Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
To improve security, we recommend that you don't run as a root user inside containers that are hosted on Azure Kubernetes Service. To run the container as a nonroot user, specify the following securityContextsettings in the YAML file when you deploy a pod or other Azure Kubernetes resources.
SecurityContext
- Resource: Pod / Deployment / DaemonSet / StatefulSet / ReplicaSet / ReplicationController / Job / CronJob
- Arguments:
- runAsNonRoot (Optional): If it's true, the container operates without root privileges. Default is false.
- runAsUser (Optional): If user number is anything other than 0 (root), the container runs by using that user ID (not the root user).
By default, the securityContext field is empty ({}). To implement these fields in the YAML file, see Configure a security context for a pod or container. After you add these configurations, redeploy the pods to enforce the updates. If the securityContext field is omitted, the pod runs as root.
Contact us for help
If you have questions or need help, create a support request, or ask Azure community support. You can also submit product feedback to Azure feedback community.