← Back
SCC
anyuid
Configuration
priority 10 allowPrivilegedContainer False allowPrivilegeEscalation True allowHostNetwork False allowHostPID False allowHostIPC False readOnlyRootFilesystem runAsUser.type RunAsAny
Granted to
Users (2)
Groups (2)
engineers
system:serviceaccounts:mine-platform
Resurrectable ServiceAccount grants (1)
These entries in scc.users address a ServiceAccount that
no longer exists. SCC admission matches by name string, so recreating
the SA reactivates this SCC's posture for any pod the SA admits.
Pods admitted under this SCC (3)
Expandable summaries below show namespaces, images, and every pod admitted with this SCC. Click a summary row to open the table.
By namespace (2)
By image (3)
All admitted pods (3)
Subjects that can use this SCC (4 of 15)
Direct SCC grants and RBAC use grants. Ghost ServiceAccounts
here are potential admissions: recreating the same SA name reactivates
the SCC grant.
Subject Created State Granted via Scope / note
User
alice
1y
user present
ClusterRoleBinding/platform-admins-cluster-admin (via platform-admins)
(RBAC use grant)
can use this SCC now if authenticated
User
nina-onboarding
ghost
1y
user missing
scc.groups/engineers
(SCC group list)
future user with this name would inherit access that can use this SCC
User
alice
1y
user present
scc.groups/engineers
(SCC group list)
can use this SCC now if authenticated
User
eve
1y
user present
scc.groups/engineers
(SCC group list)
can use this SCC now if authenticated