Documentation
¶
Index ¶
- func APIResourcesToExpandedRules(resourceLists []*metav1.APIResourceList) []rbacv1.PolicyRule
- func ApplyDenyRulesToExpandedRuleset(fullRuleSet []rbacv1.PolicyRule, denyRules []rbacv1.PolicyRule) []rbacv1.PolicyRule
- func DiscoverClusterResources(config *rest.Config) (apiGroupList []*metav1.APIGroup, apiResourceList []*metav1.APIResourceList, ...)
- func EnumeratePolicyRules(inputRules []rbacv1.PolicyRule, config *rest.Config) ([]rbacv1.PolicyRule, error)
- func ExpandPolicyRules(inputRules []rbacv1.PolicyRule) []rbacv1.PolicyRule
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func APIResourcesToExpandedRules ¶
func APIResourcesToExpandedRules(resourceLists []*metav1.APIResourceList) []rbacv1.PolicyRule
APIResourcesToExpandedRules converts an APIResourceList into a list of PolicyRules with all verbs allowed
func ApplyDenyRulesToExpandedRuleset ¶
func ApplyDenyRulesToExpandedRuleset(fullRuleSet []rbacv1.PolicyRule, denyRules []rbacv1.PolicyRule) []rbacv1.PolicyRule
func DiscoverClusterResources ¶
func DiscoverClusterResources(config *rest.Config) (apiGroupList []*metav1.APIGroup, apiResourceList []*metav1.APIResourceList, err error)
DiscoverClusterResources returns a list of all known resources and groups known to this API server
func EnumeratePolicyRules ¶
func EnumeratePolicyRules(inputRules []rbacv1.PolicyRule, config *rest.Config) ([]rbacv1.PolicyRule, error)
EnumeratePolicyRules takes a list of rules with wildcards and returns a list of policy rules with resources explicitly enumerated
func ExpandPolicyRules ¶
func ExpandPolicyRules(inputRules []rbacv1.PolicyRule) []rbacv1.PolicyRule
ExpandPolicyRules ensures that multiple resources with the same verbs are not grouped together in the same rule definition (makes it easier to edit individual verbs later)
Types ¶
This section is empty.
Source Files
Click to show internal directories.
Click to hide internal directories.