The highest tagged major version is
Documentation
¶
Index ¶
Constants ¶
const ( MethodAll = "*" KindResource = "resource" UserKind SubjectKind = "user" GroupKind SubjectKind = "group" )
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type ActionRule ¶ added in v1.7.0
type ActionRule struct {
Method string `bson:"method" json:"method"`
Endpoint string `bson:"endpoint" json:"endpoint"`
ResourceType string `bson:"resource_type,omitempty" json:"resource_type,omitempty"`
IDRegex string `bson:"id_regex,omitempty" json:"idRegex,omitempty"`
MatchAttributes []Attribute `bson:"match_attributes,omitempty" json:"match_attributes,omitempty"`
}
type MatchAttribute ¶ added in v1.10.0
type Policy ¶ added in v1.7.0
type Policy struct {
Name string `bson:"name" json:"name"`
Namespace string `bson:"namespace" json:"namespace"`
Description string `bson:"description" json:"description"`
CreateTime int64 `bson:"create_time" json:"create_time"`
UpdateTime int64 `bson:"update_time" json:"update_time"`
Rules []*Rule `bson:"rules" json:"rules"`
CreateBy string `bson:"create_by" json:"create_by"`
UpdateBy string `bson:"update_by" json:"update_by"`
Type setting.ResourceType `bson:"type" json:"type"`
}
Policy is a namespaced or cluster scoped, logical grouping of PolicyRules that can be referenced as a unit by a PolicyBinding. for a cluster scoped Policy, namespace is empty.
type PolicyBinding ¶ added in v1.10.0
type PolicyBinding struct {
Name string `bson:"name" json:"name"`
Namespace string `bson:"namespace" json:"namespace"`
// Subjects holds references to the objects the Policy applies to.
Subjects []*Subject `bson:"subjects" json:"subjects"`
// PolicyRef can reference a namespaced or cluster scoped Policy.
PolicyRef *PolicyRef `bson:"policy_ref" json:"policy_ref"`
Type setting.ResourceType `bson:"type" json:"type"`
}
PolicyBinding references a Policy, but does not contain it. It adds who information via Subjects. PolicyBinding in a given namespace only have effect in that namespace. for a cluster scoped PolicyBinding, namespace is empty.
func (PolicyBinding) TableName ¶ added in v1.10.0
func (PolicyBinding) TableName() string
type PolicyMeta ¶ added in v1.10.0
type PolicyMeta struct {
Resource string `bson:"resource" json:"resource"`
Alias string `bson:"alias" json:"alias"`
Description string `bson:"description" json:"description"`
Rules []*PolicyMetaRule `bson:"rules" json:"rules"`
}
func (PolicyMeta) TableName ¶ added in v1.10.0
func (PolicyMeta) TableName() string
type PolicyMetaRule ¶ added in v1.10.0
type PolicyMetaRule struct {
Action string `bson:"action" json:"action"`
Alias string `bson:"alias" json:"alias"`
Description string `bson:"description" json:"description"`
Rules []*ActionRule `bson:"rules" json:"rules"`
}
type PolicyRef ¶ added in v1.10.0
type PolicyRef struct {
Name string `bson:"name" json:"name"`
// Namespace of the referenced object. if the object is cluster scoped, namespace is empty.
Namespace string `bson:"namespace" json:"namespace"`
}
PolicyRef contains information that points to the policy being used
type Role ¶
type Role struct {
Name string `bson:"name" json:"name"`
Desc string `bson:"desc" json:"desc"`
Namespace string `bson:"namespace" json:"namespace"`
Rules []*Rule `bson:"rules" json:"rules"`
Type setting.ResourceType `bson:"type" json:"type"`
}
Role is a namespaced or cluster scoped, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding. for a cluster scoped Role, namespace is empty.
type RoleBinding ¶
type RoleBinding struct {
Name string `bson:"name" json:"name"`
Namespace string `bson:"namespace" json:"namespace"`
// Subjects holds references to the objects the role applies to.
Subjects []*Subject `bson:"subjects" json:"subjects"`
// RoleRef can reference a namespaced or cluster scoped Role.
RoleRef *RoleRef `bson:"role_ref" json:"roleRef"`
}
RoleBinding references a role, but does not contain it. It adds who information via Subjects. RoleBindings in a given namespace only have effect in that namespace. for a cluster scoped RoleBinding, namespace is empty.
func (RoleBinding) TableName ¶
func (RoleBinding) TableName() string
type RoleRef ¶
type RoleRef struct {
Name string `bson:"name" json:"name"`
// Namespace of the referenced object. if the object is cluster scoped, namespace is empty.
Namespace string `bson:"namespace" json:"namespace"`
}
RoleRef contains information that points to the role being used
type Rule ¶ added in v1.7.0
type Rule struct {
// Verbs is a list of http methods or resource actions that apply to ALL the Resources contained in this rule. '*' represents all methods.
Verbs []string `bson:"verbs" json:"verbs"`
// Resources is a list of resources this rule applies to. '*' represents all resources.
Resources []string `bson:"resources" json:"resources"`
Kind string `bson:"kind" json:"kind"`
MatchAttributes []MatchAttribute `bson:"match_attributes" json:"match_attributes"`
}
Rule holds information that describes a policy rule, but does not contain information about whom the rule applies to. If Kind is "resource", verbs are resource actions, while resources are resource names
type Subject ¶
type Subject struct {
// Kind of object being referenced. allowed values are "User", "Group".
Kind SubjectKind `bson:"kind" json:"kind"`
// unique identifier of the object being referenced.
UID string `bson:"uid" json:"uid"`
}
Subject contains a reference to the object or user identities a role binding applies to.
type SubjectKind ¶
type SubjectKind string
Source Files