kubernetes: k8s.io/kubernetes/pkg/apis/abac Index | Files | Directories

package abac

import "k8s.io/kubernetes/pkg/apis/abac"

Index

Package Files

doc.go register.go types.go zz_generated.deepcopy.go

Constants

const GroupName = "abac.authorization.kubernetes.io"

GroupName is the API group for abac

Variables

var (
    // SchemeBuilder is the scheme builder with scheme init functions to run for this API package
    SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
    // AddToScheme is a common registration function for mapping packaged scoped group & version keys to a scheme
    AddToScheme = SchemeBuilder.AddToScheme
)
var Codecs = serializer.NewCodecFactory(Scheme)

Codecs provides access to encoding and decoding for the scheme

var Scheme = runtime.NewScheme()

Scheme is the default instance of runtime.Scheme to which types in the abac API group are api.Registry. TODO: remove this, abac should not have its own scheme.

var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}

SchemeGroupVersion is the API group version used to register abac internal

type Policy Uses

type Policy struct {
    metav1.TypeMeta

    // Spec describes the policy rule
    Spec PolicySpec
}

Policy contains a single ABAC policy rule

func (*Policy) DeepCopy Uses

func (in *Policy) DeepCopy() *Policy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy.

func (*Policy) DeepCopyInto Uses

func (in *Policy) DeepCopyInto(out *Policy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Policy) DeepCopyObject Uses

func (in *Policy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicySpec Uses

type PolicySpec struct {

    // User is the username this rule applies to.
    // Either user or group is required to match the request.
    // "*" matches all users.
    User string

    // Group is the group this rule applies to.
    // Either user or group is required to match the request.
    // "*" matches all groups.
    Group string

    // Readonly matches readonly requests when true, and all requests when false
    Readonly bool

    // APIGroup is the name of an API group. APIGroup, Resource, and Namespace are required to match resource requests.
    // "*" matches all API groups
    APIGroup string

    // Resource is the name of a resource. APIGroup, Resource, and Namespace are required to match resource requests.
    // "*" matches all resources
    Resource string

    // Namespace is the name of a namespace. APIGroup, Resource, and Namespace are required to match resource requests.
    // "*" matches all namespaces (including unnamespaced requests)
    Namespace string

    // NonResourcePath matches non-resource request paths.
    // "*" matches all paths
    // "/foo/*" matches all subpaths of foo
    NonResourcePath string
}

PolicySpec contains the attributes for a policy rule

func (*PolicySpec) DeepCopy Uses

func (in *PolicySpec) DeepCopy() *PolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicySpec.

func (*PolicySpec) DeepCopyInto Uses

func (in *PolicySpec) DeepCopyInto(out *PolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Directories

PathSynopsis
fuzzer
latest
v0
v1beta1

Package abac imports 4 packages (graph) and is imported by 234 packages. Updated 2019-06-02. Refresh now. Tools for package owners.