K
Q

How to validate that a Pod is running privileged

5/22/2019

I'm trying to figure out how to verify if a pod is running with security context privileged enabled (set to true).

I assumed that 'kubectl describe pod [name]' would contain this information but it does not appear to.

I quickly created a pod using the following definition to test:

apiVersion: v1
kind: Pod
metadata:
  name: priv-demo
spec:
  volumes:
  - name: priv-vol
    emptyDir: {}
  containers:
  - name: priv-demo
    image: gcr.io/google-samples/node-hello:1.0
    volumeMounts:
    - name: priv-vol
      mountPath: /data/demo
    securityContext:
      allowPrivilegeEscalation: true
      privileged: true

Any ideas how to retrieve the security context? It must be an easy thing to do and I've just overlooked something.

-- Jon Kent
kubernetes
security

Similar Questions

Calico between virtual machines as Kubernetes nodes
Kubeflow pipeline doesnt create any pod; unknown status
How can I use multiple parameter on kubernetes CLI?
Kubernetes internal wildcard DNS record

1 Answer

5/22/2019
kubectl get pod POD_NAME -o json | jq -r '.spec.containers[].securityContext.privileged'
-- Vasily Angapov
Source: StackOverflow