@Generated(value="software.amazon.awssdk:codegen") public final class KernelCapabilities extends Object implements StructuredPojo, ToCopyableBuilder<KernelCapabilities.Builder,KernelCapabilities>
The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker. For more information on the default capabilities and the non-default available capabilities, see Runtime privilege and Linux capabilities in the Docker run reference. For more detailed information on these Linux capabilities, see the capabilities(7) Linux manual page.
Modifier and Type | Class and Description |
---|---|
static interface |
KernelCapabilities.Builder |
Modifier and Type | Method and Description |
---|---|
List<String> |
add()
The Linux capabilities for the container that have been added to the default configuration provided by Docker.
|
static KernelCapabilities.Builder |
builder() |
List<String> |
drop()
The Linux capabilities for the container that have been removed from the default configuration provided by
Docker.
|
boolean |
equals(Object obj) |
<T> Optional<T> |
getValueForField(String fieldName,
Class<T> clazz) |
int |
hashCode() |
void |
marshall(ProtocolMarshaller protocolMarshaller)
Marshalls this structured data using the given
ProtocolMarshaller . |
static Class<? extends KernelCapabilities.Builder> |
serializableBuilderClass() |
KernelCapabilities.Builder |
toBuilder()
Take this object and create a builder that contains all of the current property values of this object.
|
String |
toString() |
copy
public List<String> add()
The Linux capabilities for the container that have been added to the default configuration provided by Docker.
This parameter maps to CapAdd
in the Create a
container section of the Docker Remote API and the
--cap-add
option to docker run.
Valid values:
"ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"
Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.
CapAdd
in the Create a
container section of the Docker Remote API and
the --cap-add
option to docker
run.
Valid values:
"ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"
public List<String> drop()
The Linux capabilities for the container that have been removed from the default configuration provided by
Docker. This parameter maps to CapDrop
in the Create a
container section of the Docker Remote API and the
--cap-drop
option to docker run.
Valid values:
"ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"
Attempts to modify the collection returned by this method will result in an UnsupportedOperationException.
CapDrop
in the Create a
container section of the Docker Remote API and
the --cap-drop
option to docker
run.
Valid values:
"ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"
public KernelCapabilities.Builder toBuilder()
ToCopyableBuilder
toBuilder
in interface ToCopyableBuilder<KernelCapabilities.Builder,KernelCapabilities>
public static KernelCapabilities.Builder builder()
public static Class<? extends KernelCapabilities.Builder> serializableBuilderClass()
public void marshall(ProtocolMarshaller protocolMarshaller)
StructuredPojo
ProtocolMarshaller
.marshall
in interface StructuredPojo
protocolMarshaller
- Implementation of ProtocolMarshaller
used to marshall this object's data.Copyright © 2017 Amazon Web Services, Inc. All Rights Reserved.