sigs.k8s.io/external-dns@v0.14.1/docs/tutorials/security-context.md

sigs.k8s.io/external-dns@v0.14.1/docs/tutorials/security-context.md (about)

     1  # Running ExternalDNS with limited privileges
     2  
     3  You can run ExternalDNS with reduced privileges since `v0.5.6` using the following `SecurityContext`.
     4  
     5  ```yaml
     6  apiVersion: apps/v1
     7  kind: Deployment
     8  metadata:
     9    name: external-dns
    10  spec:
    11    strategy:
    12      type: Recreate
    13    selector:
    14      matchLabels:
    15        app: external-dns
    16    template:
    17      metadata:
    18        labels:
    19          app: external-dns
    20      spec:
    21        containers:
    22        - name: external-dns
    23          image: registry.k8s.io/external-dns/external-dns:v0.14.0
    24          args:
    25          - ... # your arguments here
    26          securityContext:
    27            runAsNonRoot: true
    28            runAsUser: 65534
    29            readOnlyRootFilesystem: true
    30            capabilities:
    31              drop: ["ALL"]
    32  ```