Documentation ¶
Index ¶
- Constants
- func Add(mgr manager.Manager, ...) error
- func ClusterRoleBindingMatches(...) bool
- func ClusterRoleMatches(existingRole, requestedRole *rbacv1.ClusterRole) bool
- func GenerateRBACClusterRole(resourceName string) (*rbacv1.ClusterRole, error)
- func GenerateRBACClusterRoleBinding(resourceName string) (*rbacv1.ClusterRoleBinding, error)
Constants ¶
View Source
const ( ResourceOwnerName = "system:kubermatic:owners" ResourceEditorName = "system:kubermatic:editors" ResourceViewerName = "system:kubermatic:viewers" )
Variables ¶
This section is empty.
Functions ¶
func Add ¶
func Add(mgr manager.Manager, registerReconciledCheck func(name string, check healthz.Checker) error, clusterIsPaused userclustercontrollermanager.IsPausedChecker) error
Add creates a new RBAC generator controller that is responsible for creating Cluster Roles and Cluster Role Bindings for groups: `owners`, `editors` and `viewers“.
func ClusterRoleBindingMatches ¶
func ClusterRoleBindingMatches(existingClusterRoleBinding, requestedClusterRoleBinding *rbacv1.ClusterRoleBinding) bool
ClusterRoleBindingMatches checks if cluster role bindings have the same Subjects and RoleRefs.
func ClusterRoleMatches ¶
func ClusterRoleMatches(existingRole, requestedRole *rbacv1.ClusterRole) bool
ClusterRoleMatches compares cluster role Rules.
func GenerateRBACClusterRole ¶
func GenerateRBACClusterRole(resourceName string) (*rbacv1.ClusterRole, error)
GenerateRBACClusterRole creates role for specific group.
func GenerateRBACClusterRoleBinding ¶
func GenerateRBACClusterRoleBinding(resourceName string) (*rbacv1.ClusterRoleBinding, error)
GenerateRBACClusterRoleBinding creates role binding for specific group.
Types ¶
This section is empty.
Click to show internal directories.
Click to hide internal directories.