audit

package

v1.20.0 Latest Latest Go to latest Published: Oct 29, 2024 License: Apache-2.0 Imports: 35 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/alcideio/rbac-tool

Links

Open Source Insights

Documentation ¶

Index ¶

Variables
func EventToAttributes(event *audit.Event) authorizer.AttributesRecord
func FilterEvent(event *audit.Event, userRegex *regexp.Regexp, UserFilterInverse bool, ...) bool
func Output(w io.Writer, obj runtime.Object, format string) error
func ReadAuditEvents(sources []string, filters ...func(*audit.Event) bool) (<-chan *StreamObject, error)
type GenerateOptions
- func DefaultGenerateOptions() GenerateOptions
type Generator
- func NewGenerator(existing RBACObjects, requests []authorizer.AttributesRecord, ...) *Generator
- func (g *Generator) Generate() *RBACObjects
type RBACObjects
- func GetDiscoveryRoles() RBACObjects
type StreamObject

Constants ¶

This section is empty.

Variables ¶

View Source

var (
	// Scheme knows about audit and rbac types
	Scheme = runtime.NewScheme()
	// Decoder knows how to decode audit and rbac objects
	Decoder runtime.Decoder
)

Functions ¶

func EventToAttributes ¶

func EventToAttributes(event *audit.Event) authorizer.AttributesRecord

func FilterEvent ¶

func FilterEvent(event *audit.Event, userRegex *regexp.Regexp, UserFilterInverse bool, nsRegex *regexp.Regexp) bool

func Output ¶

func Output(w io.Writer, obj runtime.Object, format string) error

Output writes the specified object to the specified writer in "yaml" or "json" format

func ReadAuditEvents ¶

func ReadAuditEvents(sources []string, filters ...func(*audit.Event) bool) (<-chan *StreamObject, error)

Types ¶

type GenerateOptions ¶

type GenerateOptions struct {
	VerbExpansions                          map[string][]string
	ExpandMultipleNamesToUnnamed            bool
	ExpandMultipleNamespacesToClusterScoped bool

	Name        string
	Annotations map[string]string
}

GenerateOptions specifies options for generating RBAC roles

func DefaultGenerateOptions ¶

func DefaultGenerateOptions() GenerateOptions

DefaultGenerateOptions returns default generation options

type Generator ¶

type Generator struct {
	Options GenerateOptions
	// contains filtered or unexported fields
}

Generator allows generating a set of covering RBAC roles and bindings

func NewGenerator ¶

func NewGenerator(existing RBACObjects, requests []authorizer.AttributesRecord, options GenerateOptions) *Generator

NewGenerator creates a new Generator

func (*Generator) Generate ¶

func (g *Generator) Generate() *RBACObjects

Generate returns a set of RBAC roles and bindings that cover the specified requests

type RBACObjects ¶

type RBACObjects struct {
	Roles               []*rbacv1.Role
	RoleBindings        []*rbacv1.RoleBinding
	ClusterRoles        []*rbacv1.ClusterRole
	ClusterRoleBindings []*rbacv1.ClusterRoleBinding
}

RBACObjects holds lists of RBAC API objects

func GetDiscoveryRoles ¶

func GetDiscoveryRoles() RBACObjects

type StreamObject ¶

type StreamObject struct {
	Obj runtime.Object
	Err error
}

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL