apiVersion: security.openshift.io/v1
kind: SecurityContextConstraints
metadata:
  name: minio-restricted
allowHostDirVolumePlugin: false
allowHostIPC: false
allowHostNetwork: false
allowHostPID: false
allowHostPorts: false
allowPrivilegeEscalation: false
allowPrivilegedContainer: false
allowedCapabilities: null
defaultAddCapabilities: null
fsGroup:
  type: MustRunAs
  ranges:
    - min: 1000
      max: 1000
priority: null
readOnlyRootFilesystem: false
requiredDropCapabilities:
  - MKNOD
  - ALL
runAsUser:
  type: MustRunAs
  uid: 501
seLinuxContext:
  type: MustRunAs
supplementalGroups:
  type: RunAsAny
volumes:
  - configMap
  - downwardAPI
  - emptyDir
  - persistentVolumeClaim
  - projected
  - secret