package abac
import "k8s.io/kubernetes/pkg/apis/abac"
Index ¶
- Constants
- Variables
- type Policy
- func (in *Policy) DeepCopy() *Policy
- func (in *Policy) DeepCopyInto(out *Policy)
- func (in *Policy) DeepCopyObject() runtime.Object
- type PolicySpec
Constants ¶
const GroupName = "abac.authorization.kubernetes.io"
GroupName is the API group for abac
Variables ¶
var ( // SchemeBuilder is the scheme builder with scheme init functions to run for this API package SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes) // AddToScheme is a common registration function for mapping packaged scoped group & version keys to a scheme AddToScheme = SchemeBuilder.AddToScheme )
var Codecs = serializer.NewCodecFactory(Scheme)
Codecs provides access to encoding and decoding for the scheme
Scheme is the default instance of runtime.Scheme to which types in the abac API group are api.Registry. TODO: remove this, abac should not have its own scheme.
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}
SchemeGroupVersion is the API group version used to register abac internal
Types ¶
type Policy ¶
type Policy struct {
metav1.TypeMeta
// Spec describes the policy rule
Spec PolicySpec
}
Policy contains a single ABAC policy rule
func (*Policy) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy.
func (*Policy) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Policy) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type PolicySpec ¶
type PolicySpec struct {
// User is the username this rule applies to.
// Either user or group is required to match the request.
// "*" matches all users.
User string
// Group is the group this rule applies to.
// Either user or group is required to match the request.
// "*" matches all groups.
Group string
// Readonly matches readonly requests when true, and all requests when false
Readonly bool
// APIGroup is the name of an API group. APIGroup, Resource, and Namespace are required to match resource requests.
// "*" matches all API groups
APIGroup string
// Resource is the name of a resource. APIGroup, Resource, and Namespace are required to match resource requests.
// "*" matches all resources
Resource string
// Namespace is the name of a namespace. APIGroup, Resource, and Namespace are required to match resource requests.
// "*" matches all namespaces (including unnamespaced requests)
Namespace string
// NonResourcePath matches non-resource request paths.
// "*" matches all paths
// "/foo/*" matches all subpaths of foo
NonResourcePath string
}
PolicySpec contains the attributes for a policy rule
func (*PolicySpec) DeepCopy ¶
func (in *PolicySpec) DeepCopy() *PolicySpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicySpec.
func (*PolicySpec) DeepCopyInto ¶
func (in *PolicySpec) DeepCopyInto(out *PolicySpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files ¶
doc.go register.go types.go zz_generated.deepcopy.go
Directories ¶
| Path | Synopsis |
|---|---|
| pkg/apis/abac/fuzzer | |
| pkg/apis/abac/latest | |
| pkg/apis/abac/v0 | |
| pkg/apis/abac/v1beta1 |
- Version
- v1.33.0 (latest)
- Published
- Apr 23, 2025
- Platform
- linux/amd64
- Imports
- 4 packages
- Last checked
- 3 hours ago –
Tools for package owners.