athenz

package

v1.1.0 Latest Latest Go to latest Published: Apr 29, 2024 License: BSD-3-Clause Imports: 7 Imported by: 1

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/yahoo/k8s-athenz-istio-auth

Links

Open Source Insights

Documentation ¶

Overview ¶

Index ¶

func DomainToNamespace(domain string) (namespace string)
func NamespaceToDomain(ns string) (domain string)
type GroupMembers
type Model
- func ConvertAthenzPoliciesIntoRbacModel(domain *zms.DomainData, crCache *cache.SharedIndexInformer) Model
type RoleAssertions
type RoleMembers
type RoleTags
type Roles

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func DomainToNamespace ¶

func DomainToNamespace(domain string) (namespace string)

DomainToNamespace will convert an athenz domain to a kubernetes namespace. Dots are converted to dashes and dashes are converted to double dashes. ex: k8s.athenz-istio-auth -> k8s-athenz--istio--auth

func NamespaceToDomain ¶

func NamespaceToDomain(ns string) (domain string)

NamespaceToDomain will convert the kubernetes namespace to an athenz domain. Dashes are converted to dots and double dashes are converted to single dashes. ex: k8s-athenz--istio--auth -> k8s.athenz-istio-auth

Types ¶

type GroupMembers ¶ added in v1.0.0

type GroupMembers map[zms.MemberName][]*zms.GroupMember

map of Group:GroupMembers for an Athenz domain

type Model ¶

type Model struct {
	Name         zms.DomainName `json:"name"`
	Namespace    string         `json:"namespace"`
	Roles        Roles          `json:"roles,omitempty"`
	Rules        RoleAssertions `json:"rules,omitempty"`
	Members      RoleMembers    `json:"members,omitempty"`
	GroupMembers GroupMembers   `json:"groups,omitempty"`
	RoleTags     RoleTags       `json:"roletags,omitempty"`
}

RBAC object to hold the policies for an Athenz domain

func ConvertAthenzPoliciesIntoRbacModel ¶

func ConvertAthenzPoliciesIntoRbacModel(domain *zms.DomainData, crCache *cache.SharedIndexInformer) Model

ConvertAthenzPoliciesIntoRbacModel transforms the given Athenz Domain structure into role-centric policies and members

type RoleAssertions ¶

type RoleAssertions map[zms.ResourceName][]*zms.Assertion

map of Athenz Role:Assertions for an Athenz Resource

type RoleMembers ¶

type RoleMembers map[zms.ResourceName][]*zms.RoleMember

map of Role:Members for an Athenz domain

type RoleTags ¶ added in v1.0.0

type RoleTags map[zms.ResourceName]map[zms.CompoundName]*zms.StringList

type Roles ¶

type Roles []zms.ResourceName

Athenz data structures the way we would want list of Athenz Role names for an Athenz domain

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL