falco/test/trace_files/psp/flex_volumes.json

{"kind":"Event","apiVersion":"audit.k8s.io/v1","level":"RequestResponse","auditID":"68be6685-eca7-462a-ab53-ae65960ba638","stage":"ResponseComplete","requestURI":"/api/v1/namespaces/default/pods","verb":"create","user":{"username":"system:serviceaccount:kube-system:replicaset-controller","uid":"bf8cf9ba-944c-11e9-a1a5-080027cac2d9","groups":["system:serviceaccounts","system:serviceaccounts:kube-system","system:authenticated"]},"sourceIPs":["127.0.0.1"],"userAgent":"kube-controller-manager/v1.13.2 (linux/amd64) kubernetes/cff46ab/system:serviceaccount:kube-system:replicaset-controller","objectRef":{"resource":"pods","namespace":"default","apiVersion":"v1"},"responseStatus":{"metadata":{},"code":201},"requestObject":{"kind":"Pod","apiVersion":"v1","metadata":{"generateName":"nginx-deployment-5575fc4cfd-","creationTimestamp":null,"labels":{"app":"nginx","pod-template-hash":"5575fc4cfd"},"ownerReferences":[{"apiVersion":"apps/v1","kind":"ReplicaSet","name":"nginx-deployment-5575fc4cfd","uid":"bbdbd8fe-9459-11e9-9dc6-080027cac2d9","controller":true,"blockOwnerDeletion":true}]},"spec":{"volumes":[{"name":"dummy-tmp","flexVolume":{"driver":"dummy/dummy"}}],"containers":[{"name":"nginx1","image":"nginx","resources":{},"volumeMounts":[{"name":"dummy-tmp","mountPath":"/dummy/tmp"}],"terminationMessagePath":"/dev/termination-log","terminationMessagePolicy":"File","imagePullPolicy":"Always"}],"restartPolicy":"Always","terminationGracePeriodSeconds":30,"dnsPolicy":"ClusterFirst","securityContext":{},"schedulerName":"default-scheduler","enableServiceLinks":true},"status":{}},"responseObject":{"kind":"Pod","apiVersion":"v1","metadata":{"name":"nginx-deployment-5575fc4cfd-95vmv","generateName":"nginx-deployment-5575fc4cfd-","namespace":"default","selfLink":"/api/v1/namespaces/default/pods/nginx-deployment-5575fc4cfd-95vmv","uid":"bbde0eec-9459-11e9-9dc6-080027cac2d9","resourceVersion":"7185","creationTimestamp":"2019-06-21T19:21:13Z","labels":{"app":"nginx","pod-template-hash":"5575fc4cfd"},"ownerReferences":[{"apiVersion":"apps/v1","kind":"ReplicaSet","name":"nginx-deployment-5575fc4cfd","uid":"bbdbd8fe-9459-11e9-9dc6-080027cac2d9","controller":true,"blockOwnerDeletion":true}]},"spec":{"volumes":[{"name":"dummy-tmp","flexVolume":{"driver":"dummy/dummy"}},{"name":"default-token-fxt67","secret":{"secretName":"default-token-fxt67","defaultMode":420}}],"containers":[{"name":"nginx1","image":"nginx","resources":{},"volumeMounts":[{"name":"dummy-tmp","mountPath":"/dummy/tmp"},{"name":"default-token-fxt67","readOnly":true,"mountPath":"/var/run/secrets/kubernetes.io/serviceaccount"}],"terminationMessagePath":"/dev/termination-log","terminationMessagePolicy":"File","imagePullPolicy":"Always"}],"restartPolicy":"Always","terminationGracePeriodSeconds":30,"dnsPolicy":"ClusterFirst","serviceAccountName":"default","serviceAccount":"default","securityContext":{},"schedulerName":"default-scheduler","tolerations":[{"key":"node.kubernetes.io/not-ready","operator":"Exists","effect":"NoExecute","tolerationSeconds":300},{"key":"node.kubernetes.io/unreachable","operator":"Exists","effect":"NoExecute","tolerationSeconds":300}],"priority":0,"enableServiceLinks":true},"status":{"phase":"Pending","qosClass":"BestEffort"}},"requestReceivedTimestamp":"2019-06-21T19:21:13.637829Z","stageTimestamp":"2019-06-21T19:21:13.648070Z","annotations":{"authorization.k8s.io/decision":"allow","authorization.k8s.io/reason":"RBAC: allowed by ClusterRoleBinding \"system:controller:replicaset-controller\" of ClusterRole \"system:controller:replicaset-controller\" to ServiceAccount \"replicaset-controller/kube-system\""}}