audit

package

v1.16.0 Latest Latest Go to latest Published: Feb 14, 2024 License: Apache-2.0 Imports: 35 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/alcideio/rbac-tool

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func EventToAttributes(event *audit.Event) authorizer.AttributesRecord
func FilterEvent(event *audit.Event, userRegex *regexp.Regexp, UserFilterInverse bool, ...) bool
func Output(w io.Writer, obj runtime.Object, format string) error
func ReadAuditEvents(sources []string, filters ...func(*audit.Event) bool) (<-chan *StreamObject, error)
type GenerateOptions
- func DefaultGenerateOptions() GenerateOptions
type Generator
- func NewGenerator(existing RBACObjects, requests []authorizer.AttributesRecord, ...) *Generator
- func (g *Generator) Generate() *RBACObjects
type RBACObjects
- func GetDiscoveryRoles() RBACObjects
type StreamObject

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// Scheme knows about audit and rbac types
	Scheme = runtime.NewScheme()
	// Decoder knows how to decode audit and rbac objects
	Decoder runtime.Decoder
)

Functions ¶

func EventToAttributes ¶

func EventToAttributes(event *audit.Event) authorizer.AttributesRecord

func FilterEvent ¶

func FilterEvent(event *audit.Event, userRegex *regexp.Regexp, UserFilterInverse bool, nsRegex *regexp.Regexp) bool

func Output ¶

func Output(w io.Writer, obj runtime.Object, format string) error

Output writes the specified object to the specified writer in "yaml" or "json" format

func ReadAuditEvents ¶

func ReadAuditEvents(sources []string, filters ...func(*audit.Event) bool) (<-chan *StreamObject, error)

Types ¶

type GenerateOptions ¶

type GenerateOptions struct {
	VerbExpansions                          map[string][]string
	ExpandMultipleNamesToUnnamed            bool
	ExpandMultipleNamespacesToClusterScoped bool

	Name        string
	Annotations map[string]string
}

GenerateOptions specifies options for generating RBAC roles

func DefaultGenerateOptions ¶

func DefaultGenerateOptions() GenerateOptions

DefaultGenerateOptions returns default generation options

type Generator ¶

type Generator struct {
	Options GenerateOptions
	// contains filtered or unexported fields
}

Generator allows generating a set of covering RBAC roles and bindings

func NewGenerator ¶

func NewGenerator(existing RBACObjects, requests []authorizer.AttributesRecord, options GenerateOptions) *Generator

NewGenerator creates a new Generator

func (*Generator) Generate ¶

func (g *Generator) Generate() *RBACObjects

Generate returns a set of RBAC roles and bindings that cover the specified requests

type RBACObjects ¶

type RBACObjects struct {
	Roles               []*rbacv1.Role
	RoleBindings        []*rbacv1.RoleBinding
	ClusterRoles        []*rbacv1.ClusterRole
	ClusterRoleBindings []*rbacv1.ClusterRoleBinding
}

RBACObjects holds lists of RBAC API objects

func GetDiscoveryRoles ¶

func GetDiscoveryRoles() RBACObjects

type StreamObject ¶

type StreamObject struct {
	Obj runtime.Object
	Err error
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL