package rbac

import "k8s.io/kubernetes/plugin/pkg/auth/authorizer/rbac"

Package rbac implements the authorizer.Authorizer interface using roles base access control.

Index

Functions

func RuleAllows 

func RuleAllows(requestAttributes authorizer.Attributes, rule rbac.PolicyRule) bool

func RulesAllow 

func RulesAllow(requestAttributes authorizer.Attributes, rules ...rbac.PolicyRule) bool

Types

type RBACAuthorizer 

type RBACAuthorizer struct {
	// contains filtered or unexported fields
}

func New 

func New(roles validation.RoleGetter, roleBindings validation.RoleBindingLister, clusterRoles validation.ClusterRoleGetter, clusterRoleBindings validation.ClusterRoleBindingLister, superUser string) *RBACAuthorizer

func (*RBACAuthorizer) Authorize 

func (r *RBACAuthorizer) Authorize(requestAttributes authorizer.Attributes) (bool, string, error)

type RequestToRuleMapper 

type RequestToRuleMapper interface {
	// RulesFor returns all known PolicyRules and any errors that happened while locating those rules.
	// Any rule returned is still valid, since rules are deny by default.  If you can pass with the rules
	// supplied, you do not have to fail the request.  If you cannot, you should indicate the error along
	// with your denial.
	RulesFor(subject user.Info, namespace string) ([]rbac.PolicyRule, error)
}

Source Files

rbac.go

Directories

PathSynopsis
plugin/pkg/auth/authorizer/rbac/bootstrappolicy
Version
v1.5.2
Published
Jan 12, 2017
Platform
linux/amd64
Imports
4 packages
Last checked
2 hours ago

Tools for package owners.