rbac

package
v1.6.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 22, 2024 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type Error 

type Error interface {
	error
	OrigError() error
}

Error is a custom rbac error type

func NewRBACError 

func NewRBACError(message string) Error

NewRBACError is a constructor for rbac error

type Matcher 

type Matcher interface {
	MatchPolicyRules(actual, requested []rbacv1.PolicyRule) (matches bool)
	MatchPolicyRule(actual, requested *rbacv1.PolicyRule) (matches bool)
	MatchRoleBindingsSubjects(roleBindings []rbacv1.RoleBinding, subjectName, namespace string) (matchesRoleBindings []rbacv1.RoleBinding)
	MatchRoleBindingSubjects(roleBinding *rbacv1.RoleBinding, subjectName, namespace string) (matches bool)
	MatchRoles(roles []rbacv1.Role, names []string) (matchesRoles []rbacv1.Role)
}

Matcher is a helper for matching actual resources with requested ones

func NewMatcher 

func NewMatcher() Matcher

NewMatcher is a constructor for matcher

type Validator 

type Validator interface {
	ValidateServiceAccountIsBound(ctx context.Context, rules *models.ServiceAccountIsRoleBoundData) error
}

Validator is rbac validator for checking predefined rule (e.g. service account is bound to role with certain policy rules)

func NewValidator 

func NewValidator(client client.Client, log *logrus.Entry, matcher Matcher) Validator

NewValidator is a constructor for rbac validator

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.