I recently set up an RKE2 test cluster where I used the
profile: cis-1.6 as an option during installation. I was under the impression that I wasn’t able to run containers as ‘root’ anymore, which was not really an issue as I think that’s generally not a good idea.
Now I created another setup that should be used in production, also with the
profile: cis-1.6 flag, but interestingly I can run containers as ‘root’ user on this one. Unfortunately I do not have the test setup anymore and so I am wondering if I was mistaken in the first place that the
cis-1.6 profile would forbid containers running as root?
Is there a way to check if the profile has been applied?