* The security context for a job. For more information, see Configure a security context for a * pod or container in the Kubernetes documentation. *
* * @see AWS * API Documentation */ @Generated("com.amazonaws:aws-java-sdk-code-generator") public class EksContainerSecurityContext implements Serializable, Cloneable, StructuredPojo { /** *
* When this parameter is specified, the container is run as the specified user ID (uid). If this
* parameter isn't specified, the default is the user that's specified in the image metadata. This parameter maps to
* RunAsUser and MustRanAs policy in the Users and groups pod
* security policies in the Kubernetes documentation.
*
* When this parameter is specified, the container is run as the specified group ID (gid). If this
* parameter isn't specified, the default is the group that's specified in the image metadata. This parameter maps
* to RunAsGroup and MustRunAs policy in the Users and groups pod
* security policies in the Kubernetes documentation.
*
* When this parameter is true, the container is given elevated permissions on the host container
* instance. The level of permissions are similar to the root user permissions. The default value is
* false. This parameter maps to privileged policy in the Privileged pod security
* policies in the Kubernetes documentation.
*
* When this parameter is true, the container is given read-only access to its root file system. The
* default value is false. This parameter maps to ReadOnlyRootFilesystem policy in the Volumes and
* file systems pod security policies in the Kubernetes documentation.
*
* When this parameter is specified, the container is run as a user with a uid other than 0. If this
* parameter isn't specified, so such rule is enforced. This parameter maps to RunAsUser and
* MustRunAsNonRoot policy in the Users and groups pod
* security policies in the Kubernetes documentation.
*
* When this parameter is specified, the container is run as the specified user ID (uid). If this
* parameter isn't specified, the default is the user that's specified in the image metadata. This parameter maps to
* RunAsUser and MustRanAs policy in the Users and groups pod
* security policies in the Kubernetes documentation.
*
uid). If
* this parameter isn't specified, the default is the user that's specified in the image metadata. This
* parameter maps to RunAsUser and MustRanAs policy in the Users and groups
* pod security policies in the Kubernetes documentation.
*/
public void setRunAsUser(Long runAsUser) {
this.runAsUser = runAsUser;
}
/**
*
* When this parameter is specified, the container is run as the specified user ID (uid). If this
* parameter isn't specified, the default is the user that's specified in the image metadata. This parameter maps to
* RunAsUser and MustRanAs policy in the Users and groups pod
* security policies in the Kubernetes documentation.
*
uid). If
* this parameter isn't specified, the default is the user that's specified in the image metadata. This
* parameter maps to RunAsUser and MustRanAs policy in the Users and
* groups pod security policies in the Kubernetes documentation.
*/
public Long getRunAsUser() {
return this.runAsUser;
}
/**
*
* When this parameter is specified, the container is run as the specified user ID (uid). If this
* parameter isn't specified, the default is the user that's specified in the image metadata. This parameter maps to
* RunAsUser and MustRanAs policy in the Users and groups pod
* security policies in the Kubernetes documentation.
*
uid). If
* this parameter isn't specified, the default is the user that's specified in the image metadata. This
* parameter maps to RunAsUser and MustRanAs policy in the Users and groups
* pod security policies in the Kubernetes documentation.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public EksContainerSecurityContext withRunAsUser(Long runAsUser) {
setRunAsUser(runAsUser);
return this;
}
/**
*
* When this parameter is specified, the container is run as the specified group ID (gid). If this
* parameter isn't specified, the default is the group that's specified in the image metadata. This parameter maps
* to RunAsGroup and MustRunAs policy in the Users and groups pod
* security policies in the Kubernetes documentation.
*
gid). If
* this parameter isn't specified, the default is the group that's specified in the image metadata. This
* parameter maps to RunAsGroup and MustRunAs policy in the Users and groups
* pod security policies in the Kubernetes documentation.
*/
public void setRunAsGroup(Long runAsGroup) {
this.runAsGroup = runAsGroup;
}
/**
*
* When this parameter is specified, the container is run as the specified group ID (gid). If this
* parameter isn't specified, the default is the group that's specified in the image metadata. This parameter maps
* to RunAsGroup and MustRunAs policy in the Users and groups pod
* security policies in the Kubernetes documentation.
*
gid). If
* this parameter isn't specified, the default is the group that's specified in the image metadata. This
* parameter maps to RunAsGroup and MustRunAs policy in the Users and
* groups pod security policies in the Kubernetes documentation.
*/
public Long getRunAsGroup() {
return this.runAsGroup;
}
/**
*
* When this parameter is specified, the container is run as the specified group ID (gid). If this
* parameter isn't specified, the default is the group that's specified in the image metadata. This parameter maps
* to RunAsGroup and MustRunAs policy in the Users and groups pod
* security policies in the Kubernetes documentation.
*
gid). If
* this parameter isn't specified, the default is the group that's specified in the image metadata. This
* parameter maps to RunAsGroup and MustRunAs policy in the Users and groups
* pod security policies in the Kubernetes documentation.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public EksContainerSecurityContext withRunAsGroup(Long runAsGroup) {
setRunAsGroup(runAsGroup);
return this;
}
/**
*
* When this parameter is true, the container is given elevated permissions on the host container
* instance. The level of permissions are similar to the root user permissions. The default value is
* false. This parameter maps to privileged policy in the Privileged pod security
* policies in the Kubernetes documentation.
*
true, the container is given elevated permissions on the host
* container instance. The level of permissions are similar to the root user permissions. The
* default value is false. This parameter maps to privileged policy in the Privileged pod
* security policies in the Kubernetes documentation.
*/
public void setPrivileged(Boolean privileged) {
this.privileged = privileged;
}
/**
*
* When this parameter is true, the container is given elevated permissions on the host container
* instance. The level of permissions are similar to the root user permissions. The default value is
* false. This parameter maps to privileged policy in the Privileged pod security
* policies in the Kubernetes documentation.
*
true, the container is given elevated permissions on the host
* container instance. The level of permissions are similar to the root user permissions. The
* default value is false. This parameter maps to privileged policy in the Privileged pod
* security policies in the Kubernetes documentation.
*/
public Boolean getPrivileged() {
return this.privileged;
}
/**
*
* When this parameter is true, the container is given elevated permissions on the host container
* instance. The level of permissions are similar to the root user permissions. The default value is
* false. This parameter maps to privileged policy in the Privileged pod security
* policies in the Kubernetes documentation.
*
true, the container is given elevated permissions on the host
* container instance. The level of permissions are similar to the root user permissions. The
* default value is false. This parameter maps to privileged policy in the Privileged pod
* security policies in the Kubernetes documentation.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public EksContainerSecurityContext withPrivileged(Boolean privileged) {
setPrivileged(privileged);
return this;
}
/**
*
* When this parameter is true, the container is given elevated permissions on the host container
* instance. The level of permissions are similar to the root user permissions. The default value is
* false. This parameter maps to privileged policy in the Privileged pod security
* policies in the Kubernetes documentation.
*
true, the container is given elevated permissions on the host
* container instance. The level of permissions are similar to the root user permissions. The
* default value is false. This parameter maps to privileged policy in the Privileged pod
* security policies in the Kubernetes documentation.
*/
public Boolean isPrivileged() {
return this.privileged;
}
/**
*
* When this parameter is true, the container is given read-only access to its root file system. The
* default value is false. This parameter maps to ReadOnlyRootFilesystem policy in the Volumes and
* file systems pod security policies in the Kubernetes documentation.
*
true, the container is given read-only access to its root file system.
* The default value is false. This parameter maps to ReadOnlyRootFilesystem policy
* in the Volumes
* and file systems pod security policies in the Kubernetes documentation.
*/
public void setReadOnlyRootFilesystem(Boolean readOnlyRootFilesystem) {
this.readOnlyRootFilesystem = readOnlyRootFilesystem;
}
/**
*
* When this parameter is true, the container is given read-only access to its root file system. The
* default value is false. This parameter maps to ReadOnlyRootFilesystem policy in the Volumes and
* file systems pod security policies in the Kubernetes documentation.
*
true, the container is given read-only access to its root file
* system. The default value is false. This parameter maps to
* ReadOnlyRootFilesystem policy in the Volumes
* and file systems pod security policies in the Kubernetes documentation.
*/
public Boolean getReadOnlyRootFilesystem() {
return this.readOnlyRootFilesystem;
}
/**
*
* When this parameter is true, the container is given read-only access to its root file system. The
* default value is false. This parameter maps to ReadOnlyRootFilesystem policy in the Volumes and
* file systems pod security policies in the Kubernetes documentation.
*
true, the container is given read-only access to its root file system.
* The default value is false. This parameter maps to ReadOnlyRootFilesystem policy
* in the Volumes
* and file systems pod security policies in the Kubernetes documentation.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public EksContainerSecurityContext withReadOnlyRootFilesystem(Boolean readOnlyRootFilesystem) {
setReadOnlyRootFilesystem(readOnlyRootFilesystem);
return this;
}
/**
*
* When this parameter is true, the container is given read-only access to its root file system. The
* default value is false. This parameter maps to ReadOnlyRootFilesystem policy in the Volumes and
* file systems pod security policies in the Kubernetes documentation.
*
true, the container is given read-only access to its root file
* system. The default value is false. This parameter maps to
* ReadOnlyRootFilesystem policy in the Volumes
* and file systems pod security policies in the Kubernetes documentation.
*/
public Boolean isReadOnlyRootFilesystem() {
return this.readOnlyRootFilesystem;
}
/**
*
* When this parameter is specified, the container is run as a user with a uid other than 0. If this
* parameter isn't specified, so such rule is enforced. This parameter maps to RunAsUser and
* MustRunAsNonRoot policy in the Users and groups pod
* security policies in the Kubernetes documentation.
*
uid other than 0. If
* this parameter isn't specified, so such rule is enforced. This parameter maps to RunAsUser
* and MustRunAsNonRoot policy in the Users and groups
* pod security policies in the Kubernetes documentation.
*/
public void setRunAsNonRoot(Boolean runAsNonRoot) {
this.runAsNonRoot = runAsNonRoot;
}
/**
*
* When this parameter is specified, the container is run as a user with a uid other than 0. If this
* parameter isn't specified, so such rule is enforced. This parameter maps to RunAsUser and
* MustRunAsNonRoot policy in the Users and groups pod
* security policies in the Kubernetes documentation.
*
uid other than 0. If
* this parameter isn't specified, so such rule is enforced. This parameter maps to RunAsUser
* and MustRunAsNonRoot policy in the Users and
* groups pod security policies in the Kubernetes documentation.
*/
public Boolean getRunAsNonRoot() {
return this.runAsNonRoot;
}
/**
*
* When this parameter is specified, the container is run as a user with a uid other than 0. If this
* parameter isn't specified, so such rule is enforced. This parameter maps to RunAsUser and
* MustRunAsNonRoot policy in the Users and groups pod
* security policies in the Kubernetes documentation.
*
uid other than 0. If
* this parameter isn't specified, so such rule is enforced. This parameter maps to RunAsUser
* and MustRunAsNonRoot policy in the Users and groups
* pod security policies in the Kubernetes documentation.
* @return Returns a reference to this object so that method calls can be chained together.
*/
public EksContainerSecurityContext withRunAsNonRoot(Boolean runAsNonRoot) {
setRunAsNonRoot(runAsNonRoot);
return this;
}
/**
*
* When this parameter is specified, the container is run as a user with a uid other than 0. If this
* parameter isn't specified, so such rule is enforced. This parameter maps to RunAsUser and
* MustRunAsNonRoot policy in the Users and groups pod
* security policies in the Kubernetes documentation.
*
uid other than 0. If
* this parameter isn't specified, so such rule is enforced. This parameter maps to RunAsUser
* and MustRunAsNonRoot policy in the Users and
* groups pod security policies in the Kubernetes documentation.
*/
public Boolean isRunAsNonRoot() {
return this.runAsNonRoot;
}
/**
* Returns a string representation of this object. This is useful for testing and debugging. Sensitive data will be
* redacted from this string using a placeholder value.
*
* @return A string representation of this object.
*
* @see java.lang.Object#toString()
*/
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("{");
if (getRunAsUser() != null)
sb.append("RunAsUser: ").append(getRunAsUser()).append(",");
if (getRunAsGroup() != null)
sb.append("RunAsGroup: ").append(getRunAsGroup()).append(",");
if (getPrivileged() != null)
sb.append("Privileged: ").append(getPrivileged()).append(",");
if (getReadOnlyRootFilesystem() != null)
sb.append("ReadOnlyRootFilesystem: ").append(getReadOnlyRootFilesystem()).append(",");
if (getRunAsNonRoot() != null)
sb.append("RunAsNonRoot: ").append(getRunAsNonRoot());
sb.append("}");
return sb.toString();
}
@Override
public boolean equals(Object obj) {
if (this == obj)
return true;
if (obj == null)
return false;
if (obj instanceof EksContainerSecurityContext == false)
return false;
EksContainerSecurityContext other = (EksContainerSecurityContext) obj;
if (other.getRunAsUser() == null ^ this.getRunAsUser() == null)
return false;
if (other.getRunAsUser() != null && other.getRunAsUser().equals(this.getRunAsUser()) == false)
return false;
if (other.getRunAsGroup() == null ^ this.getRunAsGroup() == null)
return false;
if (other.getRunAsGroup() != null && other.getRunAsGroup().equals(this.getRunAsGroup()) == false)
return false;
if (other.getPrivileged() == null ^ this.getPrivileged() == null)
return false;
if (other.getPrivileged() != null && other.getPrivileged().equals(this.getPrivileged()) == false)
return false;
if (other.getReadOnlyRootFilesystem() == null ^ this.getReadOnlyRootFilesystem() == null)
return false;
if (other.getReadOnlyRootFilesystem() != null && other.getReadOnlyRootFilesystem().equals(this.getReadOnlyRootFilesystem()) == false)
return false;
if (other.getRunAsNonRoot() == null ^ this.getRunAsNonRoot() == null)
return false;
if (other.getRunAsNonRoot() != null && other.getRunAsNonRoot().equals(this.getRunAsNonRoot()) == false)
return false;
return true;
}
@Override
public int hashCode() {
final int prime = 31;
int hashCode = 1;
hashCode = prime * hashCode + ((getRunAsUser() == null) ? 0 : getRunAsUser().hashCode());
hashCode = prime * hashCode + ((getRunAsGroup() == null) ? 0 : getRunAsGroup().hashCode());
hashCode = prime * hashCode + ((getPrivileged() == null) ? 0 : getPrivileged().hashCode());
hashCode = prime * hashCode + ((getReadOnlyRootFilesystem() == null) ? 0 : getReadOnlyRootFilesystem().hashCode());
hashCode = prime * hashCode + ((getRunAsNonRoot() == null) ? 0 : getRunAsNonRoot().hashCode());
return hashCode;
}
@Override
public EksContainerSecurityContext clone() {
try {
return (EksContainerSecurityContext) super.clone();
} catch (CloneNotSupportedException e) {
throw new IllegalStateException("Got a CloneNotSupportedException from Object.clone() " + "even though we're Cloneable!", e);
}
}
@com.amazonaws.annotation.SdkInternalApi
@Override
public void marshall(ProtocolMarshaller protocolMarshaller) {
com.amazonaws.services.batch.model.transform.EksContainerSecurityContextMarshaller.getInstance().marshall(this, protocolMarshaller);
}
}