​

ves-io-schema-k8s_pod_security_policy-API-Create

Published April 5, 2023 | Last modified June 26, 2025

Examples of creating k8s_pod_security_policy

Usecase:

Create pod-security-policy-1

Request using vesctl:

vesctl configuration create k8s_pod_security_policy -i k8s_pod_security_policy.yaml

where file k8s_pod_security_policy.yaml has following contents (k8s_pod_security_policy.CreateRequest):

RequestJSON:

{
    "metadata": {
        "name": "pod-security-policy-1",
        "namespace": "system"
    },
    "spec": {
        "psp_spec": {
            "no_default_capabilities": {},
            "no_allowed_capabilities": {},
            "no_drop_capabilities": {},
            "volumes": [
                "config"
            ],
            "read_only_root_filesystem": true,
            "host_network": true,
            "no_run_as_user": {},
            "no_run_as_group": {},
            "no_supplemental_groups": {},
            "no_fs_groups": {},
            "no_se_linux_options": {},
            "no_runtime_class": {}
        }
    }
}
Copied!

vesctl yaml response:

ResponseJSON:

{
    "metadata": {
        "name": "pod-security-policy-1",
        "namespace": "system",
        "labels": {},
        "annotations": {},
        "description": "",
        "disable": false
    },
    "system_metadata": {
        "uid": "707df4fc-2f62-457a-b9db-a37e6b57ee2a",
        "creation_timestamp": "2025-06-26T23:55:20.560742Z",
        "deletion_timestamp": null,
        "modification_timestamp": null,
        "initializers": null,
        "finalizers": [],
        "tenant": "acmecorp",
        "creator_class": "examplesvc",
        "creator_id": "examplesvc",
        "object_index": 0,
        "owner_view": null,
        "labels": {}
    },
    "spec": {
        "psp_spec": {
            "privileged": false,
            "allow_privilege_escalation": false,
            "default_allow_privilege_escalation": false,
            "no_default_capabilities": {},
            "no_allowed_capabilities": {},
            "no_drop_capabilities": {},
            "volumes": [
                "config"
            ],
            "allowed_flex_volumes": [],
            "allowed_host_paths": [],
            "allowed_proc_mounts": [],
            "read_only_root_filesystem": true,
            "allowed_csi_drivers": [],
            "host_network": true,
            "host_port_ranges": "",
            "host_ipc": false,
            "host_pid": false,
            "allowed_unsafe_sysctls": [],
            "forbidden_sysctls": [],
            "no_run_as_user": {},
            "no_run_as_group": {},
            "no_supplemental_groups": {},
            "no_fs_groups": {},
            "no_se_linux_options": {},
            "no_runtime_class": {}
        }
    }
}
Copied!

Request using curl:

curl -X 'POST' -d '{"metadata":{"name":"pod-security-policy-1","namespace":"system"},"spec":{"psp_spec":{"no_default_capabilities":{},"no_allowed_capabilities":{},"no_drop_capabilities":{},"volumes":["config"],"read_only_root_filesystem":true,"host_network":true,"no_run_as_user":{},"no_run_as_group":{},"no_supplemental_groups":{},"no_fs_groups":{},"no_se_linux_options":{},"no_runtime_class":{}}}}' -H 'Content-Type: application/json' -H 'X-Volterra-Useragent: v1/pgm=_var_folders_q2_3kp8z3zs0x5_m7pk1bgb0_ph0000gp_T_go-build336959812_b001_apidocs.test/host=MTY6VVHQPH/svc=S:examplesvc/site=mytestce01' 'https://acmecorp.console.ves.volterra.io/api/config/namespaces/system/k8s_pod_security_policys'
Copied!

curl response:

HTTP/1.1 200 OK
Content-Type: application/json
Date: Thu, 26 Jun 2025 23:55:20 GMT
Vary: Accept-Encoding

{
  "metadata": {
    "name": "pod-security-policy-1",
    "namespace": "system",
    "labels": {
    },
    "annotations": {
    },
    "description": "",
    "disable": false
  },
  "system_metadata": {
    "uid": "707df4fc-2f62-457a-b9db-a37e6b57ee2a",
    "creation_timestamp": "2025-06-26T23:55:20.560742Z",
    "deletion_timestamp": null,
    "modification_timestamp": null,
    "initializers": null,
    "finalizers": [
    ],
    "tenant": "acmecorp",
    "creator_class": "examplesvc",
    "creator_id": "examplesvc",
    "object_index": 0,
    "owner_view": null,
    "labels": {
    }
  },
  "spec": {
    "psp_spec": {
      "privileged": false,
      "allow_privilege_escalation": false,
      "default_allow_privilege_escalation": false,
      "no_default_capabilities": {

      },
      "no_allowed_capabilities": {

      },
      "no_drop_capabilities": {

      },
      "volumes": [
        "config"
      ],
      "allowed_flex_volumes": [
      ],
      "allowed_host_paths": [
      ],
      "allowed_proc_mounts": [
      ],
      "read_only_root_filesystem": true,
      "allowed_csi_drivers": [
      ],
      "host_network": true,
      "host_port_ranges": "",
      "host_ipc": false,
      "host_pid": false,
      "allowed_unsafe_sysctls": [
      ],
      "forbidden_sysctls": [
      ],
      "no_run_as_user": {

      },
      "no_run_as_group": {

      },
      "no_supplemental_groups": {

      },
      "no_fs_groups": {

      },
      "no_se_linux_options": {

      },
      "no_runtime_class": {

      }
    }
  }
}
Copied!
On this page: