TechQA.

How to apply AppArmour to IoT Edge from a deployment manifest

113 views Asked by At

How can I apply an apparmor profile to IoT Edge modules?

Background, If I run docker run -it --security-opt apparmor=docker-azureiotsecurity hello-world I will see the container run with the correct apparmor profile. If I inspect the container, it is correct:

docker inspect quizzical_jang
[
    {
        "Id": "c1bcfe266946b5393c279cba7ac21ea2ed00d47b75c2ae613db7fbd7a0f0faca",
...
        "ProcessLabel": "",
        "AppArmorProfile": "docker-azureiotsecurity",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": null,
...
            "ReadonlyRootfs": false,
            "SecurityOpt": [
                "apparmor=docker-azureiotsecurity"
            ],
            "UTSMode": "",
...
        }
    }
]

If I add the setting to the HostConfig of the module, it shows in HostConfig, but it is in the stated unconfirmed. Is it possible to apply this setting to all my host?

docker inspect quizzical_jang
[
    {
        "Id": "c1bcfe266946b5393c279cba7ac21ea2ed00d47b75c2ae613db7fbd7a0f0faca",
...
        "ProcessLabel": "",
        "AppArmorProfile": "unconfined",
        "ExecIDs": null,
        "HostConfig": {
            "Binds": null,
...
            "ReadonlyRootfs": false,
            "SecurityOpt": [
                "apparmor=docker-azureiotsecurity"
            ],
            "UTSMode": "",
...
        }
    }
]
docker azure-iot-edge moby
Original Q&A
0

There are 0 answers

Related Questions in DOCKER

Related Questions in AZURE-IOT-EDGE

Related Questions in MOBY

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions