openshift/openshift-docs
1
0
Fork 0
mirror of https://github.com/openshift/openshift-docs.git synced 2026-02-05 12:46:18 +01:00
Code Issues Releases Activity

OSDOCS-3554: Adding info on restricted-v2 SCC

Browse Source
This commit is contained in:
Andrea Hoffer
2022-07-19 18:05:10 -04:00
committed by openshift-cherrypick-robot
parent a2a3c2c01a
commit eeddce9eb1
1 changed files with 7 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
migrating_from_ocp_3_to_4/planning-migration-3-4.adoc
View File

@@ -201,6 +201,13 @@ For more information, see xref:../authentication/understanding-identity-provider
Newly created OAuth HTTP bearer tokens no longer match the names of their OAuth access token objects. The object names are now a hash of the bearer token and are no longer sensitive. This reduces the risk of leaking sensitive information.
[discrete]
==== Default security context constraints
The `restricted` security context constraints (SCC) in {product-title} 4 can no longer be accessed by any authenticated user as the `restricted` SCC in {product-title} 3.11. The broad authenticated access is now granted to the `restricted-v2` SCC, which is more restrictive than the old `restricted` SCC. The `restricted` SCC still exists; users that want to use it must be specifically given permissions to do it.
For more information, see xref:../authentication/managing-security-context-constraints.adoc#managing-pod-security-policies[Managing security context constraints].
[id="migration-preparing-monitoring"]
=== Monitoring considerations