Deployment is not created with error "an inline volume provided by CSIDriver has a pod security enforce level that is lower than privileged" in RHOCP 4

Solution Unverified - Updated -

Issue

  • A deployment using a CSI inline ephemeral volume that worked on OCP 4.12 no longer works in later OCP versions.
  • How to configure CSI driver security profile?

  • Error an inline volume provided by CSIDriver <CSI-DRIVER-NAME> and namespace <NAMESPACE-NAME> has a pod security enforce level that is lower than privileged when creating a deployment

    71m         Warning   FailedCreate                   replicaset/<name>              Error creating: pods "<pod name>" is forbidden: <pod name> uses an inline volume provided by CSIDriver secrets-store.csi.k8s.io and namespace prod has a pod security enforce level that is lower than privileged

Environment

  • Red Hat OpenShift Container Platform (RHOCP)
    • 4.13
    • 4.14
    • 4.15
  • Azure Red Hat OpenShift 4.13

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content