Capability update

[ta/caas-security.git] / rbac_manifests / caas-infra-psp.yaml

diff --git a/rbac_manifests/caas-infra-psp.yaml b/rbac_manifests/caas-infra-psp.yaml
index 8392e87..96105ac 100644 (file)
--- a/rbac_manifests/caas-infra-psp.yaml
+++ b/rbac_manifests/caas-infra-psp.yaml
@@ -41,6 +41,8 @@ spec:
     rule: RunAsAny
   allowedCapabilities:
     - NET_BIND_SERVICE
+    - SETGID
+    - SETUID
     - ALL
     - IPC_LOCK
     - SYS_RESOURCE