Remove container level supplementalGroups and fsgroup

2020-07-02 11:07:24 -07:00 · 2020-07-02 11:07:24 -07:00 · 259655797b
parent e935ad0001
commit 259655797b
1 changed files with 0 additions and 4 deletions
--- a/content/en/docs/concepts/security/pod-security-standards.md
+++ b/content/en/docs/concepts/security/pod-security-standards.md
@ -236,11 +236,7 @@ well as lower-trust users.The following listed controls should be enforced/disal
 				spec.securityContext.supplementalGroups[*]<br>
 				spec.securityContext.fsGroup<br>
 				spec.containers[*].securityContext.runAsGroup<br>
-				spec.containers[*].securityContext.supplementalGroups[*]<br>
-				spec.containers[*].securityContext.fsGroup<br>
 				spec.initContainers[*].securityContext.runAsGroup<br>
-				spec.initContainers[*].securityContext.supplementalGroups[*]<br>
-				spec.initContainers[*].securityContext.fsGroup<br>
 				<br><b>Allowed Values:</b><br>
 				non-zero<br>
 				undefined / nil (except for `*.runAsGroup`)<br>