rbac

package
v1.26.0-rc.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 9, 2026 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	Wildcard = "*"

	// API Groups
	AdmissionAPIGroup     = "admissionregistration.k8s.io"
	APIExtensionsAPIGroup = "apiextensions.k8s.io"
	AppsAPIGroup          = "apps"
	ArgoProjAPIGroup      = "argoproj.io"
	// Flux CD API groups (Flux does not use a single "fluxcd.io" API group for these CRDs)
	FluxSourceToolkitAPIGroup    = "source.toolkit.fluxcd.io"
	FluxKustomizeToolkitAPIGroup = "kustomize.toolkit.fluxcd.io"
	AuthorizationAPIGroup        = "authorization.k8s.io"
	AutoscalingAPIGroup          = "autoscaling"
	AutoscalingK8sIoAPIGroup     = "autoscaling.k8s.io"
	BatchAPIGroup                = "batch"
	CertificatesAPIGroup         = "certificates.k8s.io"
	CoordinationAPIGroup         = "coordination.k8s.io"
	CoreAPIGroup                 = ""
	DatadogAPIGroup              = "datadoghq.com"
	DiscoveryAPIGroup            = "discovery.k8s.io"
	ExtensionsAPIGroup           = "extensions"
	ExternalMetricsAPIGroup      = "external.metrics.k8s.io"
	GatewayAPIGroup              = "gateway.networking.k8s.io"
	NetworkingAPIGroup           = "networking.k8s.io"
	OpenShiftQuotaAPIGroup       = "quota.openshift.io"
	PolicyAPIGroup               = "policy"
	RbacAPIGroup                 = "rbac.authorization.k8s.io"
	RegistrationAPIGroup         = "apiregistration.k8s.io"
	StorageAPIGroup              = "storage.k8s.io"
	EKSMetricsAPIGroup           = "metrics.eks.amazonaws.com"
	EKSAPIGroup                  = "eks.amazonaws.com"
	KarpenterAPIGroup            = "karpenter.sh"
	KarpenterAWSAPIGroup         = "karpenter.k8s.aws"
	KarpenterAzureAPIGroup       = "karpenter.azure.com"

	APIServicesResource                               = "apiservices"
	CertificatesSigningRequestsResource               = "certificatesigningrequests"
	ClusterResourceQuotasResource                     = "clusterresourcequotas"
	ClusterRoleBindingResource                        = "clusterrolebindings"
	ClusterRoleResource                               = "clusterroles"
	ComponentStatusesResource                         = "componentstatuses"
	ControllerRevisionsResource                       = "controllerrevisions"
	ConfigMapsResource                                = "configmaps"
	CronjobsResource                                  = "cronjobs"
	CustomResourceDefinitionsResource                 = "customresourcedefinitions"
	DaemonsetsResource                                = "daemonsets"
	DatadogAgentsResource                             = "datadogagents"
	DatadogAgentInternalsResource                     = "datadogagentinternals"
	DatadogMetricsResource                            = "datadogmetrics"
	DatadogMetricsStatusResource                      = "datadogmetrics/status"
	DatadogPodAutoscalersResource                     = "datadogpodautoscalers"
	DatadogPodAutoscalersStatusResource               = "datadogpodautoscalers/status"
	DatadogPodAutoscalerClusterProfilesResource       = "datadogpodautoscalerclusterprofiles"
	DatadogPodAutoscalerClusterProfilesStatusResource = "datadogpodautoscalerclusterprofiles/status"
	DeploymentsResource                               = "deployments"
	EndpointsResource                                 = "endpoints"
	EndpointsSlicesResource                           = "endpointslices"
	EventsResource                                    = "events"
	ExtendedDaemonSetReplicaSetResource               = "extendeddaemonsetreplicasets"
	HorizontalPodAutoscalersRecource                  = "horizontalpodautoscalers"
	IngressesResource                                 = "ingresses"
	JobsResource                                      = "jobs"
	LeasesResource                                    = "leases"
	LimitRangesResource                               = "limitranges"
	MutatingConfigResource                            = "mutatingwebhookconfigurations"
	NamespaceResource                                 = "namespaces"
	NetworkPolicyResource                             = "networkpolicies"
	NodeConfigzResource                               = "nodes/configz"
	NodeHealthzResource                               = "nodes/healthz"
	NodeLogsResource                                  = "nodes/logs"
	NodeMetricsResource                               = "nodes/metrics"
	NodePodsResource                                  = "nodes/pods"
	NodeProxyResource                                 = "nodes/proxy"
	NodeSpecResource                                  = "nodes/spec"
	NodesResource                                     = "nodes"
	NodeStats                                         = "nodes/stats"
	PersistentVolumeClaimsResource                    = "persistentvolumeclaims"
	PersistentVolumesResource                         = "persistentvolumes"
	PodDisruptionBudgetsResource                      = "poddisruptionbudgets"
	PodsEvictionResource                              = "pods/eviction"
	PodsExecResource                                  = "pods/exec"
	PodsResizeResource                                = "pods/resize"
	PodsResource                                      = "pods"
	ReplicasetsResource                               = "replicasets"
	ReplicationControllersResource                    = "replicationcontrollers"
	ResourceQuotasResource                            = "resourcequotas"
	RoleBindingResource                               = "rolebindings"
	RoleResource                                      = "roles"
	Rollout                                           = "rollouts"
	Applications                                      = "applications"
	Applicationsets                                   = "applicationsets"
	Buckets                                           = "buckets"
	Helmcharts                                        = "helmcharts"
	Externalartifacts                                 = "externalartifacts"
	Gitrepositories                                   = "gitrepositories"
	Helmrepositories                                  = "helmrepositories"
	Ocirepositories                                   = "ocirepositories"
	Kustomizations                                    = "kustomizations"
	SecretsResource                                   = "secrets"
	ServiceAccountResource                            = "serviceaccounts"
	ServicesResource                                  = "services"
	StatefulsetsResource                              = "statefulsets"
	StorageClassesResource                            = "storageclasses"
	SubjectAccessReviewResource                       = "subjectaccessreviews"
	ValidatingConfigResource                          = "validatingwebhookconfigurations"
	VolumeAttachments                                 = "volumeattachments"
	VPAResource                                       = "verticalpodautoscalers"
	WpaResource                                       = "watermarkpodautoscalers"
	EKSKubeControllerManagerMetrics                   = "kcm/metrics"
	EKSKubeSchedulerMetrics                           = "ksh/metrics"

	HealthzURL     = "/healthz"
	MetricsSLIsURL = "/metrics/slis"
	MetricsURL     = "/metrics"
	VersionURL     = "/version"

	CreateVerb = "create"
	DeleteVerb = "delete"
	GetVerb    = "get"
	ListVerb   = "list"
	PatchVerb  = "patch"
	UpdateVerb = "update"
	WatchVerb  = "watch"

	ClusterRoleBindingKind = "ClusterRoleBinding"
	ClusterRoleKind        = "ClusterRole"
	RoleKind               = "Role"
	ServiceAccountKind     = "ServiceAccount"
)

Variables

This section is empty.

Functions

func NormalizePolicyRules added in v1.23.0 

func NormalizePolicyRules(rules []rbacv1.PolicyRule) []rbacv1.PolicyRule

NormalizePolicyRules takes existing RBAC policy rules and optimizes them: - Groups resources by API group and verbs to minimize the number of rules - Ensures deterministic sorted output

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.