Whether the volume can be mounted with non-root user

[Shuanglu]

Describe the solution you'd like
Whether the volume can be mount with non-root user

Anything else you would like to add:
N/A

Environment:
AKS

• Secrets Store CSI Driver version: (use the image tag): mcr.microsoft.com/k8s/csi/secrets-store/driver:v0.0.13
• Azure Key Vault provider version: (use the image tag): mcr.microsoft.com/k8s/csi/secrets-store/provider-azure:0.0.8
• Kubernetes version: (use kubectl version): v1.16.13
• Cluster type: (e.g. AKS, aks-engine, etc): AKS

[aramase]

@Shuanglu Could you elaborate more on this issue? What is the current behavior you're seeing and what is the use case?

[ma185360]

Hi Team,

Use case is like this. Application container is running with non-root user and secrets are getting mounted with root privileges because of which container application is not able to access those secrets.

[vbystricky21]

Hi @aramase, we would like to be able not only to customize volume ownership but also permissions. Something similar to when your mounting Kubernetes secrets as volumes, and you can set permission via the defaultMode option.
We are running containers in AKS under non-root user and need to restrict access to mounted volumes only to this user.
Does this enhancement also cover this use case?

[tracetechnical]

I am also facing this issue.

[aramase]

PR to make file permission configurable is merged: #751. This will be available in v1.1.0 release planned for next week.