{"id":"generic-ephemeral-indirect-pvc-creation-security","text":"Users creating pods with generic ephemeral volumes can indirectly create PVCs even without explicit PVC create permissions — cluster admins should use admission webhooks to restrict this.","truth_value":"IN","source":"entries/2026/03/05/en-documentation-openshift_container_platform-417-html-storage-generic-ephemeral.md","source_url":"","source_hash":"4f727e3bc0d8a03c","justifications":[],"dependents":[],"metadata":{},"explanation":{"steps":[{"node":"generic-ephemeral-indirect-pvc-creation-security","truth_value":"IN","reason":"premise"}]}}