kubernetesk8s.io/kubernetes/pkg/apis/abac Index | Files | Directories

package abac

import "k8s.io/kubernetes/pkg/apis/abac"

+k8s:openapi-gen=true

Index

Constants 

const GroupName = "abac.authorization.kubernetes.io"

Group is the API group for abac

Variables 

var (
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
	AddToScheme   = SchemeBuilder.AddToScheme
)
var Codecs = serializer.NewCodecFactory(Scheme)

Codecs provides access to encoding and decoding for the scheme 

var Scheme = runtime.NewScheme()

Scheme is the default instance of runtime.Scheme to which types in the abac API group are registered. TODO: remove this, abac should not have its own scheme. 

var SchemeGroupVersion = unversioned.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}

Types

type Policy 

type Policy struct {
	unversioned.TypeMeta

	// Spec describes the policy rule
	Spec PolicySpec
}

Policy contains a single ABAC policy rule

func (*Policy) GetObjectKind 

func (obj *Policy) GetObjectKind() unversioned.ObjectKind

type PolicySpec 

type PolicySpec struct {

	// User is the username this rule applies to.
	// Either user or group is required to match the request.
	// "*" matches all users.
	User string

	// Group is the group this rule applies to.
	// Either user or group is required to match the request.
	// "*" matches all groups.
	Group string

	// Readonly matches readonly requests when true, and all requests when false
	Readonly bool

	// APIGroup is the name of an API group. APIGroup, Resource, and Namespace are required to match resource requests.
	// "*" matches all API groups
	APIGroup string

	// Resource is the name of a resource. APIGroup, Resource, and Namespace are required to match resource requests.
	// "*" matches all resources
	Resource string

	// Namespace is the name of a namespace. APIGroup, Resource, and Namespace are required to match resource requests.
	// "*" matches all namespaces (including unnamespaced requests)
	Namespace string

	// NonResourcePath matches non-resource request paths.
	// "*" matches all paths
	// "/foo/*" matches all subpaths of foo
	NonResourcePath string
}

PolicySpec contains the attributes for a policy rule

Source Files

register.go types.go

Directories

PathSynopsis
pkg/apis/abac/latest
pkg/apis/abac/v0+k8s:openapi-gen=true
pkg/apis/abac/v1beta1+k8s:openapi-gen=true
Version
v1.5.1-beta.0
Published
Dec 13, 2016
Platform
js/wasm
Imports
3 packages
Last checked
44 seconds ago

Tools for package owners.