Core How to configure a security context

How to configure a security context

Overview

By default, Polyaxon operations run without a security context, and pods run as root. Sometimes you might even need to run pods with privileged security, for examples the dockerizer component.

Usage

If you need to configure a security context for your jobs and services, you can use the environment.SecurityContext section:

kind: component
...
run:
  kind: ...
  environment:
    securityContext:
    runAsUser: 1000
    runAsGroup: 3000
    fsGroup: 2000

If you are running a distributed operation, you can provide a security context per replica as well.

Global configuration

If you to define a security context globally, we suggest creating a preset. If you are using Polyaxon Cloud or Polyaxon EE, you can add the security context definition to the default organization’s preset or the default project’s preset.

Using Kubernetes Entities

Using service accounts

Using Kubernetes Entities

Mounting volumes manually

Version

This is the docs of the latest stable version.

Improve this page!

If you spot a typo or have a suggestion to make this page better, please make a contribution to improve the documentation.

Update this page

Have a feedback?

We do our best to make this documentation clear and user friendly, if you see anything that is incorrect or have any questions, feel free to reach out!

Send Feedback