package auth
import "k8s.io/kubernetes/test/e2e/framework/auth"
Index ¶
- func BindClusterRole(ctx context.Context, c bindingsGetter, clusterRole, ns string, subjects ...rbacv1.Subject) error
- func BindClusterRoleInNamespace(ctx context.Context, c bindingsGetter, clusterRole, ns string, subjects ...rbacv1.Subject) error
- func BindRoleInNamespace(ctx context.Context, c bindingsGetter, role, ns string, subjects ...rbacv1.Subject) error
- func IsRBACEnabled(ctx context.Context, crGetter v1rbac.ClusterRolesGetter) bool
- func WaitForAuthorizationUpdate(ctx context.Context, c v1authorization.SubjectAccessReviewsGetter, user, namespace, verb string, resource schema.GroupResource, allowed bool) error
- func WaitForAuthzUpdate(ctx context.Context, c v1authorization.SubjectAccessReviewsGetter, user string, ra *authorizationv1.ResourceAttributes, allowed bool) error
- func WaitForNamedAuthorizationUpdate(ctx context.Context, c v1authorization.SubjectAccessReviewsGetter, user, namespace, verb, resourceName string, resource schema.GroupResource, allowed bool) error
Functions ¶
func BindClusterRole ¶
func BindClusterRole(ctx context.Context, c bindingsGetter, clusterRole, ns string, subjects ...rbacv1.Subject) error
BindClusterRole binds the cluster role at the cluster scope. If RBAC is not enabled, nil is returned with no action.
func BindClusterRoleInNamespace ¶
func BindClusterRoleInNamespace(ctx context.Context, c bindingsGetter, clusterRole, ns string, subjects ...rbacv1.Subject) error
BindClusterRoleInNamespace binds the cluster role at the namespace scope. If RBAC is not enabled, nil is returned with no action.
func BindRoleInNamespace ¶
func BindRoleInNamespace(ctx context.Context, c bindingsGetter, role, ns string, subjects ...rbacv1.Subject) error
BindRoleInNamespace binds the role at the namespace scope. If RBAC is not enabled, nil is returned with no action.
func IsRBACEnabled ¶
func IsRBACEnabled(ctx context.Context, crGetter v1rbac.ClusterRolesGetter) bool
IsRBACEnabled returns true if RBAC is enabled. Otherwise false.
func WaitForAuthorizationUpdate ¶
func WaitForAuthorizationUpdate(ctx context.Context, c v1authorization.SubjectAccessReviewsGetter, user, namespace, verb string, resource schema.GroupResource, allowed bool) error
WaitForAuthorizationUpdate checks if the given user can perform the named verb and action. If policyCachePollTimeout is reached without the expected condition matching, an error is returned
func WaitForAuthzUpdate ¶
func WaitForAuthzUpdate(ctx context.Context, c v1authorization.SubjectAccessReviewsGetter, user string, ra *authorizationv1.ResourceAttributes, allowed bool) error
WaitForAuthzUpdate checks if the give user can perform named verb and action on a resource or subresource.
func WaitForNamedAuthorizationUpdate ¶
func WaitForNamedAuthorizationUpdate(ctx context.Context, c v1authorization.SubjectAccessReviewsGetter, user, namespace, verb, resourceName string, resource schema.GroupResource, allowed bool) error
WaitForNamedAuthorizationUpdate checks if the given user can perform the named verb and action on the named resource. If policyCachePollTimeout is reached without the expected condition matching, an error is returned
Source Files ¶
helpers.go
- Version
- v1.33.0 (latest)
- Published
- Apr 23, 2025
- Platform
- linux/amd64
- Imports
- 12 packages
- Last checked
- 6 hours ago –
Tools for package owners.