# Create SCC for IC resources kind: SecurityContextConstraints apiVersion: security.openshift.io/v1 metadata: name: nginx-ingress-admin allowPrivilegedContainer: true runAsUser: type: MustRunAs uid: 101 seLinuxContext: type: MustRunAs fsGroup: type: MustRunAs supplementalGroups: type: MustRunAs allowHostNetwork: false allowHostPID: false allowHostPorts: false allowHostDirVolumePlugin: false allowHostIPC: false readOnlyRootFilesystem: false volumes: - secret defaultAddCapabilities: - "NET_BIND_SERVICE" requiredDropCapabilities: - ALL users: - 'system:serviceaccount:*:nginx-ingress'