diff --git a/apis/project.cattle.io/v3/schema/schema.go b/apis/project.cattle.io/v3/schema/schema.go
index c653e4b3..cec5dff0 100644
--- a/apis/project.cattle.io/v3/schema/schema.go
+++ b/apis/project.cattle.io/v3/schema/schema.go
@@ -448,6 +448,7 @@ func podTypes(schemas *types.Schemas) *types.Schemas {
 			m.Move{From: "command", To: "entrypoint"},
 			m.Move{From: "args", To: "command"},
 			mapper.EnvironmentMapper{},
+			mapper.ContainerSecurityContext{},
 			&m.Embed{Field: "securityContext"},
 			&m.Embed{Field: "lifecycle"},
 		).
diff --git a/mapper/container_security_context.go b/mapper/container_security_context.go
new file mode 100644
index 00000000..199ab777
--- /dev/null
+++ b/mapper/container_security_context.go
@@ -0,0 +1,51 @@
+package mapper
+
+import (
+	"github.com/rancher/norman/types"
+	"github.com/rancher/norman/types/convert"
+	"github.com/rancher/norman/types/values"
+)
+
+type ContainerSecurityContext struct {
+}
+
+func (n ContainerSecurityContext) FromInternal(data map[string]interface{}) {
+}
+
+func (n ContainerSecurityContext) ToInternal(data map[string]interface{}) {
+	if v, ok := values.GetValue(data, "securityContext"); ok && v != nil {
+		sc, err := convert.EncodeToMap(v)
+		if err != nil {
+			return
+		}
+		if len(sc) > 2 {
+			return
+		}
+		found := false
+		if v, ok := values.GetValue(sc, "capAdd"); ok && v != nil {
+			capAdd := convert.ToStringSlice(v)
+			if len(capAdd) == 0 {
+				found = true
+			}
+		}
+		if found {
+			found = false
+		} else {
+			return
+		}
+
+		if v, ok := values.GetValue(sc, "capDrop"); ok && v != nil {
+			capAdd := convert.ToStringSlice(v)
+			if len(capAdd) == 0 {
+				found = true
+			}
+		}
+		if found {
+			values.RemoveValue(data, "securityContext")
+		}
+	}
+}
+
+func (n ContainerSecurityContext) ModifySchema(schema *types.Schema, schemas *types.Schemas) error {
+	return nil
+}