apiserver: k8s.io/apiserver/pkg/audit/policy Index | Files

package policy

import "k8s.io/apiserver/pkg/audit/policy"

Index

Package Files

checker.go dynamic.go enforce.go reader.go util.go

Constants

const (
    // DefaultAuditLevel is the default level to audit at, if no policy rules are matched.
    DefaultAuditLevel = audit.LevelNone
)

func AllLevels Uses

func AllLevels() sets.String

AllLevels returns all possible levels

func AllStages Uses

func AllStages() sets.String

AllStages returns all possible stages

func ConvertDynamicPolicyToInternal Uses

func ConvertDynamicPolicyToInternal(p *v1alpha1.Policy) *audit.Policy

ConvertDynamicPolicyToInternal constructs an internal policy type from a v1alpha1 dynamic type

func ConvertStagesToStrings Uses

func ConvertStagesToStrings(stages []audit.Stage) []string

ConvertStagesToStrings converts an array of stages to a string array

func ConvertStringSetToStages Uses

func ConvertStringSetToStages(set sets.String) []audit.Stage

ConvertStringSetToStages converts a string set to an array of stages

func EnforcePolicy Uses

func EnforcePolicy(event *audit.Event, level audit.Level, omitStages []audit.Stage) (*audit.Event, error)

EnforcePolicy drops any part of the event that doesn't conform to a policy level or omitStages and sets the event level accordingly

func InvertStages Uses

func InvertStages(stages []audit.Stage) []audit.Stage

InvertStages subtracts the given array of stages from all stages

func LoadPolicyFromBytes Uses

func LoadPolicyFromBytes(policyDef []byte) (*auditinternal.Policy, error)

func LoadPolicyFromFile Uses

func LoadPolicyFromFile(filePath string) (*auditinternal.Policy, error)

type Checker Uses

type Checker interface {
    // Check the audit level for a request with the given authorizer attributes.
    LevelAndStages(authorizer.Attributes) (audit.Level, []audit.Stage)
}

Checker exposes methods for checking the policy rules.

func FakeChecker Uses

func FakeChecker(level audit.Level, stage []audit.Stage) Checker

FakeChecker creates a checker that returns a constant level for all requests (for testing).

func NewChecker Uses

func NewChecker(policy *audit.Policy) Checker

NewChecker creates a new policy checker.

func NewDynamicChecker Uses

func NewDynamicChecker() Checker

NewDynamicChecker returns a new dynamic policy checker

Package policy imports 14 packages (graph) and is imported by 5 packages. Updated 2019-12-11. Refresh now. Tools for package owners.