityPolicyTemplateAllowedCsiDriver

Name string

The name of the PodSecurityPolicyTemplate (string)

Name string

The name of the PodSecurityPolicyTemplate (string)

name string

The name of the PodSecurityPolicyTemplate (string)

name str

The name of the PodSecurityPolicyTemplate (string)

GetPodSecurityPolicyTemplateAllowedFlexVolume

Driver string
Driver string
driver string
driver str

GetPodSecurityPolicyTemplateAllowedHostPath

PathPrefix string
ReadOnly bool
PathPrefix string
ReadOnly bool
pathPrefix string
readOnly boolean

GetPodSecurityPolicyTemplateFsGroup

GetPodSecurityPolicyTemplateFsGroupRange

Max int
Min int
Max int
Min int
max number
min number
max int
min int

GetPodSecurityPolicyTemplateHostPort

Max int
Min int
Max int
Min int
max number
min number
max int
min int

GetPodSecurityPolicyTemplateRunAsGroup

GetPodSecurityPolicyTemplateRunAsGroupRange

Max int
Min int
Max int
Min int
max number
min number
max int
min int

GetPodSecurityPolicyTemplateRunAsUser

GetPodSecurityPolicyTemplateRunAsUserRange

Max int
Min int
Max int
Min int
max number
min number
max int
min int

GetPodSecurityPolicyTemplateRuntimeClass

GetPodSecurityPolicyTemplateSeLinux

GetPodSecurityPolicyTemplateSeLinuxSeLinuxOption

Level string
Role string
Type string
User string
Level string
Role string
Type string
User string
level string
role string
type string
user string
level str
role str
type str
user str

GetPodSecurityPolicyTemplateSupplementalGroup

GetPodSecurityPolicyTemplateSupplementalGroupRange

Max int
Min int
Max int
Min int
max number
min number
max int
min int

Package Details

Repository
https://github.com/pulumi/pulumi-rancher2
License
Apache-2.0
Notes
This Pulumi package is based on the rancher2 Terraform Provider.