PodSecurity: remove optional non-root group check

liggitt · liggitt · commit 4ca5ff6b3c0f · 2022-01-24T10:10:12.000-05:00
diff --git a/content/en/docs/concepts/security/pod-security-standards.md b/content/en/docs/concepts/security/pod-security-standards.md
@@ -379,26 +379,6 @@ fail validation.
 				</ul>
 			</td>
 		</tr>
-		<tr>
-			<td style="white-space: nowrap">Non-root groups <em>(optional)</em></td>
-			<td>
-				<p>Containers should be forbidden from running with a root primary or supplementary GID.</p>
-				<p><strong>Restricted Fields</strong></p>
-				<ul>
-					<li><code>spec.securityContext.runAsGroup</code></li>
-					<li><code>spec.securityContext.supplementalGroups[*]</code></li>
-					<li><code>spec.securityContext.fsGroup</code></li>
-					<li><code>spec.containers[*].securityContext.runAsGroup</code></li>
-					<li><code>spec.initContainers[*].securityContext.runAsGroup</code></li>
-					<li><code>spec.ephemeralContainers[*].securityContext.runAsGroup</code></li>
-				</ul>
-				<p><strong>Allowed Values</strong></p>
-				<ul>
-					<li>Undefined/nil (except for <code>*.runAsGroup</code>)</li>
-					<li>Non-zero</li>
-				</ul>
-			</td>
-		</tr>
 		<tr>
   			<td style="white-space: nowrap">Seccomp (v1.19+)</td>
   			<td>
