auth

package
v1.9.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 30, 2023 License: Apache-2.0, BSD-2-Clause, BSD-3-Clause, + 8 more Imports: 4 Imported by: 36

Documentation

Overview

Package auth is the internal version of the API.

Index

Constants

View Source
const (
	// KeywordQueryTag is a field tag to query object that contains the keyword.
	KeywordQueryTag string = "keyword"

	// LimitQueryTag is a field tag to query a maximum number of objects for a list call.
	LimitQueryTag string = "limit"

	// PolicyQueryTag is a field tag to query localidentities with policies in extra.
	PolicyQueryTag string = "policy"

	// IssuerName is the name of issuer location.
	IssuerName = "oidc"
)
View Source
const (
	ProjectOwnerPolicyID  = "pol-project-owner"
	ProjectMemberPolicyID = "pol-project-member"
	ProjectViewerPolicyID = "pol-project-viewer"
)
View Source
const (
	DefaultRuleModel = `` /* 310-byte string literal not displayed */

)
View Source
const GroupName = "auth.tkestack.io"

GroupName is group name used to register these schema

Variables

View Source
var (
	// Scheme is the default instance of runtime.Scheme to which types in the TKE API are already registered.
	Scheme = runtime.NewScheme()
	// Codecs provides access to encoding and decoding for the scheme
	Codecs = serializer.NewCodecFactory(Scheme)
	// ParameterCodec handles versioning of objects that are converted to query parameters.
	ParameterCodec = runtime.NewParameterCodec(Scheme)
)
View Source
var (
	// SchemeBuilder collects functions that add things to a scheme.
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
	// AddToScheme applies all the stored functions to the scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}

SchemeGroupVersion is group version used to register these objects

Functions

func Kind

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind

func Resource

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns back a Group qualified GroupResource

Types

type APIKey

type APIKey struct {
	metav1.TypeMeta

	// +optional
	metav1.ObjectMeta

	// Spec defines the desired identities of APIkey in this set.
	Spec   APIKeySpec
	Status APIKeyStatus
}

APIKey contains expiration time used to apply the api key.

func (*APIKey) DeepCopy

func (in *APIKey) DeepCopy() *APIKey

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIKey.

func (*APIKey) DeepCopyInto

func (in *APIKey) DeepCopyInto(out *APIKey)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*APIKey) DeepCopyObject

func (in *APIKey) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type APIKeyList

type APIKeyList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of api keys.
	Items []APIKey
}

APIKeyList is the whole list of all identities.

func (*APIKeyList) DeepCopy

func (in *APIKeyList) DeepCopy() *APIKeyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIKeyList.

func (*APIKeyList) DeepCopyInto

func (in *APIKeyList) DeepCopyInto(out *APIKeyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*APIKeyList) DeepCopyObject

func (in *APIKeyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type APIKeyReq

type APIKeyReq struct {
	metav1.TypeMeta

	// Expire is required, holds the duration of the api key become invalid. By default, 168h(= seven days)
	Expire metav1.Duration `json:"expire,omitempty"`

	// Description describes api keys usage.
	Description string `json:"description"`
}

APIKeyReq contains expiration time used to apply the api key.

func (*APIKeyReq) DeepCopy

func (in *APIKeyReq) DeepCopy() *APIKeyReq

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIKeyReq.

func (*APIKeyReq) DeepCopyInto

func (in *APIKeyReq) DeepCopyInto(out *APIKeyReq)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*APIKeyReq) DeepCopyObject

func (in *APIKeyReq) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type APIKeyReqPassword

type APIKeyReqPassword struct {
	metav1.TypeMeta

	// TenantID for user
	TenantID string `json:"tenantID,omitempty"`

	// Username
	Username string `json:"username,omitempty"`

	// Password (encoded by base64)
	Password string `json:"password,omitempty"`

	// Description describes api keys usage.
	Description string `json:"description"`

	// Expire holds the duration of the api key become invalid. By default, 168h(= seven days)
	Expire metav1.Duration `json:"expire,omitempty"`
}

APIKeyReqPassword contains userinfo and expiration time used to apply the api key.

func (*APIKeyReqPassword) DeepCopy

func (in *APIKeyReqPassword) DeepCopy() *APIKeyReqPassword

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIKeyReqPassword.

func (*APIKeyReqPassword) DeepCopyInto

func (in *APIKeyReqPassword) DeepCopyInto(out *APIKeyReqPassword)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*APIKeyReqPassword) DeepCopyObject

func (in *APIKeyReqPassword) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type APIKeySpec

type APIKeySpec struct {
	// APIkey is the jwt token used to authenticate user, and contains user info and sign.
	APIkey string `json:"apiKey,omitempty"`

	TenantID string `json:"tenantID,omitempty"`

	// Creator
	// +optional
	Username string `json:"username,omitempty"`

	// Description describes api keys usage.
	Description string `json:"description"`

	// IssueAt is the created time for api key
	IssueAt metav1.Time `json:"issue_at,omitempty"`

	// ExpireAt is the expire time for api key
	ExpireAt metav1.Time `json:"expire_at,omitempty"`
}

APIKeySpec is a description of an apiKey.

func (*APIKeySpec) DeepCopy

func (in *APIKeySpec) DeepCopy() *APIKeySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIKeySpec.

func (*APIKeySpec) DeepCopyInto

func (in *APIKeySpec) DeepCopyInto(out *APIKeySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type APIKeyStatus

type APIKeyStatus struct {
	// Disabled represents whether the apikey has been disabled.
	Disabled bool `json:"disabled"`
	// Expired represents whether the apikey has been expired.
	Expired bool `json:"expired"`
}

APIKeyStatus is a description of an api key status.

func (*APIKeyStatus) DeepCopy

func (in *APIKeyStatus) DeepCopy() *APIKeyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIKeyStatus.

func (*APIKeyStatus) DeepCopyInto

func (in *APIKeyStatus) DeepCopyInto(out *APIKeyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type APISigningKey

type APISigningKey struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	SigningKey    []byte
	SigningKeyPub []byte
}

APISigningKey hold encryption and signing key for api key.

func (*APISigningKey) DeepCopy

func (in *APISigningKey) DeepCopy() *APISigningKey

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APISigningKey.

func (*APISigningKey) DeepCopyInto

func (in *APISigningKey) DeepCopyInto(out *APISigningKey)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*APISigningKey) DeepCopyObject

func (in *APISigningKey) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type APISigningKeyList

type APISigningKeyList struct {
	metav1.TypeMeta
	metav1.ListMeta

	Items []APISigningKey
}

APISigningKeyList is the whole list of all signing keys.

func (*APISigningKeyList) DeepCopy

func (in *APISigningKeyList) DeepCopy() *APISigningKeyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APISigningKeyList.

func (*APISigningKeyList) DeepCopyInto

func (in *APISigningKeyList) DeepCopyInto(out *APISigningKeyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*APISigningKeyList) DeepCopyObject

func (in *APISigningKeyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type Action

type Action struct {
	// Name represents user access review request verb.
	Name string
	// Description describes the action.
	Description string
}

Action defines a action verb for authorization.

func (*Action) DeepCopy

func (in *Action) DeepCopy() *Action

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Action.

func (*Action) DeepCopyInto

func (in *Action) DeepCopyInto(out *Action)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AllowedStatus

type AllowedStatus struct {
	// Resource is the resource of request
	Resource string
	// Verb is the verb of request
	Verb string

	// Allowed is required. True if the action would be allowed, false otherwise.
	Allowed bool
	// Denied is optional. True if the action would be denied, otherwise
	// false. If both allowed is false and denied is false, then the
	// authorizer has no opinion on whether to authorize the action. Denied
	// may not be true if Allowed is true.
	Denied bool
	// Reason is optional.  It indicates why a request was allowed or denied.
	Reason string
	// EvaluationError is an indication that some error occurred during the authorization check.
	// It is entirely possible to get an error and be able to continue determine authorization status in spite of it.
	// For instance, RBAC can be missing a role, but enough roles are still present and bound to reason about the request.
	EvaluationError string
}

AllowedStatus includes the resource access request and response. +k8s:openapi-gen=true

func (*AllowedStatus) DeepCopy

func (in *AllowedStatus) DeepCopy() *AllowedStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllowedStatus.

func (*AllowedStatus) DeepCopyInto

func (in *AllowedStatus) DeepCopyInto(out *AllowedStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Binding

type Binding struct {
	metav1.TypeMeta

	// Users holds references to the objects the policy applies to.
	// +optional
	Users []Subject

	// Groups holds references to the groups the policy applies to.
	// +optional
	Groups []Subject
}

Binding references the objects a policy applies to, but does not contain it.

func (*Binding) DeepCopy

func (in *Binding) DeepCopy() *Binding

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Binding.

func (*Binding) DeepCopyInto

func (in *Binding) DeepCopyInto(out *Binding)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Binding) DeepCopyObject

func (in *Binding) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type BindingPhase added in v1.3.1

type BindingPhase string

BindingPhase defines the phase of ProjectPolicyBinding constructor.

const (
	BindingActive BindingPhase = "Active"
	// RoleTerminating means the role is undergoing graceful termination.
	BindingTerminating BindingPhase = "Terminating"
)

type Category

type Category struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	Spec CategorySpec
}

Category defines a category of actions for policy.

func (*Category) DeepCopy

func (in *Category) DeepCopy() *Category

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Category.

func (*Category) DeepCopyInto

func (in *Category) DeepCopyInto(out *Category)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Category) DeepCopyObject

func (in *Category) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CategoryList

type CategoryList struct {
	metav1.TypeMeta
	metav1.ListMeta

	// List of category.
	Items []Category
}

CategoryList is the whole list of policy Category.

func (*CategoryList) DeepCopy

func (in *CategoryList) DeepCopy() *CategoryList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CategoryList.

func (*CategoryList) DeepCopyInto

func (in *CategoryList) DeepCopyInto(out *CategoryList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CategoryList) DeepCopyObject

func (in *CategoryList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CategorySpec

type CategorySpec struct {
	// DisplayName used to display category name
	DisplayName string
	// +optional
	Description string
	// Actions represents a series of actions work on the policy category
	Actions []Action
}

func (*CategorySpec) DeepCopy

func (in *CategorySpec) DeepCopy() *CategorySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CategorySpec.

func (*CategorySpec) DeepCopyInto

func (in *CategorySpec) DeepCopyInto(out *CategorySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Client

type Client struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	// Spec defines the desired identities of identity provider in this set.
	Spec ClientSpec
}

Client represents an OAuth2 client.

func (*Client) DeepCopy

func (in *Client) DeepCopy() *Client

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Client.

func (*Client) DeepCopyInto

func (in *Client) DeepCopyInto(out *Client)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Client) DeepCopyObject

func (in *Client) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ClientList

type ClientList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of identity providers.
	Items []Client
}

ClientList is the whole list of OAuth2 client.

func (*ClientList) DeepCopy

func (in *ClientList) DeepCopy() *ClientList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientList.

func (*ClientList) DeepCopyInto

func (in *ClientList) DeepCopyInto(out *ClientList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClientList) DeepCopyObject

func (in *ClientList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ClientSpec

type ClientSpec struct {
	ID           string
	Secret       string
	RedirectUris []string
	// TrustedPeers are a list of peers which can issue tokens on this client's behalf using the dynamic "oauth2:server:client_id:(client_id)" scope.
	TrustedPeers []string
	// Public clients must use either use a redirectURL 127.0.0.1:X or "urn:ietf:wg:oauth:2.0:oob".
	Public  bool
	Name    string
	LogoURL string
}

ClientSpec is a description of an client.

func (*ClientSpec) DeepCopy

func (in *ClientSpec) DeepCopy() *ClientSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientSpec.

func (*ClientSpec) DeepCopyInto

func (in *ClientSpec) DeepCopyInto(out *ClientSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConfigMap

type ConfigMap struct {
	metav1.TypeMeta
	// +optional
	metav1.ObjectMeta

	// Data contains the configuration data.
	// Each key must consist of alphanumeric characters, '-', '_' or '.'.
	// Values with non-UTF-8 byte sequences must use the BinaryData field.
	// The keys stored in Data must not overlap with the keys in
	// the BinaryData field, this is enforced during validation process.
	// +optional
	Data map[string]string

	// BinaryData contains the binary data.
	// Each key must consist of alphanumeric characters, '-', '_' or '.'.
	// BinaryData can contain byte sequences that are not in the UTF-8 range.
	// The keys stored in BinaryData must not overlap with the ones in
	// the Data field, this is enforced during validation process.
	// +optional
	BinaryData map[string][]byte
}

ConfigMap holds configuration data for tke to consume.

func (*ConfigMap) DeepCopy

func (in *ConfigMap) DeepCopy() *ConfigMap

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMap.

func (*ConfigMap) DeepCopyInto

func (in *ConfigMap) DeepCopyInto(out *ConfigMap)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ConfigMap) DeepCopyObject

func (in *ConfigMap) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ConfigMapList

type ConfigMapList struct {
	metav1.TypeMeta

	// +optional
	metav1.ListMeta

	// Items is the list of ConfigMaps.
	Items []ConfigMap
}

ConfigMapList is a resource containing a list of ConfigMap objects.

func (*ConfigMapList) DeepCopy

func (in *ConfigMapList) DeepCopy() *ConfigMapList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapList.

func (*ConfigMapList) DeepCopyInto

func (in *ConfigMapList) DeepCopyInto(out *ConfigMapList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ConfigMapList) DeepCopyObject

func (in *ConfigMapList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CustomPolicyBinding added in v1.4.0

type CustomPolicyBinding struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	Spec   CustomPolicyBindingSpec
	Status CustomPolicyBindingStatus
}

CustomPolicyBinding represents a subjects bind to a policy in a custom scope.

func (*CustomPolicyBinding) DeepCopy added in v1.4.0

func (in *CustomPolicyBinding) DeepCopy() *CustomPolicyBinding

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomPolicyBinding.

func (*CustomPolicyBinding) DeepCopyInto added in v1.4.0

func (in *CustomPolicyBinding) DeepCopyInto(out *CustomPolicyBinding)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CustomPolicyBinding) DeepCopyObject added in v1.4.0

func (in *CustomPolicyBinding) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CustomPolicyBindingList added in v1.4.0

type CustomPolicyBindingList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of CustomPolicyBinding.
	Items []CustomPolicyBinding
}

CustomPolicyBindingList is the whole list of all CustomPolicyBindings.

func (*CustomPolicyBindingList) DeepCopy added in v1.4.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomPolicyBindingList.

func (*CustomPolicyBindingList) DeepCopyInto added in v1.4.0

func (in *CustomPolicyBindingList) DeepCopyInto(out *CustomPolicyBindingList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CustomPolicyBindingList) DeepCopyObject added in v1.4.0

func (in *CustomPolicyBindingList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CustomPolicyBindingSpec added in v1.4.0

type CustomPolicyBindingSpec struct {
	Finalizers []FinalizerName
	TenantID   string
	Domain     string
	LastDomain string
	PolicyID   string
	Resources  []string
	RulePrefix string
	Users      []Subject
	Groups     []Subject
}

CustomPolicyBindingSpec defines the desired identities of CustomPolicyBindingSpec document in this set.

func (*CustomPolicyBindingSpec) DeepCopy added in v1.4.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomPolicyBindingSpec.

func (*CustomPolicyBindingSpec) DeepCopyInto added in v1.4.0

func (in *CustomPolicyBindingSpec) DeepCopyInto(out *CustomPolicyBindingSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomPolicyBindingStatus added in v1.4.0

type CustomPolicyBindingStatus struct {
	Phase BindingPhase
}

CustomPolicyBindingStatus represents information about the status of a CustomPolicyBinding.

func (*CustomPolicyBindingStatus) DeepCopy added in v1.4.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomPolicyBindingStatus.

func (*CustomPolicyBindingStatus) DeepCopyInto added in v1.4.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Effect

type Effect string

Effect defines the policy effect.

const (
	// Allow is the allow type.
	Allow Effect = "allow"
	// Deny is the deny type.
	Deny Effect = "deny"
)

type ExtraValue

type ExtraValue []string

ExtraValue masks the value so protobuf can generate +protobuf.nullable=true

func (ExtraValue) DeepCopy

func (in ExtraValue) DeepCopy() ExtraValue

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue.

func (ExtraValue) DeepCopyInto

func (in ExtraValue) DeepCopyInto(out *ExtraValue)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FinalizerName

type FinalizerName string

FinalizerName is the name identifying a finalizer during object lifecycle.

const (
	// LocalIdentityFinalize is an internal finalizer values to LocalIdentity.
	LocalIdentityFinalize FinalizerName = "localidentity"

	// PolicyFinalize is an internal finalizer values to ProjectPolicyBinding.
	PolicyFinalize FinalizerName = "policy"

	// BindingFinalize is an internal finalizer values to ProjectPolicyBinding.
	BindingFinalize FinalizerName = "projectpolicybinding"

	// PolicyFinalize is an internal finalizer values to LocalGroup.
	LocalGroupFinalize FinalizerName = "localgroup"

	// RoleFinalize is an internal finalizer values to Role.
	RoleFinalize FinalizerName = "role"

	// CustomPolicyBindingFinalize is an internal finalizer values to CustomPolicyBinding.
	CustomPolicyBindingFinalize FinalizerName = "custompolicybinding"
)

type Group

type Group struct {
	metav1.TypeMeta
	metav1.ObjectMeta
	// Spec defines the desired identities of group in this set.
	Spec GroupSpec

	Status GroupStatus
}

Group is an object that contains the metadata about identify about tke local idp or third-party idp.

func (*Group) DeepCopy

func (in *Group) DeepCopy() *Group

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Group.

func (*Group) DeepCopyInto

func (in *Group) DeepCopyInto(out *Group)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Group) DeepCopyObject

func (in *Group) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type GroupList

type GroupList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of group.
	Items []Group
}

GroupList is the whole list of all groups.

func (*GroupList) DeepCopy

func (in *GroupList) DeepCopy() *GroupList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupList.

func (*GroupList) DeepCopyInto

func (in *GroupList) DeepCopyInto(out *GroupList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*GroupList) DeepCopyObject

func (in *GroupList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type GroupPhase

type GroupPhase string

GroupPhase defines the phase of group constructor.

const (
	GroupActive GroupPhase = "Active"
	// GroupTerminating means the group is undergoing graceful termination.
	GroupTerminating GroupPhase = "Terminating"
)

type GroupSpec

type GroupSpec struct {
	ID          string
	DisplayName string
	TenantID    string
	Description string
	Extra       map[string]string
}

GroupSpec is a description of an Group.

func (*GroupSpec) DeepCopy

func (in *GroupSpec) DeepCopy() *GroupSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupSpec.

func (*GroupSpec) DeepCopyInto

func (in *GroupSpec) DeepCopyInto(out *GroupSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GroupStatus

type GroupStatus struct {
	// Users represents the members of the group.
	Users []Subject
}

GroupStatus represents information about the status of a group.

func (*GroupStatus) DeepCopy

func (in *GroupStatus) DeepCopy() *GroupStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupStatus.

func (*GroupStatus) DeepCopyInto

func (in *GroupStatus) DeepCopyInto(out *GroupStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IdentityProvider

type IdentityProvider struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	// Spec defines the desired identities of identity provider in this set.
	Spec IdentityProviderSpec
}

IdentityProvider is an object that contains the metadata about identify provider used to login to TKE.

func (*IdentityProvider) DeepCopy

func (in *IdentityProvider) DeepCopy() *IdentityProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProvider.

func (*IdentityProvider) DeepCopyInto

func (in *IdentityProvider) DeepCopyInto(out *IdentityProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IdentityProvider) DeepCopyObject

func (in *IdentityProvider) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IdentityProviderList

type IdentityProviderList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of identity providers.
	Items []IdentityProvider
}

IdentityProviderList is the whole list of all identity providers.

func (*IdentityProviderList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProviderList.

func (*IdentityProviderList) DeepCopyInto

func (in *IdentityProviderList) DeepCopyInto(out *IdentityProviderList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IdentityProviderList) DeepCopyObject

func (in *IdentityProviderList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IdentityProviderSpec

type IdentityProviderSpec struct {
	// The Name of the connector that is used when displaying it to the end user.
	Name string
	// The type of the connector. E.g. 'oidc' or 'ldap'
	Type string

	// The admins means the users is super admin for the idp.
	Administrators []string
	// Config holds all the configuration information specific to the connector type. Since there
	// no generic struct we can use for this purpose, it is stored as a json string.
	Config string
}

IdentityProviderSpec is a description of an identity provider.

func (*IdentityProviderSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProviderSpec.

func (*IdentityProviderSpec) DeepCopyInto

func (in *IdentityProviderSpec) DeepCopyInto(out *IdentityProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LocalGroup

type LocalGroup struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	// Spec defines the desired identities of group document in this set.
	Spec LocalGroupSpec

	// +optional
	Status LocalGroupStatus
}

LocalGroup represents a group of users.

func (*LocalGroup) DeepCopy

func (in *LocalGroup) DeepCopy() *LocalGroup

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalGroup.

func (*LocalGroup) DeepCopyInto

func (in *LocalGroup) DeepCopyInto(out *LocalGroup)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*LocalGroup) DeepCopyObject

func (in *LocalGroup) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type LocalGroupList

type LocalGroupList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of localgroup.
	Items []LocalGroup
}

LocalGroupList is the whole list of all groups.

func (*LocalGroupList) DeepCopy

func (in *LocalGroupList) DeepCopy() *LocalGroupList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalGroupList.

func (*LocalGroupList) DeepCopyInto

func (in *LocalGroupList) DeepCopyInto(out *LocalGroupList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*LocalGroupList) DeepCopyObject

func (in *LocalGroupList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type LocalGroupSpec

type LocalGroupSpec struct {
	Finalizers []FinalizerName

	DisplayName string
	TenantID    string

	// Username is Creator
	Username    string
	Description string

	Extra map[string]string
}

LocalGroupSpec is a description of group.

func (*LocalGroupSpec) DeepCopy

func (in *LocalGroupSpec) DeepCopy() *LocalGroupSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalGroupSpec.

func (*LocalGroupSpec) DeepCopyInto

func (in *LocalGroupSpec) DeepCopyInto(out *LocalGroupSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LocalGroupStatus

type LocalGroupStatus struct {
	// +optional
	Phase GroupPhase

	// Users represents the members of the group.
	Users []Subject
}

LocalGroupStatus represents information about the status of a group.

func (*LocalGroupStatus) DeepCopy

func (in *LocalGroupStatus) DeepCopy() *LocalGroupStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalGroupStatus.

func (*LocalGroupStatus) DeepCopyInto

func (in *LocalGroupStatus) DeepCopyInto(out *LocalGroupStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LocalIdentity

type LocalIdentity struct {
	metav1.TypeMeta
	metav1.ObjectMeta
	// Spec defines the desired identities of identity in this set.
	Spec   LocalIdentitySpec
	Status LocalIdentityStatus
}

LocalIdentity is an object that contains the metadata about identify used to login to TKE.

func (*LocalIdentity) DeepCopy

func (in *LocalIdentity) DeepCopy() *LocalIdentity

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalIdentity.

func (*LocalIdentity) DeepCopyInto

func (in *LocalIdentity) DeepCopyInto(out *LocalIdentity)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*LocalIdentity) DeepCopyObject

func (in *LocalIdentity) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type LocalIdentityList

type LocalIdentityList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of identities.
	Items []LocalIdentity
}

LocalIdentityList is the whole list of all identities.

func (*LocalIdentityList) DeepCopy

func (in *LocalIdentityList) DeepCopy() *LocalIdentityList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalIdentityList.

func (*LocalIdentityList) DeepCopyInto

func (in *LocalIdentityList) DeepCopyInto(out *LocalIdentityList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*LocalIdentityList) DeepCopyObject

func (in *LocalIdentityList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type LocalIdentityPhase

type LocalIdentityPhase string

LocalIdentityPhase defines the phase of LocalIdentity construct.

const (
	// LocalIdentityDeleting means the localidentity is undergoing graceful termination.
	LocalIdentityDeleting LocalIdentityPhase = "Deleting"
)

type LocalIdentitySpec

type LocalIdentitySpec struct {
	Finalizers []FinalizerName

	Username       string
	DisplayName    string
	Email          string
	PhoneNumber    string
	HashedPassword string
	TenantID       string
	Groups         []string
	Extra          map[string]string
}

LocalIdentitySpec is a description of an identity.

func (*LocalIdentitySpec) DeepCopy

func (in *LocalIdentitySpec) DeepCopy() *LocalIdentitySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalIdentitySpec.

func (*LocalIdentitySpec) DeepCopyInto

func (in *LocalIdentitySpec) DeepCopyInto(out *LocalIdentitySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LocalIdentityStatus

type LocalIdentityStatus struct {
	Locked bool

	Phase LocalIdentityPhase
	// The last time the local identity was updated.
	// +optional
	LastUpdateTime metav1.Time
}

LocalIdentityStatus is a description of an identity status.

func (*LocalIdentityStatus) DeepCopy

func (in *LocalIdentityStatus) DeepCopy() *LocalIdentityStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalIdentityStatus.

func (*LocalIdentityStatus) DeepCopyInto

func (in *LocalIdentityStatus) DeepCopyInto(out *LocalIdentityStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type NonResourceAttributes

type NonResourceAttributes struct {
	// Path is the URL path of the request
	Path string
	// Verb is the standard HTTP verb
	Verb string
}

NonResourceAttributes includes the authorization attributes available for non-resource requests to the Authorizer interface

func (*NonResourceAttributes) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NonResourceAttributes.

func (*NonResourceAttributes) DeepCopyInto

func (in *NonResourceAttributes) DeepCopyInto(out *NonResourceAttributes)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PasswordReq

type PasswordReq struct {
	metav1.TypeMeta

	HashedPassword   string
	OriginalPassword string
}

PasswordReq contains info to update password for a localIdentity

func (*PasswordReq) DeepCopy

func (in *PasswordReq) DeepCopy() *PasswordReq

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PasswordReq.

func (*PasswordReq) DeepCopyInto

func (in *PasswordReq) DeepCopyInto(out *PasswordReq)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PasswordReq) DeepCopyObject

func (in *PasswordReq) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type Policy

type Policy struct {
	metav1.TypeMeta
	metav1.ObjectMeta
	// Spec defines the desired identities of policy document in this set.
	Spec PolicySpec

	// +optional
	Status PolicyStatus
}

Policy represents a policy document for access control.

func (*Policy) DeepCopy

func (in *Policy) DeepCopy() *Policy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy.

func (*Policy) DeepCopyInto

func (in *Policy) DeepCopyInto(out *Policy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Policy) DeepCopyObject

func (in *Policy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyBinding

type PolicyBinding struct {
	metav1.TypeMeta

	// Policies holds the policies will bind or unbind to the role.
	// +optional
	Policies []string
}

PolicyBinding references the request to bind or unbind policies to the role.

func (*PolicyBinding) DeepCopy

func (in *PolicyBinding) DeepCopy() *PolicyBinding

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyBinding.

func (*PolicyBinding) DeepCopyInto

func (in *PolicyBinding) DeepCopyInto(out *PolicyBinding)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyBinding) DeepCopyObject

func (in *PolicyBinding) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyList

type PolicyList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of policies.
	Items []Policy
}

PolicyList is the whole list of all policies.

func (*PolicyList) DeepCopy

func (in *PolicyList) DeepCopy() *PolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyList.

func (*PolicyList) DeepCopyInto

func (in *PolicyList) DeepCopyInto(out *PolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyList) DeepCopyObject

func (in *PolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyPhase

type PolicyPhase string

PolicyPhase defines the phase of policy constructor.

const (
	// PolicyActive indicates the policy is active.
	PolicyActive PolicyPhase = "Active"
	// PolicyTerminating means the policy is undergoing graceful termination.
	PolicyTerminating PolicyPhase = "Terminating"
)

type PolicyScope added in v1.3.1

type PolicyScope string

PolicyScope defines the policy is belong to platform or project.

const (
	PolicyPlatform PolicyScope = "platform"
	PolicyProject  PolicyScope = "project"
)

type PolicySpec

type PolicySpec struct {
	Finalizers []FinalizerName

	DisplayName string
	TenantID    string
	Category    string
	Type        PolicyType
	Scope       PolicyScope

	// Creator
	Username    string
	Description string
	Statement   Statement
	Conditions  []byte
}

PolicySpec is a description of a policy.

func (*PolicySpec) DeepCopy

func (in *PolicySpec) DeepCopy() *PolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicySpec.

func (*PolicySpec) DeepCopyInto

func (in *PolicySpec) DeepCopyInto(out *PolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyStatus

type PolicyStatus struct {
	// +optional
	Phase PolicyPhase

	// +optional
	// Users represents the users the policy applies to.
	Users []Subject

	// +optional
	// Groups represents the groups the policy applies to.
	Groups []Subject
}

PolicyStatus represents information about the status of a policy.

func (*PolicyStatus) DeepCopy

func (in *PolicyStatus) DeepCopy() *PolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyStatus.

func (*PolicyStatus) DeepCopyInto

func (in *PolicyStatus) DeepCopyInto(out *PolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyType

type PolicyType string

PolicyType defines the policy is default or created by user.

const (
	PolicyCustom  PolicyType = "custom"
	PolicyDefault PolicyType = "default"
)

type Project added in v1.3.1

type Project struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	TenantID string
	Users    map[string]string
	Groups   map[string]string
}

Project contains members of projects.

func (*Project) DeepCopy added in v1.3.1

func (in *Project) DeepCopy() *Project

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Project.

func (*Project) DeepCopyInto added in v1.3.1

func (in *Project) DeepCopyInto(out *Project)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Project) DeepCopyObject added in v1.3.1

func (in *Project) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ProjectBelongs added in v1.3.1

type ProjectBelongs struct {
	metav1.TypeMeta

	TenantID string
	// project and roles in project
	ManagedProjects map[string]ExtraValue
	MemberdProjects map[string]ExtraValue
}

ProjectBelongs contains projects of user belongs.

func (*ProjectBelongs) DeepCopy added in v1.3.1

func (in *ProjectBelongs) DeepCopy() *ProjectBelongs

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectBelongs.

func (*ProjectBelongs) DeepCopyInto added in v1.3.1

func (in *ProjectBelongs) DeepCopyInto(out *ProjectBelongs)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ProjectBelongs) DeepCopyObject added in v1.3.1

func (in *ProjectBelongs) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ProjectList added in v1.3.1

type ProjectList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of projects.
	Items []Project
}

ProjectList is the whole list of all projects.

func (*ProjectList) DeepCopy added in v1.3.1

func (in *ProjectList) DeepCopy() *ProjectList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectList.

func (*ProjectList) DeepCopyInto added in v1.3.1

func (in *ProjectList) DeepCopyInto(out *ProjectList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ProjectList) DeepCopyObject added in v1.3.1

func (in *ProjectList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ProjectPolicyBinding added in v1.3.1

type ProjectPolicyBinding struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	Spec   ProjectPolicyBindingSpec
	Status ProjectPolicyBindingStatus
}

ProjectPolicyBinding represents a subjects bind to a policy in a project scope.

func (*ProjectPolicyBinding) DeepCopy added in v1.3.1

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectPolicyBinding.

func (*ProjectPolicyBinding) DeepCopyInto added in v1.3.1

func (in *ProjectPolicyBinding) DeepCopyInto(out *ProjectPolicyBinding)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ProjectPolicyBinding) DeepCopyObject added in v1.3.1

func (in *ProjectPolicyBinding) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ProjectPolicyBindingList added in v1.3.1

type ProjectPolicyBindingList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of policies.
	Items []ProjectPolicyBinding
}

ProjectPolicyBindingList is the whole list of all ProjectPolicyBindings.

func (*ProjectPolicyBindingList) DeepCopy added in v1.3.1

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectPolicyBindingList.

func (*ProjectPolicyBindingList) DeepCopyInto added in v1.3.1

func (in *ProjectPolicyBindingList) DeepCopyInto(out *ProjectPolicyBindingList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ProjectPolicyBindingList) DeepCopyObject added in v1.3.1

func (in *ProjectPolicyBindingList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ProjectPolicyBindingRequest added in v1.3.1

type ProjectPolicyBindingRequest struct {
	metav1.TypeMeta

	TenantID string
	// Policies holds the policies will bind to the subjects.
	// +optional
	Policies []string

	Users  []Subject
	Groups []Subject
}

ProjectPolicyBindingRequest references the request to bind or unbind project policies to the role.

func (*ProjectPolicyBindingRequest) DeepCopy added in v1.3.1

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectPolicyBindingRequest.

func (*ProjectPolicyBindingRequest) DeepCopyInto added in v1.3.1

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ProjectPolicyBindingRequest) DeepCopyObject added in v1.3.1

func (in *ProjectPolicyBindingRequest) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ProjectPolicyBindingSpec added in v1.3.1

type ProjectPolicyBindingSpec struct {
	Finalizers []FinalizerName
	TenantID   string
	ProjectID  string
	PolicyID   string
	Users      []Subject
	Groups     []Subject
}

ProjectPolicyBindingSpec defines the desired identities of ProjectPolicyBindingSpec document in this set.

func (*ProjectPolicyBindingSpec) DeepCopy added in v1.3.1

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectPolicyBindingSpec.

func (*ProjectPolicyBindingSpec) DeepCopyInto added in v1.3.1

func (in *ProjectPolicyBindingSpec) DeepCopyInto(out *ProjectPolicyBindingSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProjectPolicyBindingStatus added in v1.3.1

type ProjectPolicyBindingStatus struct {
	Phase BindingPhase
}

ProjectPolicyBindingStatus represents information about the status of a ProjectPolicyBinding.

func (*ProjectPolicyBindingStatus) DeepCopy added in v1.3.1

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectPolicyBindingStatus.

func (*ProjectPolicyBindingStatus) DeepCopyInto added in v1.3.1

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ResourceAttributes

type ResourceAttributes struct {
	// Namespace is the namespace of the action being requested.  Currently, there is no distinction between no namespace and all namespaces
	// "" (empty) is defaulted for LocalSubjectAccessReviews
	// "" (empty) is empty for cluster-scoped resources
	// "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview or SelfSubjectAccessReview
	Namespace string
	// Verb is a kubernetes resource API verb, like: get, list, watch, create, update, delete, proxy.  "*" means all.
	Verb string
	// Group is the API Group of the Resource.  "*" means all.
	Group string
	// Version is the API Version of the Resource.  "*" means all.
	Version string
	// Resource is one of the existing resource types.  "*" means all.
	Resource string
	// Subresource is one of the existing resource types.  "" means none.
	Subresource string
	// Name is the name of the resource being requested for a "get" or deleted for a "delete". "" (empty) means all.
	Name string
}

ResourceAttributes includes the authorization attributes available for resource requests to the Authorizer interface

func (*ResourceAttributes) DeepCopy

func (in *ResourceAttributes) DeepCopy() *ResourceAttributes

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceAttributes.

func (*ResourceAttributes) DeepCopyInto

func (in *ResourceAttributes) DeepCopyInto(out *ResourceAttributes)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Role

type Role struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	// Spec defines the desired identities of role document in this set.
	Spec RoleSpec

	// +optional
	Status RoleStatus
}

Role is a collection with multiple policies.

func (*Role) DeepCopy

func (in *Role) DeepCopy() *Role

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Role.

func (*Role) DeepCopyInto

func (in *Role) DeepCopyInto(out *Role)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Role) DeepCopyObject

func (in *Role) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type RoleList

type RoleList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of rules.
	Items []Role
}

RoleList is the whole list of policy.

func (*RoleList) DeepCopy

func (in *RoleList) DeepCopy() *RoleList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleList.

func (*RoleList) DeepCopyInto

func (in *RoleList) DeepCopyInto(out *RoleList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RoleList) DeepCopyObject

func (in *RoleList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type RolePhase

type RolePhase string

RolePhase defines the phase of role constructor.

const (
	RoleActive RolePhase = "Active"
	// RoleTerminating means the role is undergoing graceful termination.
	RoleTerminating RolePhase = "Terminating"
)

type RoleSpec

type RoleSpec struct {
	Finalizers []FinalizerName

	DisplayName string
	TenantID    string
	ProjectID   string

	// Username is Creator
	Username    string
	Description string

	Policies []string
}

RoleSpec is a description of role.

func (*RoleSpec) DeepCopy

func (in *RoleSpec) DeepCopy() *RoleSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleSpec.

func (*RoleSpec) DeepCopyInto

func (in *RoleSpec) DeepCopyInto(out *RoleSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RoleStatus

type RoleStatus struct {
	// +optional
	Phase RolePhase

	// Users represents the users of the applies to.
	Users []Subject

	// +optional
	// Groups represents the groups the policy applies to.
	Groups []Subject
}

RoleStatus represents information about the status of a role.

func (*RoleStatus) DeepCopy

func (in *RoleStatus) DeepCopy() *RoleStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleStatus.

func (*RoleStatus) DeepCopyInto

func (in *RoleStatus) DeepCopyInto(out *RoleStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Rule

type Rule struct {
	metav1.TypeMeta
	metav1.ObjectMeta
	// Spec defines the desired identities of policy document in this set.
	Spec RuleSpec
}

Rule represents a rule document for access control.

func (*Rule) DeepCopy

func (in *Rule) DeepCopy() *Rule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rule.

func (*Rule) DeepCopyInto

func (in *Rule) DeepCopyInto(out *Rule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Rule) DeepCopyObject

func (in *Rule) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type RuleList

type RuleList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of rules.
	Items []Rule
}

RuleList is the whole list of all rules.

func (*RuleList) DeepCopy

func (in *RuleList) DeepCopy() *RuleList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleList.

func (*RuleList) DeepCopyInto

func (in *RuleList) DeepCopyInto(out *RuleList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RuleList) DeepCopyObject

func (in *RuleList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type RuleSpec

type RuleSpec struct {
	PType string `json:"ptype"`
	V0    string `json:"v0"`
	V1    string `json:"v1"`
	V2    string `json:"v2"`
	V3    string `json:"v3"`
	V4    string `json:"v4"`
	V5    string `json:"v5"`
	V6    string `json:"v6"`
}

RuleSpec is a description of a rule.

func (*RuleSpec) DeepCopy

func (in *RuleSpec) DeepCopy() *RuleSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleSpec.

func (*RuleSpec) DeepCopyInto

func (in *RuleSpec) DeepCopyInto(out *RuleSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Statement

type Statement struct {
	Actions   []string
	Resources []string
	// Effect indicates action on the resource is allowed or not, can be "allow" or "deny"
	Effect Effect
}

Statement defines a series of action on resource can be done or not.

func (*Statement) DeepCopy

func (in *Statement) DeepCopy() *Statement

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Statement.

func (*Statement) DeepCopyInto

func (in *Statement) DeepCopyInto(out *Statement)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Subject

type Subject struct {
	ID   string
	Name string
}

Subject references a user can specify by id or name.

func (*Subject) DeepCopy

func (in *Subject) DeepCopy() *Subject

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Subject.

func (*Subject) DeepCopyInto

func (in *Subject) DeepCopyInto(out *Subject)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SubjectAccessReview

type SubjectAccessReview struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	// Spec holds information about the request being evaluated
	Spec SubjectAccessReviewSpec

	// Status is filled in by the server and indicates whether the request is allowed or not
	Status SubjectAccessReviewStatus
}

SubjectAccessReview checks whether or not a user or group can perform an action. Not filling in a spec.namespace means "in all namespaces".

func (*SubjectAccessReview) DeepCopy

func (in *SubjectAccessReview) DeepCopy() *SubjectAccessReview

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SubjectAccessReview.

func (*SubjectAccessReview) DeepCopyInto

func (in *SubjectAccessReview) DeepCopyInto(out *SubjectAccessReview)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*SubjectAccessReview) DeepCopyObject

func (in *SubjectAccessReview) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type SubjectAccessReviewSpec

type SubjectAccessReviewSpec struct {
	// ResourceAttributes describes information for a resource access request
	ResourceAttributes *ResourceAttributes

	// ResourceAttributesList describes information for multi resource access request.
	ResourceAttributesList []*ResourceAttributes

	// NonResourceAttributes describes information for a non-resource access request
	NonResourceAttributes *NonResourceAttributes

	// User is the user you're testing for.
	// If you specify "User" but not "Group", then is it interpreted as "What if User were not a member of any groups
	User string
	// Groups is the groups you're testing for.
	Groups []string
	// Extra corresponds to the user.Info.GetExtra() method from the authenticator.  Since that is input to the authorizer
	// it needs a reflection here.
	Extra map[string]ExtraValue
	// UID information about the requesting user.
	UID string
}

SubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAttributes and NonResourceAttributes must be set

func (*SubjectAccessReviewSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SubjectAccessReviewSpec.

func (*SubjectAccessReviewSpec) DeepCopyInto

func (in *SubjectAccessReviewSpec) DeepCopyInto(out *SubjectAccessReviewSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SubjectAccessReviewStatus

type SubjectAccessReviewStatus struct {
	// Allowed is required. True if the action would be allowed, false otherwise.
	Allowed bool
	// Denied is optional. True if the action would be denied, otherwise
	// false. If both allowed is false and denied is false, then the
	// authorizer has no opinion on whether to authorize the action. Denied
	// may not be true if Allowed is true.
	Denied bool
	// Reason is optional.  It indicates why a request was allowed or denied.
	Reason string
	// EvaluationError is an indication that some error occurred during the authorization check.
	// It is entirely possible to get an error and be able to continue determine authorization status in spite of it.
	// For instance, RBAC can be missing a role, but enough roles are still present and bound to reason about the request.
	EvaluationError string

	// AllowedList is the allowed response for batch authorization request.
	AllowedList []*AllowedStatus
}

SubjectAccessReviewStatus represents the current state of a SubjectAccessReview.

func (*SubjectAccessReviewStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SubjectAccessReviewStatus.

func (*SubjectAccessReviewStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type User

type User struct {
	metav1.TypeMeta
	metav1.ObjectMeta
	// Spec defines the desired identities of identity in this set.
	Spec UserSpec
}

User is an object that contains the metadata about identify about tke local idp or third-party idp.

func (*User) DeepCopy

func (in *User) DeepCopy() *User

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new User.

func (*User) DeepCopyInto

func (in *User) DeepCopyInto(out *User)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*User) DeepCopyObject

func (in *User) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type UserList

type UserList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of User.
	Items []User
}

UserList is the whole list of all users.

func (*UserList) DeepCopy

func (in *UserList) DeepCopy() *UserList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserList.

func (*UserList) DeepCopyInto

func (in *UserList) DeepCopyInto(out *UserList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*UserList) DeepCopyObject

func (in *UserList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type UserSpec

type UserSpec struct {
	ID string

	// Name must be unique in the same tenant.
	Name        string
	DisplayName string
	Email       string
	PhoneNumber string
	TenantID    string

	Extra map[string]string
}

UserSpec is a description of an user.

func (*UserSpec) DeepCopy

func (in *UserSpec) DeepCopy() *UserSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserSpec.

func (*UserSpec) DeepCopyInto

func (in *UserSpec) DeepCopyInto(out *UserSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Directories

Path Synopsis
Package v1 is the v1 version of the API.
Package v1 is the v1 version of the API.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL