Documentation ¶
Overview ¶
+k8s:openapi-gen=true
Index ¶
Constants ¶
View Source
const GroupName = "abac.authorization.kubernetes.io"
Variables ¶
View Source
var ( // TODO: move SchemeBuilder with zz_generated.deepcopy.go to k8s.io/api. // localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes. SchemeBuilder runtime.SchemeBuilder AddToScheme = localSchemeBuilder.AddToScheme )
View Source
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v0"}
GroupVersion is the API group and version for abac v0
Functions ¶
This section is empty.
Types ¶
type Policy ¶
type Policy struct { metav1.TypeMeta `json:",inline"` // User is the username this rule applies to. // Either user or group is required to match the request. // "*" matches all users. // +optional User string `json:"user,omitempty"` // Group is the group this rule applies to. // Either user or group is required to match the request. // "*" matches all groups. // +optional Group string `json:"group,omitempty"` // Readonly matches readonly requests when true, and all requests when false // +optional Readonly bool `json:"readonly,omitempty"` // Resource is the name of a resource // "*" matches all resources // +optional Resource string `json:"resource,omitempty"` // Namespace is the name of a namespace // "*" matches all namespaces (including unnamespaced requests) // +optional Namespace string `json:"namespace,omitempty"` }
Policy contains a single ABAC policy rule
Click to show internal directories.
Click to hide internal directories.