Update cnf-best-practices-expectations-permissions.adoc

mwlinca · web-flow · commit 1dbc408c57d1 · 2023-06-14T01:06:36.000-04:00
diff --git a/modules/cnf-best-practices-expectations-permissions.adoc b/modules/cnf-best-practices-expectations-permissions.adoc
@@ -42,9 +42,9 @@ Application design should conform to cloud-native design principles to the maxim
 
 * CNFs shall be built to be cloud-native
 
-* Containers MUST NOT run as root (uid=0). Applications that require elevated privileges will require an exception with HQ Planning
+* Containers MUST NOT run as root (uid=0). See test case link:https://github.com/test-network-function/cnf-certification-test/blob/main/CATALOG.md#access-control-security-context-non-root-user-check[access-control-security-context-non-root-user-check]
 
-* Containers MUST run with the minimal set of permissions required. Avoid Privileged Pods.
+* Containers MUST run with the minimal set of permissions required. Avoid Privileged Pods. See test case link:https://github.com/test-network-function/cnf-certification-test/blob/main/CATALOG.md#access-control-security-context-privilege-escalation[access-control-security-context-privilege-escalation]
 
 * Use the main CNI for all traffic - MULTUS/SRIOV/MacVLAN are for corner cases only (extreme throughput requirements, protocols that are unable to be load balanced)
 
