Documentation
¶
Overview ¶
Package v1 is v1 version of the OpenFaaS IAM API. +groupName=iam.openfaas.com
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( // localSchemeBuilder and AddToScheme will stay in k8s.io/kubernetes. SchemeBuilder runtime.SchemeBuilder AddToScheme = localSchemeBuilder.AddToScheme )
var SchemeGroupVersion = schema.GroupVersion{Group: controller.GroupName, Version: "v1"}
SchemeGroupVersion is group version used to register these objects
Functions ¶
func Resource ¶
func Resource(resource string) schema.GroupResource
Resource takes an unqualified resource and returns a Group qualified GroupResource
Types ¶
type ConditionMap ¶
func (ConditionMap) DeepCopy ¶
func (in ConditionMap) DeepCopy() ConditionMap
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConditionMap.
func (ConditionMap) DeepCopyInto ¶
func (in ConditionMap) DeepCopyInto(out *ConditionMap)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type JwtIssuer ¶
type JwtIssuer struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec JwtIssuerSpec `json:"spec"`
}
JwtIssuer is used to define a JWT issuer for a function +kubebuilder:printcolumn:name="Issuer",type=string,JSONPath=`.spec.iss` +kubebuilder:printcolumn:name="Audience",type=string,JSONPath=`.spec.aud` +kubebuilder:printcolumn:name="Expiry",type=string,JSONPath=`.spec.tokenExpiry`
func (*JwtIssuer) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JwtIssuer.
func (*JwtIssuer) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*JwtIssuer) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type JwtIssuerList ¶
type JwtIssuerList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata"`
Items []JwtIssuer `json:"items"`
}
JwtIssuerList
func (*JwtIssuerList) DeepCopy ¶
func (in *JwtIssuerList) DeepCopy() *JwtIssuerList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JwtIssuerList.
func (*JwtIssuerList) DeepCopyInto ¶
func (in *JwtIssuerList) DeepCopyInto(out *JwtIssuerList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*JwtIssuerList) DeepCopyObject ¶
func (in *JwtIssuerList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type JwtIssuerSpec ¶
type JwtIssuerSpec struct {
// Issuer is the issuer of the JWT
Issuer string `json:"iss"`
// +optional
// IssuerInternal provides an alternative URL to use to download the public key
// for this issuer. It's useful for the system issuer.
IssuerInternal string `json:"issInternal,omitempty"`
// Audience is the intended audience of the JWT, at times, like with Auth0 this is the
// client ID of the app, and not our validating server
Audience []string `json:"aud"`
// +optional
TokenExpiry string `json:"tokenExpiry,omitempty"`
}
JwtIssuerSpec is the spec for a JwtIssuer resource
func (*JwtIssuerSpec) DeepCopy ¶
func (in *JwtIssuerSpec) DeepCopy() *JwtIssuerSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new JwtIssuerSpec.
func (*JwtIssuerSpec) DeepCopyInto ¶
func (in *JwtIssuerSpec) DeepCopyInto(out *JwtIssuerSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Policy ¶
type Policy struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec PolicySpec `json:"spec"`
}
Policy is used to define a policy for a function +kubebuilder:printcolumn:name="Statement",type=string,JSONPath=`.spec.statement`
func (*Policy) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy.
func (*Policy) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Policy) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type PolicyList ¶
type PolicyList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata"`
Items []Policy `json:"items"`
}
PolicyList is a list of Policy resources
func (*PolicyList) DeepCopy ¶
func (in *PolicyList) DeepCopy() *PolicyList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyList.
func (*PolicyList) DeepCopyInto ¶
func (in *PolicyList) DeepCopyInto(out *PolicyList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*PolicyList) DeepCopyObject ¶
func (in *PolicyList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type PolicySpec ¶
type PolicySpec struct {
Statement []PolicyStatement `json:"statement"`
}
func (*PolicySpec) DeepCopy ¶
func (in *PolicySpec) DeepCopy() *PolicySpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicySpec.
func (*PolicySpec) DeepCopyInto ¶
func (in *PolicySpec) DeepCopyInto(out *PolicySpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PolicyStatement ¶
type PolicyStatement struct {
// SID is the unique identifier for the policy
SID string `json:"sid"`
// Effect is the effect of the policy - only Allow is supported
Effect string `json:"effect"`
// Action is a set of actions that the policy applies to i.e. Function:Read
Action []string `json:"action"`
// Resource is a set of resources that the policy applies to - only namespaces are supported at
// present
Resource []string `json:"resource"`
// +optional
// Condition is a set of conditions that the policy applies to
// {
// "StringLike": {
// "jwt:https://my-identity-provider.com#sub-id": [
// "1234567890",
// "0987654321"
// ],
// }
// }
Condition *ConditionMap `json:"condition,omitempty"`
}
func (*PolicyStatement) DeepCopy ¶
func (in *PolicyStatement) DeepCopy() *PolicyStatement
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyStatement.
func (*PolicyStatement) DeepCopyInto ¶
func (in *PolicyStatement) DeepCopyInto(out *PolicyStatement)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Role ¶
type Role struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec RoleSpec `json:"spec"`
}
Role is used to define a role for a function +kubebuilder:printcolumn:name="Principal",type=string,JSONPath=`.spec.principal` +kubebuilder:printcolumn:name="Condition",type=string,JSONPath=`.spec.condition` +kubebuilder:printcolumn:name="Policy",type=string,JSONPath=`.spec.policy`
func (*Role) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Role.
func (*Role) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Role) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type RoleList ¶
type RoleList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata"`
Items []Role `json:"items"`
}
RoleList is a list of Role resources
func (*RoleList) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleList.
func (*RoleList) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*RoleList) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type RoleSpec ¶
type RoleSpec struct {
// +optional
// Policy is a list of named policies which apply to this role
Policy []string `json:"policy"`
// +optional
// Principal is the principal that the role applies to i.e.
// {
// "jwt:sub":["repo:alexellis/minty:ref:refs/heads/master"]
// }
Principal map[string][]string `json:"principal"`
// +optional
// Condition is a set of conditions that can be used instead of a principal
// to match against claims within a JWT
// {
// "StringLike": {
// "jwt:https://my-identity-provider.com#sub-id": [
// "1234567890",
// "0987654321"
// ],
// }
// }
Condition *ConditionMap `json:"condition,omitempty"`
}
RoleSpec maps a number of principals or attributes within a JWT to a set of policies.
func (*RoleSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleSpec.
func (*RoleSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files