postee Permission issues on EKS

Permission issues on EKS

Open simar7 opened this issue 1 year ago • 3 comments

Description

A user reported permission issues when running on EKS. See screenshot below for details.

What did you expect to happen?

No permission issues

What happened instead?

Output of run with `POSTEE_DEBUG=true`:

No response

Additional details (environment setup, networking info...):

EKS cluster 1.20 version Deployed using helm chart with FluxCD 0.33.0

Sep 16 '22 17:09 simar7

Fixed by adding podSecurityContext: fsGroup: 1099 It should be activated by default https://github.com/aquasecurity/postee/blob/main/deploy/helm/postee/values.yaml#L37-L46

    podSecurityContext:
      fsGroup: 1099
    securityContext:
      runAsUser: 1099
      runAsGroup: 1099

Sep 23 '22 12:09 grglzrv

Fixed by adding podSecurityContext: fsGroup: 1099 It should be activated by default https://github.com/aquasecurity/postee/blob/main/deploy/helm/postee/values.yaml#L37-L46
    podSecurityContext:
      fsGroup: 1099
    securityContext:
      runAsUser: 1099
      runAsGroup: 1099

thanks for looking into this @grglzrv - are you suggesting the values should be set to default as the following?

    podSecurityContext:
      fsGroup: 1099
    securityContext:
      runAsUser: 1099
      runAsGroup: 1099

Sep 23 '22 22:09 simar7

yes

Sep 23 '22 23:09 grglzrv

postee postee copied to clipboard

Permission issues on EKS

Description

What did you expect to happen?

What happened instead?

Output of run with POSTEE_DEBUG=true:

Additional details (environment setup, networking info...):

postee
postee copied to clipboard

Output of run with `POSTEE_DEBUG=true`: