v1beta1

package
v1.5.6-beta.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 23, 2017 License: Apache-2.0 Imports: 3 Imported by: 0

Documentation

Overview

+k8s:openapi-gen=true

Index

Constants

View Source 
const GroupName = "abac.authorization.kubernetes.io"

Variables

View Source 
var (
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
	AddToScheme   = SchemeBuilder.AddToScheme
)
View Source 
var SchemeGroupVersion = unversioned.GroupVersion{Group: GroupName, Version: "v1beta1"}

SchemeGroupVersion is the API group and version for abac v1beta1

Functions

This section is empty.

Types

type Policy 

type Policy struct {
	unversioned.TypeMeta `json:",inline"`

	// Spec describes the policy rule
	Spec PolicySpec `json:"spec"`
}

Policy contains a single ABAC policy rule

func (*Policy) GetObjectKind 

func (obj *Policy) GetObjectKind() unversioned.ObjectKind

type PolicySpec 

type PolicySpec struct {
	// User is the username this rule applies to.
	// Either user or group is required to match the request.
	// "*" matches all users.
	// +optional
	User string `json:"user,omitempty"`

	// Group is the group this rule applies to.
	// Either user or group is required to match the request.
	// "*" matches all groups.
	// +optional
	Group string `json:"group,omitempty"`

	// Readonly matches readonly requests when true, and all requests when false
	// +optional
	Readonly bool `json:"readonly,omitempty"`

	// APIGroup is the name of an API group. APIGroup, Resource, and Namespace are required to match resource requests.
	// "*" matches all API groups
	// +optional
	APIGroup string `json:"apiGroup,omitempty"`

	// Resource is the name of a resource. APIGroup, Resource, and Namespace are required to match resource requests.
	// "*" matches all resources
	// +optional
	Resource string `json:"resource,omitempty"`

	// Namespace is the name of a namespace. APIGroup, Resource, and Namespace are required to match resource requests.
	// "*" matches all namespaces (including unnamespaced requests)
	// +optional
	Namespace string `json:"namespace,omitempty"`

	// NonResourcePath matches non-resource request paths.
	// "*" matches all paths
	// "/foo/*" matches all subpaths of foo
	// +optional
	NonResourcePath string `json:"nonResourcePath,omitempty"`
}

PolicySpec contains the attributes for a policy rule

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.