How to use the @pulumi/kubernetes.policy function in @pulumi/kubernetes
To help you get started, we’ve selected a few @pulumi/kubernetes examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
pulumi / kubernetes-guides / azure / 03-cluster-configuration / index.ts View on Github 
"storageaccounttype": "Premium_LRS",
"kind": "Managed"
},
}, { provider: provider });
// Create a Persistent Volume Claim on the StorageClass.
const myPvc = new k8s.core.v1.PersistentVolumeClaim("mypvc", {
spec: {
accessModes: ["ReadWriteOnce"],
storageClassName: sc.metadata.name,
resources: {requests: {storage: "1Gi"}}
}
}, { provider: provider });
// Create a restrictive PodSecurityPolicy.
const restrictivePSP = new k8s.policy.v1beta1.PodSecurityPolicy("demo-restrictive", {
metadata: { name: "demo-restrictive" },
spec: {
privileged: false,
hostNetwork: false,
allowPrivilegeEscalation: false,
defaultAllowPrivilegeEscalation: false,
hostPID: false,
hostIPC: false,
runAsUser: { rule: "RunAsAny" },
fsGroup: { rule: "RunAsAny" },
seLinux: { rule: "RunAsAny" },
supplementalGroups: { rule: "RunAsAny" },
volumes: [
"configMap",
"downwardAPI",
"emptyDir",spec: {
accessModes: ["ReadWriteOnce"],
storageClassName: name,
resources: {requests: {storage: "1Gi"}}
}
},
{ provider: cluster.provider }
);
}
});
});
}
}
// Create a restrictive PodSecurityPolicy.
const restrictivePSP = new k8s.policy.v1beta1.PodSecurityPolicy("demo-restrictive", {
metadata: { name: "demo-restrictive" },
spec: {
privileged: false,
hostNetwork: false,
allowPrivilegeEscalation: false,
defaultAllowPrivilegeEscalation: false,
hostPID: false,
hostIPC: false,
runAsUser: { rule: "RunAsAny" },
fsGroup: { rule: "RunAsAny" },
seLinux: { rule: "RunAsAny" },
supplementalGroups: { rule: "RunAsAny" },
volumes: [
"configMap",
"downwardAPI",
"emptyDir",{ provider: provider }
);
// Create a Persistent Volume Claim on the StorageClass.
const myPvc = new k8s.core.v1.PersistentVolumeClaim("mypvc", {
spec: {
accessModes: ["ReadWriteOnce"],
storageClassName: sc.metadata.name,
resources: {requests: {storage: "1Gi"}}
}
},
{ provider: provider }
);
// Create a restrictive PodSecurityPolicy.
const restrictivePSP = new k8s.policy.v1beta1.PodSecurityPolicy("demo-restrictive", {
metadata: { name: "demo-restrictive" },
spec: {
privileged: false,
hostNetwork: false,
allowPrivilegeEscalation: false,
defaultAllowPrivilegeEscalation: false,
hostPID: false,
hostIPC: false,
runAsUser: { rule: "RunAsAny" },
fsGroup: { rule: "RunAsAny" },
seLinux: { rule: "RunAsAny" },
supplementalGroups: { rule: "RunAsAny" },
volumes: [
"configMap",
"downwardAPI",
"emptyDir",export function makePodDisruptionBudget(
name: string,
args: PodDisruptionBudgetArgs,
): k8s.policy.v1beta1.PodDisruptionBudget {
return new k8s.policy.v1beta1.PodDisruptionBudget(
name,
{
metadata: {
labels: args.labels,
namespace: args.namespace,
},
spec: {
minAvailable: args.minAvailable,
selector: { matchLabels: args.labels },
},
},
{
provider: args.provider,
},
);
}@pulumi/kubernetes
[](https://travis-ci.com/pulumi/pulumi-kubernetes) [](https://slack.pulumi.com) [
Package Health Score
92 / 100Popular @pulumi/kubernetes functions
- @pulumi/kubernetes.apiextensions
- @pulumi/kubernetes.apps
- @pulumi/kubernetes.batch
- @pulumi/kubernetes.core
- @pulumi/kubernetes.extensions
- @pulumi/kubernetes.helm
- @pulumi/kubernetes.policy
- @pulumi/kubernetes.Provider
- @pulumi/kubernetes.rbac
- @pulumi/kubernetes.storage
- @pulumi/kubernetes.yaml
- @pulumi/kubernetes/helm.v2