kubernetes: k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy Index | Files

package bootstrappolicy

import "k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy"


Package Files

controller_policy.go namespace_policy.go policy.go


var (
    Write      = []string{"create", "update", "patch", "delete", "deletecollection"}
    ReadWrite  = []string{"get", "list", "watch", "create", "update", "patch", "delete", "deletecollection"}
    Read       = []string{"get", "list", "watch"}
    ReadUpdate = []string{"get", "list", "watch", "update", "patch"}

    Label      = map[string]string{"kubernetes.io/bootstrapping": "rbac-defaults"}
    Annotation = map[string]string{rbacv1.AutoUpdateAnnotationKey: "true"}

Write and other vars are slices of the allowed verbs. Label and Annotation are default maps of bootstrappolicy.

func ClusterRoleBindings Uses

func ClusterRoleBindings() []rbacv1.ClusterRoleBinding

ClusterRoleBindings return default rolebindings to the default roles

func ClusterRoleBindingsToSplit Uses

func ClusterRoleBindingsToSplit() map[string]rbacv1.ClusterRoleBinding

ClusterRoleBindingsToSplit returns a map of Names of source ClusterRoleBindings to copy Subjects, Annotations, and Labels to destination ClusterRoleBinding templates.

func ClusterRoles Uses

func ClusterRoles() []rbacv1.ClusterRole

ClusterRoles returns the cluster roles to bootstrap an API server with

func ClusterRolesToAggregate Uses

func ClusterRolesToAggregate() map[string]string

ClusterRolesToAggregate maps from previous clusterrole name to the new clusterrole name

func ControllerRoleBindings Uses

func ControllerRoleBindings() []rbacv1.ClusterRoleBinding

ControllerRoleBindings returns the role bindings used by controllers

func ControllerRoles Uses

func ControllerRoles() []rbacv1.ClusterRole

ControllerRoles returns the cluster roles used by controllers

func NamespaceRoleBindings Uses

func NamespaceRoleBindings() map[string][]rbacv1.RoleBinding

NamespaceRoleBindings returns a map of namespace to slice of roles to create

func NamespaceRoles Uses

func NamespaceRoles() map[string][]rbacv1.Role

NamespaceRoles returns a map of namespace to slice of roles to create

func NodeRules Uses

func NodeRules() []rbacv1.PolicyRule

NodeRules returns node policy rules, it is slice of rbacv1.PolicyRule.

Package bootstrappolicy imports 10 packages (graph) and is imported by 81 packages. Updated 2020-02-16. Refresh now. Tools for package owners.