From 98695332bcc405f804f9aea88aa1e6324da87883 Mon Sep 17 00:00:00 2001
From: Venkata Challa <venkata.challa80@gmail.com>
Date: Wed, 3 Jul 2024 15:50:32 +0100
Subject: [PATCH] Added capabilities to container security context

---
 aks/application/resources.tf | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/aks/application/resources.tf b/aks/application/resources.tf
index b2bb755..e852038 100644
--- a/aks/application/resources.tf
+++ b/aks/application/resources.tf
@@ -172,6 +172,11 @@ resource "kubernetes_deployment" "main" {
             seccomp_profile {
               type = "RuntimeDefault"
             }
+
+            capabilities {
+              drop = ["ALL"]
+              add  = ["NET_BIND_SERVICE"]
+            }
           }
         }
       }