authorizer

package
v1.4.5-rancher2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Nov 10, 2016 License: Apache-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewAlwaysAllowAuthorizer

func NewAlwaysAllowAuthorizer() authorizer.Authorizer

func NewAlwaysDenyAuthorizer

func NewAlwaysDenyAuthorizer() authorizer.Authorizer

func NewAlwaysFailAuthorizer

func NewAlwaysFailAuthorizer() authorizer.Authorizer

func NewAuthorizerFromAuthorizationConfig

func NewAuthorizerFromAuthorizationConfig(authorizationModes []string, config AuthorizationConfig) (authorizer.Authorizer, error)

NewAuthorizerFromAuthorizationConfig returns the right sort of union of multiple authorizer.Authorizer objects based on the authorizationMode or an error. authorizationMode should be a comma separated values of options.AuthorizationModeChoices.

Types

type AuthorizationConfig

type AuthorizationConfig struct {

	// Path to an ABAC policy file.
	PolicyFile string

	// Kubeconfig file for Webhook authorization plugin.
	WebhookConfigFile string
	// TTL for caching of authorized responses from the webhook server.
	WebhookCacheAuthorizedTTL time.Duration
	// TTL for caching of unauthorized responses from the webhook server.
	WebhookCacheUnauthorizedTTL time.Duration

	// User which can bootstrap role policies
	RBACSuperUser string

	RBACClusterRoleRegistry        clusterrole.Registry
	RBACClusterRoleBindingRegistry clusterrolebinding.Registry
	RBACRoleRegistry               role.Registry
	RBACRoleBindingRegistry        rolebinding.Registry
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL