kubernetesk8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy Index | Files

package bootstrappolicy

import "k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac/bootstrappolicy"

Index

Variables

var (
	Write      = []string{"create", "update", "patch", "delete", "deletecollection"}
	ReadWrite  = []string{"get", "list", "watch", "create", "update", "patch", "delete", "deletecollection"}
	Read       = []string{"get", "list", "watch"}
	ReadUpdate = []string{"get", "list", "watch", "update", "patch"}

	Label      = map[string]string{"kubernetes.io/bootstrapping": "rbac-defaults"}
	Annotation = map[string]string{rbacv1.AutoUpdateAnnotationKey: "true"}
)

Write and other vars are slices of the allowed verbs. Label and Annotation are default maps of bootstrappolicy.

Functions

func ClusterRoleBindings

func ClusterRoleBindings() []rbacv1.ClusterRoleBinding

ClusterRoleBindings return default rolebindings to the default roles

func ClusterRoleBindingsToSplit

func ClusterRoleBindingsToSplit() map[string]rbacv1.ClusterRoleBinding

ClusterRoleBindingsToSplit returns a map of Names of source ClusterRoleBindings to copy Subjects, Annotations, and Labels to destination ClusterRoleBinding templates.

func ClusterRoles

func ClusterRoles() []rbacv1.ClusterRole

ClusterRoles returns the cluster roles to bootstrap an API server with

func ClusterRolesToAggregate

func ClusterRolesToAggregate() map[string]string

ClusterRolesToAggregate maps from previous clusterrole name to the new clusterrole name

func ControllerRoleBindings

func ControllerRoleBindings() []rbacv1.ClusterRoleBinding

ControllerRoleBindings returns the role bindings used by controllers

func ControllerRoles

func ControllerRoles() []rbacv1.ClusterRole

ControllerRoles returns the cluster roles used by controllers

func NamespaceRoleBindings

func NamespaceRoleBindings() map[string][]rbacv1.RoleBinding

NamespaceRoleBindings returns a map of namespace to slice of roles to create

func NamespaceRoles

func NamespaceRoles() map[string][]rbacv1.Role

NamespaceRoles returns a map of namespace to slice of roles to create

func NodeRules

func NodeRules() []rbacv1.PolicyRule

NodeRules returns node policy rules, it is slice of rbacv1.PolicyRule.

Source Files

controller_policy.go namespace_policy.go policy.go

Version
v1.33.0 (latest)
Published
Apr 23, 2025
Platform
linux/amd64
Imports
15 packages
Last checked
3 hours ago

Tools for package owners.