Documentation ¶
Overview ¶
Package abac authorizes Kubernetes API actions using an Attribute-based access control scheme.
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type PolicyList ¶ added in v1.15.0
PolicyList is simply a slice of Policy structs.
func NewFromFile ¶
func NewFromFile(path string) (PolicyList, error)
NewFromFile attempts to create a policy list from the given file.
TODO: Have policies be created via an API call and stored in REST storage.
func (PolicyList) Authorize ¶ added in v1.15.0
func (pl PolicyList) Authorize(ctx context.Context, a authorizer.Attributes) (authorizer.Decision, string, error)
Authorize implements authorizer.Authorize
func (PolicyList) RulesFor ¶ added in v1.15.0
func (pl PolicyList) RulesFor(ctx context.Context, user user.Info, namespace string) ([]authorizer.ResourceRuleInfo, []authorizer.NonResourceRuleInfo, bool, error)
RulesFor returns rules for the given user and namespace.
Click to show internal directories.
Click to hide internal directories.