v1alpha1

package
v1.2.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 25, 2022 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var File_k8s_io_api_rbac_v1alpha1_generated_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type AggregationRule added in v1.0.0 

type AggregationRule struct {

	// ClusterRoleSelectors holds a list of selectors which will be used to find ClusterRoles and create the rules.
	// If any of the selectors match, then the ClusterRole's permissions will be added
	// +optional
	ClusterRoleSelectors []*v1.LabelSelector `protobuf:"bytes,1,rep,name=clusterRoleSelectors" json:"clusterRoleSelectors,omitempty"`
	// contains filtered or unexported fields
}

AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole

func (*AggregationRule) Descriptor deprecated added in v1.0.0 

func (*AggregationRule) Descriptor() ([]byte, []int)

Deprecated: Use AggregationRule.ProtoReflect.Descriptor instead.

func (*AggregationRule) GetClusterRoleSelectors added in v1.0.0 

func (x *AggregationRule) GetClusterRoleSelectors() []*v1.LabelSelector

func (*AggregationRule) ProtoMessage added in v1.0.0 

func (*AggregationRule) ProtoMessage()

func (*AggregationRule) ProtoReflect added in v1.2.4 

func (x *AggregationRule) ProtoReflect() protoreflect.Message

func (*AggregationRule) Reset added in v1.0.0 

func (x *AggregationRule) Reset()

func (*AggregationRule) String added in v1.0.0 

func (x *AggregationRule) String() string

type ClusterRole 

type ClusterRole struct {

	// Standard object's metadata.
	// +optional
	Metadata *v1.ObjectMeta `protobuf:"bytes,1,opt,name=metadata" json:"metadata,omitempty"`
	// Rules holds all the PolicyRules for this ClusterRole
	// +optional
	Rules []*PolicyRule `protobuf:"bytes,2,rep,name=rules" json:"rules,omitempty"`
	// AggregationRule is an optional field that describes how to build the Rules for this ClusterRole.
	// If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be
	// stomped by the controller.
	// +optional
	AggregationRule *AggregationRule `protobuf:"bytes,3,opt,name=aggregationRule" json:"aggregationRule,omitempty"`
	// contains filtered or unexported fields
}

ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRole, and will no longer be served in v1.22.

func (*ClusterRole) Descriptor deprecated 

func (*ClusterRole) Descriptor() ([]byte, []int)

Deprecated: Use ClusterRole.ProtoReflect.Descriptor instead.

func (*ClusterRole) GetAggregationRule added in v1.0.0 

func (x *ClusterRole) GetAggregationRule() *AggregationRule

func (*ClusterRole) GetMetadata 

func (x *ClusterRole) GetMetadata() *v1.ObjectMeta

func (*ClusterRole) GetRules 

func (x *ClusterRole) GetRules() []*PolicyRule

func (*ClusterRole) ProtoMessage 

func (*ClusterRole) ProtoMessage()

func (*ClusterRole) ProtoReflect added in v1.2.4 

func (x *ClusterRole) ProtoReflect() protoreflect.Message

func (*ClusterRole) Reset 

func (x *ClusterRole) Reset()

func (*ClusterRole) String 

func (x *ClusterRole) String() string

type ClusterRoleBinding 

type ClusterRoleBinding struct {

	// Standard object's metadata.
	// +optional
	Metadata *v1.ObjectMeta `protobuf:"bytes,1,opt,name=metadata" json:"metadata,omitempty"`
	// Subjects holds references to the objects the role applies to.
	// +optional
	Subjects []*Subject `protobuf:"bytes,2,rep,name=subjects" json:"subjects,omitempty"`
	// RoleRef can only reference a ClusterRole in the global namespace.
	// If the RoleRef cannot be resolved, the Authorizer must return an error.
	RoleRef *RoleRef `protobuf:"bytes,3,opt,name=roleRef" json:"roleRef,omitempty"`
	// contains filtered or unexported fields
}

ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace, and adds who information via Subject. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoleBinding, and will no longer be served in v1.22.

func (*ClusterRoleBinding) Descriptor deprecated 

func (*ClusterRoleBinding) Descriptor() ([]byte, []int)

Deprecated: Use ClusterRoleBinding.ProtoReflect.Descriptor instead.

func (*ClusterRoleBinding) GetMetadata 

func (x *ClusterRoleBinding) GetMetadata() *v1.ObjectMeta

func (*ClusterRoleBinding) GetRoleRef 

func (x *ClusterRoleBinding) GetRoleRef() *RoleRef

func (*ClusterRoleBinding) GetSubjects 

func (x *ClusterRoleBinding) GetSubjects() []*Subject

func (*ClusterRoleBinding) ProtoMessage 

func (*ClusterRoleBinding) ProtoMessage()

func (*ClusterRoleBinding) ProtoReflect added in v1.2.4 

func (x *ClusterRoleBinding) ProtoReflect() protoreflect.Message

func (*ClusterRoleBinding) Reset 

func (x *ClusterRoleBinding) Reset()

func (*ClusterRoleBinding) String 

func (x *ClusterRoleBinding) String() string

type ClusterRoleBindingList 

type ClusterRoleBindingList struct {

	// Standard object's metadata.
	// +optional
	Metadata *v1.ListMeta `protobuf:"bytes,1,opt,name=metadata" json:"metadata,omitempty"`
	// Items is a list of ClusterRoleBindings
	Items []*ClusterRoleBinding `protobuf:"bytes,2,rep,name=items" json:"items,omitempty"`
	// contains filtered or unexported fields
}

ClusterRoleBindingList is a collection of ClusterRoleBindings. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoleBindings, and will no longer be served in v1.22.

func (*ClusterRoleBindingList) Descriptor deprecated 

func (*ClusterRoleBindingList) Descriptor() ([]byte, []int)

Deprecated: Use ClusterRoleBindingList.ProtoReflect.Descriptor instead.

func (*ClusterRoleBindingList) GetItems 

func (x *ClusterRoleBindingList) GetItems() []*ClusterRoleBinding

func (*ClusterRoleBindingList) GetMetadata 

func (x *ClusterRoleBindingList) GetMetadata() *v1.ListMeta

func (*ClusterRoleBindingList) ProtoMessage 

func (*ClusterRoleBindingList) ProtoMessage()

func (*ClusterRoleBindingList) ProtoReflect added in v1.2.4 

func (x *ClusterRoleBindingList) ProtoReflect() protoreflect.Message

func (*ClusterRoleBindingList) Reset 

func (x *ClusterRoleBindingList) Reset()

func (*ClusterRoleBindingList) String 

func (x *ClusterRoleBindingList) String() string

type ClusterRoleList 

type ClusterRoleList struct {

	// Standard object's metadata.
	// +optional
	Metadata *v1.ListMeta `protobuf:"bytes,1,opt,name=metadata" json:"metadata,omitempty"`
	// Items is a list of ClusterRoles
	Items []*ClusterRole `protobuf:"bytes,2,rep,name=items" json:"items,omitempty"`
	// contains filtered or unexported fields
}

ClusterRoleList is a collection of ClusterRoles. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoles, and will no longer be served in v1.22.

func (*ClusterRoleList) Descriptor deprecated 

func (*ClusterRoleList) Descriptor() ([]byte, []int)

Deprecated: Use ClusterRoleList.ProtoReflect.Descriptor instead.

func (*ClusterRoleList) GetItems 

func (x *ClusterRoleList) GetItems() []*ClusterRole

func (*ClusterRoleList) GetMetadata 

func (x *ClusterRoleList) GetMetadata() *v1.ListMeta

func (*ClusterRoleList) ProtoMessage 

func (*ClusterRoleList) ProtoMessage()

func (*ClusterRoleList) ProtoReflect added in v1.2.4 

func (x *ClusterRoleList) ProtoReflect() protoreflect.Message

func (*ClusterRoleList) Reset 

func (x *ClusterRoleList) Reset()

func (*ClusterRoleList) String 

func (x *ClusterRoleList) String() string

type PolicyRule 

type PolicyRule struct {

	// Verbs is a list of Verbs that apply to ALL the ResourceKinds and AttributeRestrictions contained in this rule.  VerbAll represents all kinds.
	Verbs []string `protobuf:"bytes,1,rep,name=verbs" json:"verbs,omitempty"`
	// APIGroups is the name of the APIGroup that contains the resources.  If multiple API groups are specified, any action requested against one of
	// the enumerated resources in any API group will be allowed.
	// +optional
	ApiGroups []string `protobuf:"bytes,3,rep,name=apiGroups" json:"apiGroups,omitempty"`
	// Resources is a list of resources this rule applies to.  ResourceAll represents all resources.
	// +optional
	Resources []string `protobuf:"bytes,4,rep,name=resources" json:"resources,omitempty"`
	// ResourceNames is an optional white list of names that the rule applies to.  An empty set means that everything is allowed.
	// +optional
	ResourceNames []string `protobuf:"bytes,5,rep,name=resourceNames" json:"resourceNames,omitempty"`
	// NonResourceURLs is a set of partial urls that a user should have access to.  *s are allowed, but only as the full, final step in the path
	// Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding.
	// Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"),  but not both.
	// +optional
	NonResourceURLs []string `protobuf:"bytes,6,rep,name=nonResourceURLs" json:"nonResourceURLs,omitempty"`
	// contains filtered or unexported fields
}

PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.

func (*PolicyRule) Descriptor deprecated 

func (*PolicyRule) Descriptor() ([]byte, []int)

Deprecated: Use PolicyRule.ProtoReflect.Descriptor instead.

func (*PolicyRule) GetApiGroups 

func (x *PolicyRule) GetApiGroups() []string

func (*PolicyRule) GetNonResourceURLs 

func (x *PolicyRule) GetNonResourceURLs() []string

func (*PolicyRule) GetResourceNames 

func (x *PolicyRule) GetResourceNames() []string

func (*PolicyRule) GetResources 

func (x *PolicyRule) GetResources() []string

func (*PolicyRule) GetVerbs 

func (x *PolicyRule) GetVerbs() []string

func (*PolicyRule) ProtoMessage 

func (*PolicyRule) ProtoMessage()

func (*PolicyRule) ProtoReflect added in v1.2.4 

func (x *PolicyRule) ProtoReflect() protoreflect.Message

func (*PolicyRule) Reset 

func (x *PolicyRule) Reset()

func (*PolicyRule) String 

func (x *PolicyRule) String() string

type Role 

type Role struct {

	// Standard object's metadata.
	// +optional
	Metadata *v1.ObjectMeta `protobuf:"bytes,1,opt,name=metadata" json:"metadata,omitempty"`
	// Rules holds all the PolicyRules for this Role
	// +optional
	Rules []*PolicyRule `protobuf:"bytes,2,rep,name=rules" json:"rules,omitempty"`
	// contains filtered or unexported fields
}

Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 Role, and will no longer be served in v1.22.

func (*Role) Descriptor deprecated 

func (*Role) Descriptor() ([]byte, []int)

Deprecated: Use Role.ProtoReflect.Descriptor instead.

func (*Role) GetMetadata 

func (x *Role) GetMetadata() *v1.ObjectMeta

func (*Role) GetRules 

func (x *Role) GetRules() []*PolicyRule

func (*Role) ProtoMessage 

func (*Role) ProtoMessage()

func (*Role) ProtoReflect added in v1.2.4 

func (x *Role) ProtoReflect() protoreflect.Message

func (*Role) Reset 

func (x *Role) Reset()

func (*Role) String 

func (x *Role) String() string

type RoleBinding 

type RoleBinding struct {

	// Standard object's metadata.
	// +optional
	Metadata *v1.ObjectMeta `protobuf:"bytes,1,opt,name=metadata" json:"metadata,omitempty"`
	// Subjects holds references to the objects the role applies to.
	// +optional
	Subjects []*Subject `protobuf:"bytes,2,rep,name=subjects" json:"subjects,omitempty"`
	// RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace.
	// If the RoleRef cannot be resolved, the Authorizer must return an error.
	RoleRef *RoleRef `protobuf:"bytes,3,opt,name=roleRef" json:"roleRef,omitempty"`
	// contains filtered or unexported fields
}

RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 RoleBinding, and will no longer be served in v1.22.

func (*RoleBinding) Descriptor deprecated 

func (*RoleBinding) Descriptor() ([]byte, []int)

Deprecated: Use RoleBinding.ProtoReflect.Descriptor instead.

func (*RoleBinding) GetMetadata 

func (x *RoleBinding) GetMetadata() *v1.ObjectMeta

func (*RoleBinding) GetRoleRef 

func (x *RoleBinding) GetRoleRef() *RoleRef

func (*RoleBinding) GetSubjects 

func (x *RoleBinding) GetSubjects() []*Subject

func (*RoleBinding) ProtoMessage 

func (*RoleBinding) ProtoMessage()

func (*RoleBinding) ProtoReflect added in v1.2.4 

func (x *RoleBinding) ProtoReflect() protoreflect.Message

func (*RoleBinding) Reset 

func (x *RoleBinding) Reset()

func (*RoleBinding) String 

func (x *RoleBinding) String() string

type RoleBindingList 

type RoleBindingList struct {

	// Standard object's metadata.
	// +optional
	Metadata *v1.ListMeta `protobuf:"bytes,1,opt,name=metadata" json:"metadata,omitempty"`
	// Items is a list of RoleBindings
	Items []*RoleBinding `protobuf:"bytes,2,rep,name=items" json:"items,omitempty"`
	// contains filtered or unexported fields
}

RoleBindingList is a collection of RoleBindings Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 RoleBindingList, and will no longer be served in v1.22.

func (*RoleBindingList) Descriptor deprecated 

func (*RoleBindingList) Descriptor() ([]byte, []int)

Deprecated: Use RoleBindingList.ProtoReflect.Descriptor instead.

func (*RoleBindingList) GetItems 

func (x *RoleBindingList) GetItems() []*RoleBinding

func (*RoleBindingList) GetMetadata 

func (x *RoleBindingList) GetMetadata() *v1.ListMeta

func (*RoleBindingList) ProtoMessage 

func (*RoleBindingList) ProtoMessage()

func (*RoleBindingList) ProtoReflect added in v1.2.4 

func (x *RoleBindingList) ProtoReflect() protoreflect.Message

func (*RoleBindingList) Reset 

func (x *RoleBindingList) Reset()

func (*RoleBindingList) String 

func (x *RoleBindingList) String() string

type RoleList 

type RoleList struct {

	// Standard object's metadata.
	// +optional
	Metadata *v1.ListMeta `protobuf:"bytes,1,opt,name=metadata" json:"metadata,omitempty"`
	// Items is a list of Roles
	Items []*Role `protobuf:"bytes,2,rep,name=items" json:"items,omitempty"`
	// contains filtered or unexported fields
}

RoleList is a collection of Roles. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 RoleList, and will no longer be served in v1.22.

func (*RoleList) Descriptor deprecated 

func (*RoleList) Descriptor() ([]byte, []int)

Deprecated: Use RoleList.ProtoReflect.Descriptor instead.

func (*RoleList) GetItems 

func (x *RoleList) GetItems() []*Role

func (*RoleList) GetMetadata 

func (x *RoleList) GetMetadata() *v1.ListMeta

func (*RoleList) ProtoMessage 

func (*RoleList) ProtoMessage()

func (*RoleList) ProtoReflect added in v1.2.4 

func (x *RoleList) ProtoReflect() protoreflect.Message

func (*RoleList) Reset 

func (x *RoleList) Reset()

func (*RoleList) String 

func (x *RoleList) String() string

type RoleRef 

type RoleRef struct {

	// APIGroup is the group for the resource being referenced
	ApiGroup *string `protobuf:"bytes,1,opt,name=apiGroup" json:"apiGroup,omitempty"`
	// Kind is the type of resource being referenced
	Kind *string `protobuf:"bytes,2,opt,name=kind" json:"kind,omitempty"`
	// Name is the name of resource being referenced
	Name *string `protobuf:"bytes,3,opt,name=name" json:"name,omitempty"`
	// contains filtered or unexported fields
}

RoleRef contains information that points to the role being used

func (*RoleRef) Descriptor deprecated 

func (*RoleRef) Descriptor() ([]byte, []int)

Deprecated: Use RoleRef.ProtoReflect.Descriptor instead.

func (*RoleRef) GetApiGroup 

func (x *RoleRef) GetApiGroup() string

func (*RoleRef) GetKind 

func (x *RoleRef) GetKind() string

func (*RoleRef) GetName 

func (x *RoleRef) GetName() string

func (*RoleRef) ProtoMessage 

func (*RoleRef) ProtoMessage()

func (*RoleRef) ProtoReflect added in v1.2.4 

func (x *RoleRef) ProtoReflect() protoreflect.Message

func (*RoleRef) Reset 

func (x *RoleRef) Reset()

func (*RoleRef) String 

func (x *RoleRef) String() string

type Subject 

type Subject struct {

	// Kind of object being referenced. Values defined by this API group are "User", "Group", and "ServiceAccount".
	// If the Authorizer does not recognized the kind value, the Authorizer should report an error.
	Kind *string `protobuf:"bytes,1,opt,name=kind" json:"kind,omitempty"`
	// APIVersion holds the API group and version of the referenced subject.
	// Defaults to "v1" for ServiceAccount subjects.
	// Defaults to "rbac.authorization.k8s.io/v1alpha1" for User and Group subjects.
	// +k8s:conversion-gen=false
	// +optional
	ApiVersion *string `protobuf:"bytes,2,opt,name=apiVersion" json:"apiVersion,omitempty"`
	// Name of the object being referenced.
	Name *string `protobuf:"bytes,3,opt,name=name" json:"name,omitempty"`
	// Namespace of the referenced object.  If the object kind is non-namespace, such as "User" or "Group", and this value is not empty
	// the Authorizer should report an error.
	// +optional
	Namespace *string `protobuf:"bytes,4,opt,name=namespace" json:"namespace,omitempty"`
	// contains filtered or unexported fields
}

Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, or a value for non-objects such as user and group names.

func (*Subject) Descriptor deprecated 

func (*Subject) Descriptor() ([]byte, []int)

Deprecated: Use Subject.ProtoReflect.Descriptor instead.

func (*Subject) GetApiVersion 

func (x *Subject) GetApiVersion() string

func (*Subject) GetKind 

func (x *Subject) GetKind() string

func (*Subject) GetName 

func (x *Subject) GetName() string

func (*Subject) GetNamespace 

func (x *Subject) GetNamespace() string

func (*Subject) ProtoMessage 

func (*Subject) ProtoMessage()

func (*Subject) ProtoReflect added in v1.2.4 

func (x *Subject) ProtoReflect() protoreflect.Message

func (*Subject) Reset 

func (x *Subject) Reset()

func (*Subject) String 

func (x *Subject) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.