Skip to content

Commit

Permalink
[SECURITY] OpenSearch Dashboards pod: allowPrivilegeEscalation set to…
Browse files Browse the repository at this point in the history 
… false (#687)
  • Loading branch information
@gsmith-sas
gsmith-sas authored Oct 9, 2024
1 parent 3a5d64a commit 95072ba
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 0 deletions.
3 changes: 3 additions & 0 deletions CHANGELOG.md
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,9 @@
# SAS Viya Monitoring for Kubernetes

## Unreleased
* **Logging**
* [SECURITY] OpenSearch Dashboards pod securityContext updated to set allowPrivilegeEscalation to 'false'

* **Metrics**
* [SECURITY] Metrics (collected by Kube State Metrics) related to Kubernetes Secret have been disabled
to eliminate the need to grant `list` permission (for Secret resources) to the KSM ClusterRole (see PR#684)
Expand Down
1 change: 1 addition & 0 deletions logging/opensearch/osd_helm_values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -68,3 +68,4 @@ config:
securityContext:
readOnlyRootFilesystem: true
allowPrivilegeEscalation: false

0 comments on commit 95072ba

Please sign in to comment.