X-Git-Url: https://gerrit.akraino.org/r/gitweb?a=blobdiff_plain;f=rbac_manifests%2Fcaas-infra-psp.yaml;h=c9327517420452f6e2e5e97434ca65befdc5b046;hb=c3fdf94a5e2dc9b501b1e10bc189b16d656bc266;hp=8392e8733754e721c6cf7ee152af625c4ad10b6e;hpb=c177c44e5d4c49eeb51b44487a614b865f8bf002;p=ta%2Fcaas-security.git

diff --git a/rbac_manifests/caas-infra-psp.yaml b/rbac_manifests/caas-infra-psp.yaml
index 8392e87..c932751 100644
--- a/rbac_manifests/caas-infra-psp.yaml
+++ b/rbac_manifests/caas-infra-psp.yaml
@@ -13,7 +13,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-apiVersion: extensions/v1beta1
+apiVersion: policy/v1beta1
 kind: PodSecurityPolicy
 metadata:
   name: caas-infra
@@ -41,6 +41,8 @@ spec:
     rule: RunAsAny
   allowedCapabilities:
     - NET_BIND_SERVICE
+    - SETGID
+    - SETUID
     - ALL
     - IPC_LOCK
     - SYS_RESOURCE