authorizer

package
v1.5.2-rancher1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 13, 2017 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewAlwaysAllowAuthorizer

func NewAlwaysAllowAuthorizer() authorizer.Authorizer

func NewAlwaysDenyAuthorizer

func NewAlwaysDenyAuthorizer() authorizer.Authorizer

func NewAlwaysFailAuthorizer

func NewAlwaysFailAuthorizer() authorizer.Authorizer

func NewAuthorizerFromAuthorizationConfig

func NewAuthorizerFromAuthorizationConfig(authorizationModes []string, config AuthorizationConfig) (authorizer.Authorizer, error)

NewAuthorizerFromAuthorizationConfig returns the right sort of union of multiple authorizer.Authorizer objects based on the authorizationMode or an error. authorizationMode should be a comma separated values of options.AuthorizationModeChoices.

func NewPrivilegedGroups added in v1.5.0

func NewPrivilegedGroups(groups ...string) *privilegedGroupAuthorizer

NewPrivilegedGroups is for use in loopback scenarios

Types

type AuthorizationConfig

type AuthorizationConfig struct {

	// Path to an ABAC policy file.
	PolicyFile string

	// Kubeconfig file for Webhook authorization plugin.
	WebhookConfigFile string
	// TTL for caching of authorized responses from the webhook server.
	WebhookCacheAuthorizedTTL time.Duration
	// TTL for caching of unauthorized responses from the webhook server.
	WebhookCacheUnauthorizedTTL time.Duration

	// User which can bootstrap role policies
	RBACSuperUser string

	InformerFactory informers.SharedInformerFactory
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL