v1alpha1

package
v1.6.9-beta.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 3, 2017 License: Apache-2.0 Imports: 17 Imported by: 0

Documentation

Overview

+groupName=rbac.authorization.k8s.io

Package v1alpha1 is a generated protocol buffer package.

It is generated from these files:
	k8s.io/kubernetes/pkg/apis/rbac/v1alpha1/generated.proto

It has these top-level messages:
	ClusterRole
	ClusterRoleBinding
	ClusterRoleBindingBuilder
	ClusterRoleBindingList
	ClusterRoleList
	PolicyRule
	PolicyRuleBuilder
	Role
	RoleBinding
	RoleBindingList
	RoleList
	RoleRef
	Subject

Index

Constants

View Source
const (
	APIGroupAll    = "*"
	ResourceAll    = "*"
	VerbAll        = "*"
	NonResourceAll = "*"

	GroupKind          = "Group"
	ServiceAccountKind = "ServiceAccount"
	UserKind           = "User"

	// AutoUpdateAnnotationKey is the name of an annotation which prevents reconciliation if set to "false"
	AutoUpdateAnnotationKey = "rbac.authorization.kubernetes.io/autoupdate"
)
View Source
const GroupName = "rbac.authorization.k8s.io"

Variables

View Source
var (
	ErrInvalidLengthGenerated = fmt.Errorf("proto: negative length found during unmarshaling")
	ErrIntOverflowGenerated   = fmt.Errorf("proto: integer overflow")
)
View Source
var (
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes, addDefaultingFuncs)
	AddToScheme   = SchemeBuilder.AddToScheme
)
View Source
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}

SchemeGroupVersion is group version used to register these objects

Functions

func Convert_rbac_ClusterRoleBindingBuilder_To_v1alpha1_ClusterRoleBindingBuilder added in v1.7.0

func Convert_rbac_ClusterRoleBindingBuilder_To_v1alpha1_ClusterRoleBindingBuilder(in *rbac.ClusterRoleBindingBuilder, out *ClusterRoleBindingBuilder, s conversion.Scope) error

func Convert_rbac_ClusterRoleBindingList_To_v1alpha1_ClusterRoleBindingList

func Convert_rbac_ClusterRoleBindingList_To_v1alpha1_ClusterRoleBindingList(in *rbac.ClusterRoleBindingList, out *ClusterRoleBindingList, s conversion.Scope) error

func Convert_rbac_ClusterRoleBinding_To_v1alpha1_ClusterRoleBinding

func Convert_rbac_ClusterRoleBinding_To_v1alpha1_ClusterRoleBinding(in *rbac.ClusterRoleBinding, out *ClusterRoleBinding, s conversion.Scope) error

func Convert_rbac_ClusterRoleList_To_v1alpha1_ClusterRoleList

func Convert_rbac_ClusterRoleList_To_v1alpha1_ClusterRoleList(in *rbac.ClusterRoleList, out *ClusterRoleList, s conversion.Scope) error

func Convert_rbac_ClusterRole_To_v1alpha1_ClusterRole

func Convert_rbac_ClusterRole_To_v1alpha1_ClusterRole(in *rbac.ClusterRole, out *ClusterRole, s conversion.Scope) error

func Convert_rbac_PolicyRuleBuilder_To_v1alpha1_PolicyRuleBuilder added in v1.7.0

func Convert_rbac_PolicyRuleBuilder_To_v1alpha1_PolicyRuleBuilder(in *rbac.PolicyRuleBuilder, out *PolicyRuleBuilder, s conversion.Scope) error

func Convert_rbac_PolicyRule_To_v1alpha1_PolicyRule

func Convert_rbac_PolicyRule_To_v1alpha1_PolicyRule(in *rbac.PolicyRule, out *PolicyRule, s conversion.Scope) error

func Convert_rbac_RoleBindingList_To_v1alpha1_RoleBindingList

func Convert_rbac_RoleBindingList_To_v1alpha1_RoleBindingList(in *rbac.RoleBindingList, out *RoleBindingList, s conversion.Scope) error

func Convert_rbac_RoleBinding_To_v1alpha1_RoleBinding

func Convert_rbac_RoleBinding_To_v1alpha1_RoleBinding(in *rbac.RoleBinding, out *RoleBinding, s conversion.Scope) error

func Convert_rbac_RoleList_To_v1alpha1_RoleList

func Convert_rbac_RoleList_To_v1alpha1_RoleList(in *rbac.RoleList, out *RoleList, s conversion.Scope) error

func Convert_rbac_RoleRef_To_v1alpha1_RoleRef added in v1.7.0

func Convert_rbac_RoleRef_To_v1alpha1_RoleRef(in *rbac.RoleRef, out *RoleRef, s conversion.Scope) error

func Convert_rbac_Role_To_v1alpha1_Role

func Convert_rbac_Role_To_v1alpha1_Role(in *rbac.Role, out *Role, s conversion.Scope) error

func Convert_rbac_Subject_To_v1alpha1_Subject

func Convert_rbac_Subject_To_v1alpha1_Subject(in *api.Subject, out *Subject, s conversion.Scope) error

func Convert_v1alpha1_ClusterRoleBindingBuilder_To_rbac_ClusterRoleBindingBuilder added in v1.7.0

func Convert_v1alpha1_ClusterRoleBindingBuilder_To_rbac_ClusterRoleBindingBuilder(in *ClusterRoleBindingBuilder, out *rbac.ClusterRoleBindingBuilder, s conversion.Scope) error

func Convert_v1alpha1_ClusterRoleBindingList_To_rbac_ClusterRoleBindingList

func Convert_v1alpha1_ClusterRoleBindingList_To_rbac_ClusterRoleBindingList(in *ClusterRoleBindingList, out *rbac.ClusterRoleBindingList, s conversion.Scope) error

func Convert_v1alpha1_ClusterRoleBinding_To_rbac_ClusterRoleBinding

func Convert_v1alpha1_ClusterRoleBinding_To_rbac_ClusterRoleBinding(in *ClusterRoleBinding, out *rbac.ClusterRoleBinding, s conversion.Scope) error

func Convert_v1alpha1_ClusterRoleList_To_rbac_ClusterRoleList

func Convert_v1alpha1_ClusterRoleList_To_rbac_ClusterRoleList(in *ClusterRoleList, out *rbac.ClusterRoleList, s conversion.Scope) error

func Convert_v1alpha1_ClusterRole_To_rbac_ClusterRole

func Convert_v1alpha1_ClusterRole_To_rbac_ClusterRole(in *ClusterRole, out *rbac.ClusterRole, s conversion.Scope) error

func Convert_v1alpha1_PolicyRuleBuilder_To_rbac_PolicyRuleBuilder added in v1.7.0

func Convert_v1alpha1_PolicyRuleBuilder_To_rbac_PolicyRuleBuilder(in *PolicyRuleBuilder, out *rbac.PolicyRuleBuilder, s conversion.Scope) error

func Convert_v1alpha1_PolicyRule_To_rbac_PolicyRule

func Convert_v1alpha1_PolicyRule_To_rbac_PolicyRule(in *PolicyRule, out *rbac.PolicyRule, s conversion.Scope) error

func Convert_v1alpha1_RoleBindingList_To_rbac_RoleBindingList

func Convert_v1alpha1_RoleBindingList_To_rbac_RoleBindingList(in *RoleBindingList, out *rbac.RoleBindingList, s conversion.Scope) error

func Convert_v1alpha1_RoleBinding_To_rbac_RoleBinding

func Convert_v1alpha1_RoleBinding_To_rbac_RoleBinding(in *RoleBinding, out *rbac.RoleBinding, s conversion.Scope) error

func Convert_v1alpha1_RoleList_To_rbac_RoleList

func Convert_v1alpha1_RoleList_To_rbac_RoleList(in *RoleList, out *rbac.RoleList, s conversion.Scope) error

func Convert_v1alpha1_RoleRef_To_rbac_RoleRef added in v1.7.0

func Convert_v1alpha1_RoleRef_To_rbac_RoleRef(in *RoleRef, out *rbac.RoleRef, s conversion.Scope) error

func Convert_v1alpha1_Role_To_rbac_Role

func Convert_v1alpha1_Role_To_rbac_Role(in *Role, out *rbac.Role, s conversion.Scope) error

func Convert_v1alpha1_Subject_To_rbac_Subject

func Convert_v1alpha1_Subject_To_rbac_Subject(in *Subject, out *api.Subject, s conversion.Scope) error

func DeepCopy_v1alpha1_ClusterRole

func DeepCopy_v1alpha1_ClusterRole(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_v1alpha1_ClusterRoleBinding

func DeepCopy_v1alpha1_ClusterRoleBinding(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_v1alpha1_ClusterRoleBindingList

func DeepCopy_v1alpha1_ClusterRoleBindingList(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_v1alpha1_ClusterRoleList

func DeepCopy_v1alpha1_ClusterRoleList(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_v1alpha1_PolicyRule

func DeepCopy_v1alpha1_PolicyRule(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_v1alpha1_Role

func DeepCopy_v1alpha1_Role(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_v1alpha1_RoleBinding

func DeepCopy_v1alpha1_RoleBinding(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_v1alpha1_RoleBindingList

func DeepCopy_v1alpha1_RoleBindingList(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_v1alpha1_RoleList

func DeepCopy_v1alpha1_RoleList(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_v1alpha1_RoleRef added in v1.7.0

func DeepCopy_v1alpha1_RoleRef(in interface{}, out interface{}, c *conversion.Cloner) error

func DeepCopy_v1alpha1_Subject

func DeepCopy_v1alpha1_Subject(in interface{}, out interface{}, c *conversion.Cloner) error

func RegisterConversions added in v1.4.5

func RegisterConversions(scheme *runtime.Scheme) error

RegisterConversions adds conversion functions to the given scheme. Public to allow building arbitrary schemes.

func RegisterDeepCopies added in v1.4.5

func RegisterDeepCopies(scheme *runtime.Scheme) error

RegisterDeepCopies adds deep-copy functions to the given scheme. Public to allow building arbitrary schemes.

func RegisterDefaults added in v1.7.0

func RegisterDefaults(scheme *runtime.Scheme) error

RegisterDefaults adds defaulters functions to the given scheme. Public to allow building arbitrary schemes. All generated defaulters are covering - they call all nested defaulters.

func Resource added in v1.7.0

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns a Group qualified GroupResource

func SetDefaults_ClusterRoleBinding added in v1.7.0

func SetDefaults_ClusterRoleBinding(obj *ClusterRoleBinding)

func SetDefaults_RoleBinding added in v1.7.0

func SetDefaults_RoleBinding(obj *RoleBinding)

func SetDefaults_Subject added in v1.7.0

func SetDefaults_Subject(obj *Subject)

func SetObjectDefaults_ClusterRoleBinding added in v1.7.0

func SetObjectDefaults_ClusterRoleBinding(in *ClusterRoleBinding)

func SetObjectDefaults_ClusterRoleBindingList added in v1.7.0

func SetObjectDefaults_ClusterRoleBindingList(in *ClusterRoleBindingList)

func SetObjectDefaults_RoleBinding added in v1.7.0

func SetObjectDefaults_RoleBinding(in *RoleBinding)

func SetObjectDefaults_RoleBindingList added in v1.7.0

func SetObjectDefaults_RoleBindingList(in *RoleBindingList)

Types

type ClusterRole

type ClusterRole struct {
	metav1.TypeMeta `json:",inline"`
	// Standard object's metadata.
	// +optional
	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

	// Rules holds all the PolicyRules for this ClusterRole
	Rules []PolicyRule `json:"rules" protobuf:"bytes,2,rep,name=rules"`
}

ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.

func (*ClusterRole) CodecDecodeSelf

func (x *ClusterRole) CodecDecodeSelf(d *codec1978.Decoder)

func (*ClusterRole) CodecEncodeSelf

func (x *ClusterRole) CodecEncodeSelf(e *codec1978.Encoder)

func (*ClusterRole) Descriptor added in v1.4.5

func (*ClusterRole) Descriptor() ([]byte, []int)

func (*ClusterRole) Marshal

func (m *ClusterRole) Marshal() (data []byte, err error)

func (*ClusterRole) MarshalTo

func (m *ClusterRole) MarshalTo(data []byte) (int, error)

func (*ClusterRole) ProtoMessage

func (*ClusterRole) ProtoMessage()

func (*ClusterRole) Reset

func (m *ClusterRole) Reset()

func (*ClusterRole) Size

func (m *ClusterRole) Size() (n int)

func (*ClusterRole) String

func (this *ClusterRole) String() string

func (ClusterRole) SwaggerDoc

func (ClusterRole) SwaggerDoc() map[string]string

func (*ClusterRole) Unmarshal

func (m *ClusterRole) Unmarshal(data []byte) error

type ClusterRoleBinding

type ClusterRoleBinding struct {
	metav1.TypeMeta `json:",inline"`
	// Standard object's metadata.
	// +optional
	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

	// Subjects holds references to the objects the role applies to.
	Subjects []Subject `json:"subjects" protobuf:"bytes,2,rep,name=subjects"`

	// RoleRef can only reference a ClusterRole in the global namespace.
	// If the RoleRef cannot be resolved, the Authorizer must return an error.
	RoleRef RoleRef `json:"roleRef" protobuf:"bytes,3,opt,name=roleRef"`
}

ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace, and adds who information via Subject.

func (*ClusterRoleBinding) CodecDecodeSelf

func (x *ClusterRoleBinding) CodecDecodeSelf(d *codec1978.Decoder)

func (*ClusterRoleBinding) CodecEncodeSelf

func (x *ClusterRoleBinding) CodecEncodeSelf(e *codec1978.Encoder)

func (*ClusterRoleBinding) Descriptor added in v1.4.5

func (*ClusterRoleBinding) Descriptor() ([]byte, []int)

func (*ClusterRoleBinding) Marshal

func (m *ClusterRoleBinding) Marshal() (data []byte, err error)

func (*ClusterRoleBinding) MarshalTo

func (m *ClusterRoleBinding) MarshalTo(data []byte) (int, error)

func (*ClusterRoleBinding) ProtoMessage

func (*ClusterRoleBinding) ProtoMessage()

func (*ClusterRoleBinding) Reset

func (m *ClusterRoleBinding) Reset()

func (*ClusterRoleBinding) Size

func (m *ClusterRoleBinding) Size() (n int)

func (*ClusterRoleBinding) String

func (this *ClusterRoleBinding) String() string

func (ClusterRoleBinding) SwaggerDoc

func (ClusterRoleBinding) SwaggerDoc() map[string]string

func (*ClusterRoleBinding) Unmarshal

func (m *ClusterRoleBinding) Unmarshal(data []byte) error

type ClusterRoleBindingBuilder added in v1.7.0

type ClusterRoleBindingBuilder struct {
	ClusterRoleBinding ClusterRoleBinding `protobuf:"bytes,1,opt,name=clusterRoleBinding"`
}

+k8s:deepcopy-gen=false ClusterRoleBindingBuilder let's us attach methods. A no-no for API types. We use it to construct bindings in code. It's more compact than trying to write them out in a literal.

func NewClusterBinding added in v1.7.0

func NewClusterBinding(clusterRoleName string) *ClusterRoleBindingBuilder

func (*ClusterRoleBindingBuilder) Binding added in v1.7.0

func (*ClusterRoleBindingBuilder) BindingOrDie added in v1.7.0

func (*ClusterRoleBindingBuilder) Descriptor added in v1.7.0

func (*ClusterRoleBindingBuilder) Descriptor() ([]byte, []int)

func (*ClusterRoleBindingBuilder) Groups added in v1.7.0

func (*ClusterRoleBindingBuilder) Marshal added in v1.7.0

func (m *ClusterRoleBindingBuilder) Marshal() (data []byte, err error)

func (*ClusterRoleBindingBuilder) MarshalTo added in v1.7.0

func (m *ClusterRoleBindingBuilder) MarshalTo(data []byte) (int, error)

func (*ClusterRoleBindingBuilder) ProtoMessage added in v1.7.0

func (*ClusterRoleBindingBuilder) ProtoMessage()

func (*ClusterRoleBindingBuilder) Reset added in v1.7.0

func (m *ClusterRoleBindingBuilder) Reset()

func (*ClusterRoleBindingBuilder) SAs added in v1.7.0

func (r *ClusterRoleBindingBuilder) SAs(namespace string, serviceAccountNames ...string) *ClusterRoleBindingBuilder

func (*ClusterRoleBindingBuilder) Size added in v1.7.0

func (m *ClusterRoleBindingBuilder) Size() (n int)

func (*ClusterRoleBindingBuilder) String added in v1.7.0

func (this *ClusterRoleBindingBuilder) String() string

func (*ClusterRoleBindingBuilder) Unmarshal added in v1.7.0

func (m *ClusterRoleBindingBuilder) Unmarshal(data []byte) error

func (*ClusterRoleBindingBuilder) Users added in v1.7.0

type ClusterRoleBindingList

type ClusterRoleBindingList struct {
	metav1.TypeMeta `json:",inline"`
	// Standard object's metadata.
	// +optional
	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

	// Items is a list of ClusterRoleBindings
	Items []ClusterRoleBinding `json:"items" protobuf:"bytes,2,rep,name=items"`
}

ClusterRoleBindingList is a collection of ClusterRoleBindings

func (*ClusterRoleBindingList) CodecDecodeSelf

func (x *ClusterRoleBindingList) CodecDecodeSelf(d *codec1978.Decoder)

func (*ClusterRoleBindingList) CodecEncodeSelf

func (x *ClusterRoleBindingList) CodecEncodeSelf(e *codec1978.Encoder)

func (*ClusterRoleBindingList) Descriptor added in v1.4.5

func (*ClusterRoleBindingList) Descriptor() ([]byte, []int)

func (*ClusterRoleBindingList) Marshal

func (m *ClusterRoleBindingList) Marshal() (data []byte, err error)

func (*ClusterRoleBindingList) MarshalTo

func (m *ClusterRoleBindingList) MarshalTo(data []byte) (int, error)

func (*ClusterRoleBindingList) ProtoMessage

func (*ClusterRoleBindingList) ProtoMessage()

func (*ClusterRoleBindingList) Reset

func (m *ClusterRoleBindingList) Reset()

func (*ClusterRoleBindingList) Size

func (m *ClusterRoleBindingList) Size() (n int)

func (*ClusterRoleBindingList) String

func (this *ClusterRoleBindingList) String() string

func (ClusterRoleBindingList) SwaggerDoc

func (ClusterRoleBindingList) SwaggerDoc() map[string]string

func (*ClusterRoleBindingList) Unmarshal

func (m *ClusterRoleBindingList) Unmarshal(data []byte) error

type ClusterRoleList

type ClusterRoleList struct {
	metav1.TypeMeta `json:",inline"`
	// Standard object's metadata.
	// +optional
	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

	// Items is a list of ClusterRoles
	Items []ClusterRole `json:"items" protobuf:"bytes,2,rep,name=items"`
}

ClusterRoleList is a collection of ClusterRoles

func (*ClusterRoleList) CodecDecodeSelf

func (x *ClusterRoleList) CodecDecodeSelf(d *codec1978.Decoder)

func (*ClusterRoleList) CodecEncodeSelf

func (x *ClusterRoleList) CodecEncodeSelf(e *codec1978.Encoder)

func (*ClusterRoleList) Descriptor added in v1.4.5

func (*ClusterRoleList) Descriptor() ([]byte, []int)

func (*ClusterRoleList) Marshal

func (m *ClusterRoleList) Marshal() (data []byte, err error)

func (*ClusterRoleList) MarshalTo

func (m *ClusterRoleList) MarshalTo(data []byte) (int, error)

func (*ClusterRoleList) ProtoMessage

func (*ClusterRoleList) ProtoMessage()

func (*ClusterRoleList) Reset

func (m *ClusterRoleList) Reset()

func (*ClusterRoleList) Size

func (m *ClusterRoleList) Size() (n int)

func (*ClusterRoleList) String

func (this *ClusterRoleList) String() string

func (ClusterRoleList) SwaggerDoc

func (ClusterRoleList) SwaggerDoc() map[string]string

func (*ClusterRoleList) Unmarshal

func (m *ClusterRoleList) Unmarshal(data []byte) error

type PolicyRule

type PolicyRule struct {
	// Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions contained in this rule.  VerbAll represents all kinds.
	Verbs []string `json:"verbs" protobuf:"bytes,1,rep,name=verbs"`

	// APIGroups is the name of the APIGroup that contains the resources.  If multiple API groups are specified, any action requested against one of
	// the enumerated resources in any API group will be allowed.
	// +optional
	APIGroups []string `json:"apiGroups,omitempty" protobuf:"bytes,3,rep,name=apiGroups"`
	// Resources is a list of resources this rule applies to.  ResourceAll represents all resources.
	// +optional
	Resources []string `json:"resources,omitempty" protobuf:"bytes,4,rep,name=resources"`
	// ResourceNames is an optional white list of names that the rule applies to.  An empty set means that everything is allowed.
	// +optional
	ResourceNames []string `json:"resourceNames,omitempty" protobuf:"bytes,5,rep,name=resourceNames"`

	// NonResourceURLs is a set of partial urls that a user should have access to.  *s are allowed, but only as the full, final step in the path
	// This name is intentionally different than the internal type so that the DefaultConvert works nicely and because the ordering may be different.
	// Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.
	// Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"),  but not both.
	// +optional
	NonResourceURLs []string `json:"nonResourceURLs,omitempty" protobuf:"bytes,6,rep,name=nonResourceURLs"`
}

PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.

func (*PolicyRule) CodecDecodeSelf

func (x *PolicyRule) CodecDecodeSelf(d *codec1978.Decoder)

func (*PolicyRule) CodecEncodeSelf

func (x *PolicyRule) CodecEncodeSelf(e *codec1978.Encoder)

func (*PolicyRule) Descriptor added in v1.4.5

func (*PolicyRule) Descriptor() ([]byte, []int)

func (*PolicyRule) Marshal

func (m *PolicyRule) Marshal() (data []byte, err error)

func (*PolicyRule) MarshalTo

func (m *PolicyRule) MarshalTo(data []byte) (int, error)

func (*PolicyRule) ProtoMessage

func (*PolicyRule) ProtoMessage()

func (*PolicyRule) Reset

func (m *PolicyRule) Reset()

func (*PolicyRule) Size

func (m *PolicyRule) Size() (n int)

func (*PolicyRule) String

func (this *PolicyRule) String() string

func (PolicyRule) SwaggerDoc

func (PolicyRule) SwaggerDoc() map[string]string

func (*PolicyRule) Unmarshal

func (m *PolicyRule) Unmarshal(data []byte) error

type PolicyRuleBuilder added in v1.7.0

type PolicyRuleBuilder struct {
	PolicyRule PolicyRule `protobuf:"bytes,1,opt,name=policyRule"`
}

+k8s:deepcopy-gen=false PolicyRuleBuilder let's us attach methods. A no-no for API types. We use it to construct rules in code. It's more compact than trying to write them out in a literal and allows us to perform some basic checking during construction

func NewRule added in v1.7.0

func NewRule(verbs ...string) *PolicyRuleBuilder

func (*PolicyRuleBuilder) Descriptor added in v1.7.0

func (*PolicyRuleBuilder) Descriptor() ([]byte, []int)

func (*PolicyRuleBuilder) Groups added in v1.7.0

func (r *PolicyRuleBuilder) Groups(groups ...string) *PolicyRuleBuilder

func (*PolicyRuleBuilder) Marshal added in v1.7.0

func (m *PolicyRuleBuilder) Marshal() (data []byte, err error)

func (*PolicyRuleBuilder) MarshalTo added in v1.7.0

func (m *PolicyRuleBuilder) MarshalTo(data []byte) (int, error)

func (*PolicyRuleBuilder) Names added in v1.7.0

func (r *PolicyRuleBuilder) Names(names ...string) *PolicyRuleBuilder

func (*PolicyRuleBuilder) ProtoMessage added in v1.7.0

func (*PolicyRuleBuilder) ProtoMessage()

func (*PolicyRuleBuilder) Reset added in v1.7.0

func (m *PolicyRuleBuilder) Reset()

func (*PolicyRuleBuilder) Resources added in v1.7.0

func (r *PolicyRuleBuilder) Resources(resources ...string) *PolicyRuleBuilder

func (*PolicyRuleBuilder) Rule added in v1.7.0

func (r *PolicyRuleBuilder) Rule() (PolicyRule, error)

func (*PolicyRuleBuilder) RuleOrDie added in v1.7.0

func (r *PolicyRuleBuilder) RuleOrDie() PolicyRule

func (*PolicyRuleBuilder) Size added in v1.7.0

func (m *PolicyRuleBuilder) Size() (n int)

func (*PolicyRuleBuilder) String added in v1.7.0

func (this *PolicyRuleBuilder) String() string

func (*PolicyRuleBuilder) URLs added in v1.7.0

func (r *PolicyRuleBuilder) URLs(urls ...string) *PolicyRuleBuilder

func (*PolicyRuleBuilder) Unmarshal added in v1.7.0

func (m *PolicyRuleBuilder) Unmarshal(data []byte) error

type Role

type Role struct {
	metav1.TypeMeta `json:",inline"`
	// Standard object's metadata.
	// +optional
	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

	// Rules holds all the PolicyRules for this Role
	Rules []PolicyRule `json:"rules" protobuf:"bytes,2,rep,name=rules"`
}

Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.

func (*Role) CodecDecodeSelf

func (x *Role) CodecDecodeSelf(d *codec1978.Decoder)

func (*Role) CodecEncodeSelf

func (x *Role) CodecEncodeSelf(e *codec1978.Encoder)

func (*Role) Descriptor added in v1.4.5

func (*Role) Descriptor() ([]byte, []int)

func (*Role) Marshal

func (m *Role) Marshal() (data []byte, err error)

func (*Role) MarshalTo

func (m *Role) MarshalTo(data []byte) (int, error)

func (*Role) ProtoMessage

func (*Role) ProtoMessage()

func (*Role) Reset

func (m *Role) Reset()

func (*Role) Size

func (m *Role) Size() (n int)

func (*Role) String

func (this *Role) String() string

func (Role) SwaggerDoc

func (Role) SwaggerDoc() map[string]string

func (*Role) Unmarshal

func (m *Role) Unmarshal(data []byte) error

type RoleBinding

type RoleBinding struct {
	metav1.TypeMeta `json:",inline"`
	// Standard object's metadata.
	// +optional
	metav1.ObjectMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

	// Subjects holds references to the objects the role applies to.
	Subjects []Subject `json:"subjects" protobuf:"bytes,2,rep,name=subjects"`

	// RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace.
	// If the RoleRef cannot be resolved, the Authorizer must return an error.
	RoleRef RoleRef `json:"roleRef" protobuf:"bytes,3,opt,name=roleRef"`
}

RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace.

func (*RoleBinding) CodecDecodeSelf

func (x *RoleBinding) CodecDecodeSelf(d *codec1978.Decoder)

func (*RoleBinding) CodecEncodeSelf

func (x *RoleBinding) CodecEncodeSelf(e *codec1978.Encoder)

func (*RoleBinding) Descriptor added in v1.4.5

func (*RoleBinding) Descriptor() ([]byte, []int)

func (*RoleBinding) Marshal

func (m *RoleBinding) Marshal() (data []byte, err error)

func (*RoleBinding) MarshalTo

func (m *RoleBinding) MarshalTo(data []byte) (int, error)

func (*RoleBinding) ProtoMessage

func (*RoleBinding) ProtoMessage()

func (*RoleBinding) Reset

func (m *RoleBinding) Reset()

func (*RoleBinding) Size

func (m *RoleBinding) Size() (n int)

func (*RoleBinding) String

func (this *RoleBinding) String() string

func (RoleBinding) SwaggerDoc

func (RoleBinding) SwaggerDoc() map[string]string

func (*RoleBinding) Unmarshal

func (m *RoleBinding) Unmarshal(data []byte) error

type RoleBindingList

type RoleBindingList struct {
	metav1.TypeMeta `json:",inline"`
	// Standard object's metadata.
	// +optional
	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

	// Items is a list of RoleBindings
	Items []RoleBinding `json:"items" protobuf:"bytes,2,rep,name=items"`
}

RoleBindingList is a collection of RoleBindings

func (*RoleBindingList) CodecDecodeSelf

func (x *RoleBindingList) CodecDecodeSelf(d *codec1978.Decoder)

func (*RoleBindingList) CodecEncodeSelf

func (x *RoleBindingList) CodecEncodeSelf(e *codec1978.Encoder)

func (*RoleBindingList) Descriptor added in v1.4.5

func (*RoleBindingList) Descriptor() ([]byte, []int)

func (*RoleBindingList) Marshal

func (m *RoleBindingList) Marshal() (data []byte, err error)

func (*RoleBindingList) MarshalTo

func (m *RoleBindingList) MarshalTo(data []byte) (int, error)

func (*RoleBindingList) ProtoMessage

func (*RoleBindingList) ProtoMessage()

func (*RoleBindingList) Reset

func (m *RoleBindingList) Reset()

func (*RoleBindingList) Size

func (m *RoleBindingList) Size() (n int)

func (*RoleBindingList) String

func (this *RoleBindingList) String() string

func (RoleBindingList) SwaggerDoc

func (RoleBindingList) SwaggerDoc() map[string]string

func (*RoleBindingList) Unmarshal

func (m *RoleBindingList) Unmarshal(data []byte) error

type RoleList

type RoleList struct {
	metav1.TypeMeta `json:",inline"`
	// Standard object's metadata.
	// +optional
	metav1.ListMeta `json:"metadata,omitempty" protobuf:"bytes,1,opt,name=metadata"`

	// Items is a list of Roles
	Items []Role `json:"items" protobuf:"bytes,2,rep,name=items"`
}

RoleList is a collection of Roles

func (*RoleList) CodecDecodeSelf

func (x *RoleList) CodecDecodeSelf(d *codec1978.Decoder)

func (*RoleList) CodecEncodeSelf

func (x *RoleList) CodecEncodeSelf(e *codec1978.Encoder)

func (*RoleList) Descriptor added in v1.4.5

func (*RoleList) Descriptor() ([]byte, []int)

func (*RoleList) Marshal

func (m *RoleList) Marshal() (data []byte, err error)

func (*RoleList) MarshalTo

func (m *RoleList) MarshalTo(data []byte) (int, error)

func (*RoleList) ProtoMessage

func (*RoleList) ProtoMessage()

func (*RoleList) Reset

func (m *RoleList) Reset()

func (*RoleList) Size

func (m *RoleList) Size() (n int)

func (*RoleList) String

func (this *RoleList) String() string

func (RoleList) SwaggerDoc

func (RoleList) SwaggerDoc() map[string]string

func (*RoleList) Unmarshal

func (m *RoleList) Unmarshal(data []byte) error

type RoleRef added in v1.7.0

type RoleRef struct {
	// APIGroup is the group for the resource being referenced
	APIGroup string `json:"apiGroup" protobuf:"bytes,1,opt,name=apiGroup"`
	// Kind is the type of resource being referenced
	Kind string `json:"kind" protobuf:"bytes,2,opt,name=kind"`
	// Name is the name of resource being referenced
	Name string `json:"name" protobuf:"bytes,3,opt,name=name"`
}

RoleRef contains information that points to the role being used

func (*RoleRef) CodecDecodeSelf added in v1.7.0

func (x *RoleRef) CodecDecodeSelf(d *codec1978.Decoder)

func (*RoleRef) CodecEncodeSelf added in v1.7.0

func (x *RoleRef) CodecEncodeSelf(e *codec1978.Encoder)

func (*RoleRef) Descriptor added in v1.7.0

func (*RoleRef) Descriptor() ([]byte, []int)

func (*RoleRef) Marshal added in v1.7.0

func (m *RoleRef) Marshal() (data []byte, err error)

func (*RoleRef) MarshalTo added in v1.7.0

func (m *RoleRef) MarshalTo(data []byte) (int, error)

func (*RoleRef) ProtoMessage added in v1.7.0

func (*RoleRef) ProtoMessage()

func (*RoleRef) Reset added in v1.7.0

func (m *RoleRef) Reset()

func (*RoleRef) Size added in v1.7.0

func (m *RoleRef) Size() (n int)

func (*RoleRef) String added in v1.7.0

func (this *RoleRef) String() string

func (RoleRef) SwaggerDoc added in v1.7.0

func (RoleRef) SwaggerDoc() map[string]string

func (*RoleRef) Unmarshal added in v1.7.0

func (m *RoleRef) Unmarshal(data []byte) error

type Subject

type Subject struct {
	// Kind of object being referenced. Values defined by this API group are "User", "Group", and "ServiceAccount".
	// If the Authorizer does not recognized the kind value, the Authorizer should report an error.
	Kind string `json:"kind" protobuf:"bytes,1,opt,name=kind"`
	// APIVersion holds the API group and version of the referenced subject.
	// Defaults to "v1" for ServiceAccount subjects.
	// Defaults to "rbac.authorization.k8s.io/v1alpha1" for User and Group subjects.
	// +k8s:conversion-gen=false
	// +optional
	APIVersion string `json:"apiVersion,omitempty" protobuf:"bytes,2,opt.name=apiVersion"`
	// Name of the object being referenced.
	Name string `json:"name" protobuf:"bytes,3,opt,name=name"`
	// Namespace of the referenced object.  If the object kind is non-namespace, such as "User" or "Group", and this value is not empty
	// the Authorizer should report an error.
	// +optional
	Namespace string `json:"namespace,omitempty" protobuf:"bytes,4,opt,name=namespace"`
}

Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, or a value for non-objects such as user and group names.

func (*Subject) CodecDecodeSelf

func (x *Subject) CodecDecodeSelf(d *codec1978.Decoder)

func (*Subject) CodecEncodeSelf

func (x *Subject) CodecEncodeSelf(e *codec1978.Encoder)

func (*Subject) Descriptor added in v1.4.5

func (*Subject) Descriptor() ([]byte, []int)

func (*Subject) Marshal

func (m *Subject) Marshal() (data []byte, err error)

func (*Subject) MarshalTo

func (m *Subject) MarshalTo(data []byte) (int, error)

func (*Subject) ProtoMessage

func (*Subject) ProtoMessage()

func (*Subject) Reset

func (m *Subject) Reset()

func (*Subject) Size

func (m *Subject) Size() (n int)

func (*Subject) String

func (this *Subject) String() string

func (Subject) SwaggerDoc

func (Subject) SwaggerDoc() map[string]string

func (*Subject) Unmarshal

func (m *Subject) Unmarshal(data []byte) error

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL