package authorizer
import "k8s.io/kubernetes/pkg/genericapiserver/authorizer"
Index ¶
- func NewAlwaysAllowAuthorizer() authorizer.Authorizer
- func NewAlwaysDenyAuthorizer() authorizer.Authorizer
- func NewAlwaysFailAuthorizer() authorizer.Authorizer
- func NewAuthorizerFromAuthorizationConfig(authorizationModes []string, config AuthorizationConfig) (authorizer.Authorizer, error)
- func NewPrivilegedGroups(groups ...string) *privilegedGroupAuthorizer
- type AuthorizationConfig
Functions ¶
func NewAlwaysAllowAuthorizer ¶
func NewAlwaysAllowAuthorizer() authorizer.Authorizer
func NewAlwaysDenyAuthorizer ¶
func NewAlwaysDenyAuthorizer() authorizer.Authorizer
func NewAlwaysFailAuthorizer ¶
func NewAlwaysFailAuthorizer() authorizer.Authorizer
func NewAuthorizerFromAuthorizationConfig ¶
func NewAuthorizerFromAuthorizationConfig(authorizationModes []string, config AuthorizationConfig) (authorizer.Authorizer, error)
NewAuthorizerFromAuthorizationConfig returns the right sort of union of multiple authorizer.Authorizer objects based on the authorizationMode or an error. authorizationMode should be a comma separated values of options.AuthorizationModeChoices.
func NewPrivilegedGroups ¶
func NewPrivilegedGroups(groups ...string) *privilegedGroupAuthorizer
NewPrivilegedGroups is for use in loopback scenarios
Types ¶
type AuthorizationConfig ¶
type AuthorizationConfig struct {
// Path to an ABAC policy file.
PolicyFile string
// Kubeconfig file for Webhook authorization plugin.
WebhookConfigFile string
// TTL for caching of authorized responses from the webhook server.
WebhookCacheAuthorizedTTL time.Duration
// TTL for caching of unauthorized responses from the webhook server.
time.Duration
// User which can bootstrap role policies
RBACSuperUser string
InformerFactory informers.SharedInformerFactory
}
Source Files ¶
authz.go
- Version
- v1.5.7
- Published
- Apr 27, 2017
- Platform
- windows/amd64
- Imports
- 10 packages
- Last checked
- 6 minutes ago –
Tools for package owners.