From 95663f8442eadaad911cfb8db3afbc1c42a077e3 Mon Sep 17 00:00:00 2001
From: Alex Lebens <alexanderlebens@gmail.com>
Date: Thu, 15 May 2025 19:13:04 -0500
Subject: [PATCH] remove from container

---
 clusters/cl01tl/services/talos/values.yaml | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/clusters/cl01tl/services/talos/values.yaml b/clusters/cl01tl/services/talos/values.yaml
index d7b3e8c54..8ea55ef02 100644
--- a/clusters/cl01tl/services/talos/values.yaml
+++ b/clusters/cl01tl/services/talos/values.yaml
@@ -7,9 +7,6 @@ etcd-backup:
           runAsUser: 1000
           runAsGroup: 1000
           runAsNonRoot: true
-          capabilities:
-            drop:
-              - ALL
           seccompProfile:
             type: RuntimeDefault
         affinity:
@@ -42,6 +39,11 @@ etcd-backup:
           command:
             - /talos-backup
           workingDir: /tmp
+          securityContext:
+            allowPrivilegeEscalation: false
+            capabilities:
+              drop:
+                - ALL
           env:
             - name: AWS_ACCESS_KEY_ID
               valueFrom: