auth

package
v1.8.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 9, 2021 License: Apache-2.0, BSD-2-Clause, BSD-3-Clause, + 8 more Imports: 4 Imported by: 36

Documentation

Overview

Package auth is the internal version of the API.

Index

Constants

View Source 
const (
	// KeywordQueryTag is a field tag to query object that contains the keyword.
	KeywordQueryTag string = "keyword"

	// LimitQueryTag is a field tag to query a maximum number of objects for a list call.
	LimitQueryTag string = "limit"

	// PolicyQueryTag is a field tag to query localidentities with policies in extra.
	PolicyQueryTag string = "policy"

	// IssuerName is the name of issuer location.
	IssuerName = "oidc"
)
View Source 
const (
	ProjectOwnerPolicyID  = "pol-project-owner"
	ProjectMemberPolicyID = "pol-project-member"
	ProjectViewerPolicyID = "pol-project-viewer"
)
View Source 
const (
	DefaultRuleModel = `` /* 310-byte string literal not displayed */

)
View Source 
const GroupName = "auth.tkestack.io"

GroupName is group name used to register these schema

Variables

View Source 
var (
	// Scheme is the default instance of runtime.Scheme to which types in the TKE API are already registered.
	Scheme = runtime.NewScheme()
	// Codecs provides access to encoding and decoding for the scheme
	Codecs = serializer.NewCodecFactory(Scheme)
	// ParameterCodec handles versioning of objects that are converted to query parameters.
	ParameterCodec = runtime.NewParameterCodec(Scheme)
)
View Source 
var (
	// SchemeBuilder collects functions that add things to a scheme.
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
	// AddToScheme applies all the stored functions to the scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}

SchemeGroupVersion is group version used to register these objects

Functions

func Kind 

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind

func Resource 

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns back a Group qualified GroupResource

Types

type APIKey 

type APIKey struct {
	metav1.TypeMeta

	// +optional
	metav1.ObjectMeta

	// Spec defines the desired identities of APIkey in this set.
	Spec   APIKeySpec
	Status APIKeyStatus
}

APIKey contains expiration time used to apply the api key.

func (*APIKey) DeepCopy 

func (in *APIKey) DeepCopy() *APIKey

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIKey.

func (*APIKey) DeepCopyInto 

func (in *APIKey) DeepCopyInto(out *APIKey)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*APIKey) DeepCopyObject 

func (in *APIKey) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type APIKeyList 

type APIKeyList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of api keys.
	Items []APIKey
}

APIKeyList is the whole list of all identities.

func (*APIKeyList) DeepCopy 

func (in *APIKeyList) DeepCopy() *APIKeyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIKeyList.

func (*APIKeyList) DeepCopyInto 

func (in *APIKeyList) DeepCopyInto(out *APIKeyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*APIKeyList) DeepCopyObject 

func (in *APIKeyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type APIKeyReq 

type APIKeyReq struct {
	metav1.TypeMeta

	// Expire is required, holds the duration of the api key become invalid. By default, 168h(= seven days)
	Expire metav1.Duration `json:"expire,omitempty"`

	// Description describes api keys usage.
	Description string `json:"description"`
}

APIKeyReq contains expiration time used to apply the api key.

func (*APIKeyReq) DeepCopy 

func (in *APIKeyReq) DeepCopy() *APIKeyReq

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIKeyReq.

func (*APIKeyReq) DeepCopyInto 

func (in *APIKeyReq) DeepCopyInto(out *APIKeyReq)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*APIKeyReq) DeepCopyObject 

func (in *APIKeyReq) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type APIKeyReqPassword 

type APIKeyReqPassword struct {
	metav1.TypeMeta

	// TenantID for user
	TenantID string `json:"tenantID,omitempty"`

	// Username
	Username string `json:"username,omitempty"`

	// Password (encoded by base64)
	Password string `json:"password,omitempty"`

	// Description describes api keys usage.
	Description string `json:"description"`

	// Expire holds the duration of the api key become invalid. By default, 168h(= seven days)
	Expire metav1.Duration `json:"expire,omitempty"`
}

APIKeyReqPassword contains userinfo and expiration time used to apply the api key.

func (*APIKeyReqPassword) DeepCopy 

func (in *APIKeyReqPassword) DeepCopy() *APIKeyReqPassword

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIKeyReqPassword.

func (*APIKeyReqPassword) DeepCopyInto 

func (in *APIKeyReqPassword) DeepCopyInto(out *APIKeyReqPassword)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*APIKeyReqPassword) DeepCopyObject 

func (in *APIKeyReqPassword) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type APIKeySpec 

type APIKeySpec struct {
	// APIkey is the jwt token used to authenticate user, and contains user info and sign.
	APIkey string `json:"apiKey,omitempty"`

	TenantID string `json:"tenantID,omitempty"`

	// Creator
	// +optional
	Username string `json:"username,omitempty"`

	// Description describes api keys usage.
	Description string `json:"description"`

	// IssueAt is the created time for api key
	IssueAt metav1.Time `json:"issue_at,omitempty"`

	// ExpireAt is the expire time for api key
	ExpireAt metav1.Time `json:"expire_at,omitempty"`
}

APIKeySpec is a description of an apiKey.

func (*APIKeySpec) DeepCopy 

func (in *APIKeySpec) DeepCopy() *APIKeySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIKeySpec.

func (*APIKeySpec) DeepCopyInto 

func (in *APIKeySpec) DeepCopyInto(out *APIKeySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type APIKeyStatus 

type APIKeyStatus struct {
	// Disabled represents whether the apikey has been disabled.
	Disabled bool `json:"disabled"`
	// Expired represents whether the apikey has been expired.
	Expired bool `json:"expired"`
}

APIKeyStatus is a description of an api key status.

func (*APIKeyStatus) DeepCopy 

func (in *APIKeyStatus) DeepCopy() *APIKeyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APIKeyStatus.

func (*APIKeyStatus) DeepCopyInto 

func (in *APIKeyStatus) DeepCopyInto(out *APIKeyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type APISigningKey 

type APISigningKey struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	SigningKey    []byte
	SigningKeyPub []byte
}

APISigningKey hold encryption and signing key for api key.

func (*APISigningKey) DeepCopy 

func (in *APISigningKey) DeepCopy() *APISigningKey

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APISigningKey.

func (*APISigningKey) DeepCopyInto 

func (in *APISigningKey) DeepCopyInto(out *APISigningKey)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*APISigningKey) DeepCopyObject 

func (in *APISigningKey) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type APISigningKeyList 

type APISigningKeyList struct {
	metav1.TypeMeta
	metav1.ListMeta

	Items []APISigningKey
}

APISigningKeyList is the whole list of all signing keys.

func (*APISigningKeyList) DeepCopy 

func (in *APISigningKeyList) DeepCopy() *APISigningKeyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new APISigningKeyList.

func (*APISigningKeyList) DeepCopyInto 

func (in *APISigningKeyList) DeepCopyInto(out *APISigningKeyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*APISigningKeyList) DeepCopyObject 

func (in *APISigningKeyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type Action 

type Action struct {
	// Name represents user access review request verb.
	Name string
	// Description describes the action.
	Description string
}

Action defines a action verb for authorization.

func (*Action) DeepCopy 

func (in *Action) DeepCopy() *Action

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Action.

func (*Action) DeepCopyInto 

func (in *Action) DeepCopyInto(out *Action)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AllowedStatus 

type AllowedStatus struct {
	// Resource is the resource of request
	Resource string
	// Verb is the verb of request
	Verb string

	// Allowed is required. True if the action would be allowed, false otherwise.
	Allowed bool
	// Denied is optional. True if the action would be denied, otherwise
	// false. If both allowed is false and denied is false, then the
	// authorizer has no opinion on whether to authorize the action. Denied
	// may not be true if Allowed is true.
	Denied bool
	// Reason is optional.  It indicates why a request was allowed or denied.
	Reason string
	// EvaluationError is an indication that some error occurred during the authorization check.
	// It is entirely possible to get an error and be able to continue determine authorization status in spite of it.
	// For instance, RBAC can be missing a role, but enough roles are still present and bound to reason about the request.
	EvaluationError string
}

AllowedStatus includes the resource access request and response. +k8s:openapi-gen=true

func (*AllowedStatus) DeepCopy 

func (in *AllowedStatus) DeepCopy() *AllowedStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AllowedStatus.

func (*AllowedStatus) DeepCopyInto 

func (in *AllowedStatus) DeepCopyInto(out *AllowedStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Binding 

type Binding struct {
	metav1.TypeMeta

	// Users holds references to the objects the policy applies to.
	// +optional
	Users []Subject

	// Groups holds references to the groups the policy applies to.
	// +optional
	Groups []Subject
}

Binding references the objects a policy applies to, but does not contain it.

func (*Binding) DeepCopy 

func (in *Binding) DeepCopy() *Binding

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Binding.

func (*Binding) DeepCopyInto 

func (in *Binding) DeepCopyInto(out *Binding)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Binding) DeepCopyObject 

func (in *Binding) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type BindingPhase added in v1.3.1 

type BindingPhase string

BindingPhase defines the phase of ProjectPolicyBinding constructor. 

const (
	BindingActive BindingPhase = "Active"
	// RoleTerminating means the role is undergoing graceful termination.
	BindingTerminating BindingPhase = "Terminating"
)

type Category 

type Category struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	Spec CategorySpec
}

Category defines a category of actions for policy.

func (*Category) DeepCopy 

func (in *Category) DeepCopy() *Category

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Category.

func (*Category) DeepCopyInto 

func (in *Category) DeepCopyInto(out *Category)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Category) DeepCopyObject 

func (in *Category) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CategoryList 

type CategoryList struct {
	metav1.TypeMeta
	metav1.ListMeta

	// List of category.
	Items []Category
}

CategoryList is the whole list of policy Category.

func (*CategoryList) DeepCopy 

func (in *CategoryList) DeepCopy() *CategoryList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CategoryList.

func (*CategoryList) DeepCopyInto 

func (in *CategoryList) DeepCopyInto(out *CategoryList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CategoryList) DeepCopyObject 

func (in *CategoryList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CategorySpec 

type CategorySpec struct {
	// DisplayName used to display category name
	DisplayName string
	// +optional
	Description string
	// Actions represents a series of actions work on the policy category
	Actions []Action
}

func (*CategorySpec) DeepCopy 

func (in *CategorySpec) DeepCopy() *CategorySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CategorySpec.

func (*CategorySpec) DeepCopyInto 

func (in *CategorySpec) DeepCopyInto(out *CategorySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Client 

type Client struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	// Spec defines the desired identities of identity provider in this set.
	Spec ClientSpec
}

Client represents an OAuth2 client.

func (*Client) DeepCopy 

func (in *Client) DeepCopy() *Client

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Client.

func (*Client) DeepCopyInto 

func (in *Client) DeepCopyInto(out *Client)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Client) DeepCopyObject 

func (in *Client) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ClientList 

type ClientList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of identity providers.
	Items []Client
}

ClientList is the whole list of OAuth2 client.

func (*ClientList) DeepCopy 

func (in *ClientList) DeepCopy() *ClientList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientList.

func (*ClientList) DeepCopyInto 

func (in *ClientList) DeepCopyInto(out *ClientList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ClientList) DeepCopyObject 

func (in *ClientList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ClientSpec 

type ClientSpec struct {
	ID           string
	Secret       string
	RedirectUris []string
	// TrustedPeers are a list of peers which can issue tokens on this client's behalf using the dynamic "oauth2:server:client_id:(client_id)" scope.
	TrustedPeers []string
	// Public clients must use either use a redirectURL 127.0.0.1:X or "urn:ietf:wg:oauth:2.0:oob".
	Public  bool
	Name    string
	LogoURL string
}

ClientSpec is a description of an client.

func (*ClientSpec) DeepCopy 

func (in *ClientSpec) DeepCopy() *ClientSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClientSpec.

func (*ClientSpec) DeepCopyInto 

func (in *ClientSpec) DeepCopyInto(out *ClientSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConfigMap 

type ConfigMap struct {
	metav1.TypeMeta
	// +optional
	metav1.ObjectMeta

	// Data contains the configuration data.
	// Each key must consist of alphanumeric characters, '-', '_' or '.'.
	// Values with non-UTF-8 byte sequences must use the BinaryData field.
	// The keys stored in Data must not overlap with the keys in
	// the BinaryData field, this is enforced during validation process.
	// +optional
	Data map[string]string

	// BinaryData contains the binary data.
	// Each key must consist of alphanumeric characters, '-', '_' or '.'.
	// BinaryData can contain byte sequences that are not in the UTF-8 range.
	// The keys stored in BinaryData must not overlap with the ones in
	// the Data field, this is enforced during validation process.
	// +optional
	BinaryData map[string][]byte
}

ConfigMap holds configuration data for tke to consume.

func (*ConfigMap) DeepCopy 

func (in *ConfigMap) DeepCopy() *ConfigMap

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMap.

func (*ConfigMap) DeepCopyInto 

func (in *ConfigMap) DeepCopyInto(out *ConfigMap)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ConfigMap) DeepCopyObject 

func (in *ConfigMap) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ConfigMapList 

type ConfigMapList struct {
	metav1.TypeMeta

	// +optional
	metav1.ListMeta

	// Items is the list of ConfigMaps.
	Items []ConfigMap
}

ConfigMapList is a resource containing a list of ConfigMap objects.

func (*ConfigMapList) DeepCopy 

func (in *ConfigMapList) DeepCopy() *ConfigMapList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConfigMapList.

func (*ConfigMapList) DeepCopyInto 

func (in *ConfigMapList) DeepCopyInto(out *ConfigMapList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ConfigMapList) DeepCopyObject 

func (in *ConfigMapList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CustomPolicyBinding added in v1.4.0 

type CustomPolicyBinding struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	Spec   CustomPolicyBindingSpec
	Status CustomPolicyBindingStatus
}

CustomPolicyBinding represents a subjects bind to a policy in a custom scope.

func (*CustomPolicyBinding) DeepCopy added in v1.4.0 

func (in *CustomPolicyBinding) DeepCopy() *CustomPolicyBinding

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomPolicyBinding.

func (*CustomPolicyBinding) DeepCopyInto added in v1.4.0 

func (in *CustomPolicyBinding) DeepCopyInto(out *CustomPolicyBinding)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CustomPolicyBinding) DeepCopyObject added in v1.4.0 

func (in *CustomPolicyBinding) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CustomPolicyBindingList added in v1.4.0 

type CustomPolicyBindingList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of CustomPolicyBinding.
	Items []CustomPolicyBinding
}

CustomPolicyBindingList is the whole list of all CustomPolicyBindings.

func (*CustomPolicyBindingList) DeepCopy added in v1.4.0 

func (in *CustomPolicyBindingList) DeepCopy() *CustomPolicyBindingList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomPolicyBindingList.

func (*CustomPolicyBindingList) DeepCopyInto added in v1.4.0 

func (in *CustomPolicyBindingList) DeepCopyInto(out *CustomPolicyBindingList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CustomPolicyBindingList) DeepCopyObject added in v1.4.0 

func (in *CustomPolicyBindingList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CustomPolicyBindingSpec added in v1.4.0 

type CustomPolicyBindingSpec struct {
	Finalizers []FinalizerName
	TenantID   string
	Domain     string
	LastDomain string
	PolicyID   string
	Resources  []string
	RulePrefix string
	Users      []Subject
	Groups     []Subject
}

CustomPolicyBindingSpec defines the desired identities of CustomPolicyBindingSpec document in this set.

func (*CustomPolicyBindingSpec) DeepCopy added in v1.4.0 

func (in *CustomPolicyBindingSpec) DeepCopy() *CustomPolicyBindingSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomPolicyBindingSpec.

func (*CustomPolicyBindingSpec) DeepCopyInto added in v1.4.0 

func (in *CustomPolicyBindingSpec) DeepCopyInto(out *CustomPolicyBindingSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomPolicyBindingStatus added in v1.4.0 

type CustomPolicyBindingStatus struct {
	Phase BindingPhase
}

CustomPolicyBindingStatus represents information about the status of a CustomPolicyBinding.

func (*CustomPolicyBindingStatus) DeepCopy added in v1.4.0 

func (in *CustomPolicyBindingStatus) DeepCopy() *CustomPolicyBindingStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomPolicyBindingStatus.

func (*CustomPolicyBindingStatus) DeepCopyInto added in v1.4.0 

func (in *CustomPolicyBindingStatus) DeepCopyInto(out *CustomPolicyBindingStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Effect 

type Effect string

Effect defines the policy effect. 

const (
	// Allow is the allow type.
	Allow Effect = "allow"
	// Deny is the deny type.
	Deny Effect = "deny"
)

type ExtraValue 

type ExtraValue []string

ExtraValue masks the value so protobuf can generate +protobuf.nullable=true

func (ExtraValue) DeepCopy 

func (in ExtraValue) DeepCopy() ExtraValue

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExtraValue.

func (ExtraValue) DeepCopyInto 

func (in ExtraValue) DeepCopyInto(out *ExtraValue)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FinalizerName 

type FinalizerName string

FinalizerName is the name identifying a finalizer during object lifecycle. 

const (
	// LocalIdentityFinalize is an internal finalizer values to LocalIdentity.
	LocalIdentityFinalize FinalizerName = "localidentity"

	// PolicyFinalize is an internal finalizer values to ProjectPolicyBinding.
	PolicyFinalize FinalizerName = "policy"

	// BindingFinalize is an internal finalizer values to ProjectPolicyBinding.
	BindingFinalize FinalizerName = "projectpolicybinding"

	// PolicyFinalize is an internal finalizer values to LocalGroup.
	LocalGroupFinalize FinalizerName = "localgroup"

	// RoleFinalize is an internal finalizer values to Role.
	RoleFinalize FinalizerName = "role"

	// CustomPolicyBindingFinalize is an internal finalizer values to CustomPolicyBinding.
	CustomPolicyBindingFinalize FinalizerName = "custompolicybinding"
)

type Group 

type Group struct {
	metav1.TypeMeta
	metav1.ObjectMeta
	// Spec defines the desired identities of group in this set.
	Spec GroupSpec

	Status GroupStatus
}

Group is an object that contains the metadata about identify about tke local idp or third-party idp.

func (*Group) DeepCopy 

func (in *Group) DeepCopy() *Group

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Group.

func (*Group) DeepCopyInto 

func (in *Group) DeepCopyInto(out *Group)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Group) DeepCopyObject 

func (in *Group) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type GroupList 

type GroupList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of group.
	Items []Group
}

GroupList is the whole list of all groups.

func (*GroupList) DeepCopy 

func (in *GroupList) DeepCopy() *GroupList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupList.

func (*GroupList) DeepCopyInto 

func (in *GroupList) DeepCopyInto(out *GroupList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*GroupList) DeepCopyObject 

func (in *GroupList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type GroupPhase 

type GroupPhase string

GroupPhase defines the phase of group constructor. 

const (
	GroupActive GroupPhase = "Active"
	// GroupTerminating means the group is undergoing graceful termination.
	GroupTerminating GroupPhase = "Terminating"
)

type GroupSpec 

type GroupSpec struct {
	ID          string
	DisplayName string
	TenantID    string
	Description string
	Extra       map[string]string
}

GroupSpec is a description of an Group.

func (*GroupSpec) DeepCopy 

func (in *GroupSpec) DeepCopy() *GroupSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupSpec.

func (*GroupSpec) DeepCopyInto 

func (in *GroupSpec) DeepCopyInto(out *GroupSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GroupStatus 

type GroupStatus struct {
	// Users represents the members of the group.
	Users []Subject
}

GroupStatus represents information about the status of a group.

func (*GroupStatus) DeepCopy 

func (in *GroupStatus) DeepCopy() *GroupStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GroupStatus.

func (*GroupStatus) DeepCopyInto 

func (in *GroupStatus) DeepCopyInto(out *GroupStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IdentityProvider 

type IdentityProvider struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	// Spec defines the desired identities of identity provider in this set.
	Spec IdentityProviderSpec
}

IdentityProvider is an object that contains the metadata about identify provider used to login to TKE.

func (*IdentityProvider) DeepCopy 

func (in *IdentityProvider) DeepCopy() *IdentityProvider

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProvider.

func (*IdentityProvider) DeepCopyInto 

func (in *IdentityProvider) DeepCopyInto(out *IdentityProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IdentityProvider) DeepCopyObject 

func (in *IdentityProvider) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IdentityProviderList 

type IdentityProviderList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of identity providers.
	Items []IdentityProvider
}

IdentityProviderList is the whole list of all identity providers.

func (*IdentityProviderList) DeepCopy 

func (in *IdentityProviderList) DeepCopy() *IdentityProviderList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProviderList.

func (*IdentityProviderList) DeepCopyInto 

func (in *IdentityProviderList) DeepCopyInto(out *IdentityProviderList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IdentityProviderList) DeepCopyObject 

func (in *IdentityProviderList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IdentityProviderSpec 

type IdentityProviderSpec struct {
	// The Name of the connector that is used when displaying it to the end user.
	Name string
	// The type of the connector. E.g. 'oidc' or 'ldap'
	Type string

	// The admins means the users is super admin for the idp.
	Administrators []string
	// Config holds all the configuration information specific to the connector type. Since there
	// no generic struct we can use for this purpose, it is stored as a json string.
	Config string
}

IdentityProviderSpec is a description of an identity provider.

func (*IdentityProviderSpec) DeepCopy 

func (in *IdentityProviderSpec) DeepCopy() *IdentityProviderSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProviderSpec.

func (*IdentityProviderSpec) DeepCopyInto 

func (in *IdentityProviderSpec) DeepCopyInto(out *IdentityProviderSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LocalGroup 

type LocalGroup struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	// Spec defines the desired identities of group document in this set.
	Spec LocalGroupSpec

	// +optional
	Status LocalGroupStatus
}

LocalGroup represents a group of users.

func (*LocalGroup) DeepCopy 

func (in *LocalGroup) DeepCopy() *LocalGroup

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalGroup.

func (*LocalGroup) DeepCopyInto 

func (in *LocalGroup) DeepCopyInto(out *LocalGroup)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*LocalGroup) DeepCopyObject 

func (in *LocalGroup) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type LocalGroupList 

type LocalGroupList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of localgroup.
	Items []LocalGroup
}

LocalGroupList is the whole list of all groups.

func (*LocalGroupList) DeepCopy 

func (in *LocalGroupList) DeepCopy() *LocalGroupList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalGroupList.

func (*LocalGroupList) DeepCopyInto 

func (in *LocalGroupList) DeepCopyInto(out *LocalGroupList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*LocalGroupList) DeepCopyObject 

func (in *LocalGroupList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type LocalGroupSpec 

type LocalGroupSpec struct {
	Finalizers []FinalizerName

	DisplayName string
	TenantID    string

	// Username is Creator
	Username    string
	Description string

	Extra map[string]string
}

LocalGroupSpec is a description of group.

func (*LocalGroupSpec) DeepCopy 

func (in *LocalGroupSpec) DeepCopy() *LocalGroupSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalGroupSpec.

func (*LocalGroupSpec) DeepCopyInto 

func (in *LocalGroupSpec) DeepCopyInto(out *LocalGroupSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LocalGroupStatus 

type LocalGroupStatus struct {
	// +optional
	Phase GroupPhase

	// Users represents the members of the group.
	Users []Subject
}

LocalGroupStatus represents information about the status of a group.

func (*LocalGroupStatus) DeepCopy 

func (in *LocalGroupStatus) DeepCopy() *LocalGroupStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalGroupStatus.

func (*LocalGroupStatus) DeepCopyInto 

func (in *LocalGroupStatus) DeepCopyInto(out *LocalGroupStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LocalIdentity 

type LocalIdentity struct {
	metav1.TypeMeta
	metav1.ObjectMeta
	// Spec defines the desired identities of identity in this set.
	Spec   LocalIdentitySpec
	Status LocalIdentityStatus
}

LocalIdentity is an object that contains the metadata about identify used to login to TKE.

func (*LocalIdentity) DeepCopy 

func (in *LocalIdentity) DeepCopy() *LocalIdentity

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalIdentity.

func (*LocalIdentity) DeepCopyInto 

func (in *LocalIdentity) DeepCopyInto(out *LocalIdentity)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*LocalIdentity) DeepCopyObject 

func (in *LocalIdentity) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type LocalIdentityList 

type LocalIdentityList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of identities.
	Items []LocalIdentity
}

LocalIdentityList is the whole list of all identities.

func (*LocalIdentityList) DeepCopy 

func (in *LocalIdentityList) DeepCopy() *LocalIdentityList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalIdentityList.

func (*LocalIdentityList) DeepCopyInto 

func (in *LocalIdentityList) DeepCopyInto(out *LocalIdentityList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*LocalIdentityList) DeepCopyObject 

func (in *LocalIdentityList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type LocalIdentityPhase 

type LocalIdentityPhase string

LocalIdentityPhase defines the phase of LocalIdentity construct. 

const (
	// LocalIdentityDeleting means the localidentity is undergoing graceful termination.
	LocalIdentityDeleting LocalIdentityPhase = "Deleting"
)

type LocalIdentitySpec 

type LocalIdentitySpec struct {
	Finalizers []FinalizerName

	Username       string
	DisplayName    string
	Email          string
	PhoneNumber    string
	HashedPassword string
	TenantID       string
	Groups         []string
	Extra          map[string]string
}

LocalIdentitySpec is a description of an identity.

func (*LocalIdentitySpec) DeepCopy 

func (in *LocalIdentitySpec) DeepCopy() *LocalIdentitySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalIdentitySpec.

func (*LocalIdentitySpec) DeepCopyInto 

func (in *LocalIdentitySpec) DeepCopyInto(out *LocalIdentitySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LocalIdentityStatus 

type LocalIdentityStatus struct {
	Locked bool

	Phase LocalIdentityPhase
	// The last time the local identity was updated.
	// +optional
	LastUpdateTime metav1.Time
}

LocalIdentityStatus is a description of an identity status.

func (*LocalIdentityStatus) DeepCopy 

func (in *LocalIdentityStatus) DeepCopy() *LocalIdentityStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LocalIdentityStatus.

func (*LocalIdentityStatus) DeepCopyInto 

func (in *LocalIdentityStatus) DeepCopyInto(out *LocalIdentityStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type NonResourceAttributes 

type NonResourceAttributes struct {
	// Path is the URL path of the request
	Path string
	// Verb is the standard HTTP verb
	Verb string
}

NonResourceAttributes includes the authorization attributes available for non-resource requests to the Authorizer interface

func (*NonResourceAttributes) DeepCopy 

func (in *NonResourceAttributes) DeepCopy() *NonResourceAttributes

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NonResourceAttributes.

func (*NonResourceAttributes) DeepCopyInto 

func (in *NonResourceAttributes) DeepCopyInto(out *NonResourceAttributes)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PasswordReq 

type PasswordReq struct {
	metav1.TypeMeta

	HashedPassword   string
	OriginalPassword string
}

PasswordReq contains info to update password for a localIdentity

func (*PasswordReq) DeepCopy 

func (in *PasswordReq) DeepCopy() *PasswordReq

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PasswordReq.

func (*PasswordReq) DeepCopyInto 

func (in *PasswordReq) DeepCopyInto(out *PasswordReq)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PasswordReq) DeepCopyObject 

func (in *PasswordReq) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type Policy 

type Policy struct {
	metav1.TypeMeta
	metav1.ObjectMeta
	// Spec defines the desired identities of policy document in this set.
	Spec PolicySpec

	// +optional
	Status PolicyStatus
}

Policy represents a policy document for access control.

func (*Policy) DeepCopy 

func (in *Policy) DeepCopy() *Policy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy.

func (*Policy) DeepCopyInto 

func (in *Policy) DeepCopyInto(out *Policy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Policy) DeepCopyObject 

func (in *Policy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyBinding 

type PolicyBinding struct {
	metav1.TypeMeta

	// Policies holds the policies will bind or unbind to the role.
	// +optional
	Policies []string
}

PolicyBinding references the request to bind or unbind policies to the role.

func (*PolicyBinding) DeepCopy 

func (in *PolicyBinding) DeepCopy() *PolicyBinding

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyBinding.

func (*PolicyBinding) DeepCopyInto 

func (in *PolicyBinding) DeepCopyInto(out *PolicyBinding)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyBinding) DeepCopyObject 

func (in *PolicyBinding) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyList 

type PolicyList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of policies.
	Items []Policy
}

PolicyList is the whole list of all policies.

func (*PolicyList) DeepCopy 

func (in *PolicyList) DeepCopy() *PolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyList.

func (*PolicyList) DeepCopyInto 

func (in *PolicyList) DeepCopyInto(out *PolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyList) DeepCopyObject 

func (in *PolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicyPhase 

type PolicyPhase string

PolicyPhase defines the phase of policy constructor. 

const (
	// PolicyActive indicates the policy is active.
	PolicyActive PolicyPhase = "Active"
	// PolicyTerminating means the policy is undergoing graceful termination.
	PolicyTerminating PolicyPhase = "Terminating"
)

type PolicyScope added in v1.3.1 

type PolicyScope string

PolicyScope defines the policy is belong to platform or project. 

const (
	PolicyPlatform PolicyScope = "platform"
	PolicyProject  PolicyScope = "project"
)

type PolicySpec 

type PolicySpec struct {
	Finalizers []FinalizerName

	DisplayName string
	TenantID    string
	Category    string
	Type        PolicyType
	Scope       PolicyScope

	// Creator
	Username    string
	Description string
	Statement   Statement
	Conditions  []byte
}

PolicySpec is a description of a policy.

func (*PolicySpec) DeepCopy 

func (in *PolicySpec) DeepCopy() *PolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicySpec.

func (*PolicySpec) DeepCopyInto 

func (in *PolicySpec) DeepCopyInto(out *PolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyStatus 

type PolicyStatus struct {
	// +optional
	Phase PolicyPhase

	// +optional
	// Users represents the users the policy applies to.
	Users []Subject

	// +optional
	// Groups represents the groups the policy applies to.
	Groups []Subject
}

PolicyStatus represents information about the status of a policy.

func (*PolicyStatus) DeepCopy 

func (in *PolicyStatus) DeepCopy() *PolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyStatus.

func (*PolicyStatus) DeepCopyInto 

func (in *PolicyStatus) DeepCopyInto(out *PolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyType 

type PolicyType string

PolicyType defines the policy is default or created by user. 

const (
	PolicyCustom  PolicyType = "custom"
	PolicyDefault PolicyType = "default"
)

type Project added in v1.3.1 

type Project struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	TenantID string
	Users    map[string]string
	Groups   map[string]string
}

Project contains members of projects.

func (*Project) DeepCopy added in v1.3.1 

func (in *Project) DeepCopy() *Project

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Project.

func (*Project) DeepCopyInto added in v1.3.1 

func (in *Project) DeepCopyInto(out *Project)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Project) DeepCopyObject added in v1.3.1 

func (in *Project) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ProjectBelongs added in v1.3.1 

type ProjectBelongs struct {
	metav1.TypeMeta

	TenantID string
	// project and roles in project
	ManagedProjects map[string]ExtraValue
	MemberdProjects map[string]ExtraValue
}

ProjectBelongs contains projects of user belongs.

func (*ProjectBelongs) DeepCopy added in v1.3.1 

func (in *ProjectBelongs) DeepCopy() *ProjectBelongs

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectBelongs.

func (*ProjectBelongs) DeepCopyInto added in v1.3.1 

func (in *ProjectBelongs) DeepCopyInto(out *ProjectBelongs)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ProjectBelongs) DeepCopyObject added in v1.3.1 

func (in *ProjectBelongs) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ProjectList added in v1.3.1 

type ProjectList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of projects.
	Items []Project
}

ProjectList is the whole list of all projects.

func (*ProjectList) DeepCopy added in v1.3.1 

func (in *ProjectList) DeepCopy() *ProjectList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectList.

func (*ProjectList) DeepCopyInto added in v1.3.1 

func (in *ProjectList) DeepCopyInto(out *ProjectList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ProjectList) DeepCopyObject added in v1.3.1 

func (in *ProjectList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ProjectPolicyBinding added in v1.3.1 

type ProjectPolicyBinding struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	Spec   ProjectPolicyBindingSpec
	Status ProjectPolicyBindingStatus
}

ProjectPolicyBinding represents a subjects bind to a policy in a project scope.

func (*ProjectPolicyBinding) DeepCopy added in v1.3.1 

func (in *ProjectPolicyBinding) DeepCopy() *ProjectPolicyBinding

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectPolicyBinding.

func (*ProjectPolicyBinding) DeepCopyInto added in v1.3.1 

func (in *ProjectPolicyBinding) DeepCopyInto(out *ProjectPolicyBinding)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ProjectPolicyBinding) DeepCopyObject added in v1.3.1 

func (in *ProjectPolicyBinding) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ProjectPolicyBindingList added in v1.3.1 

type ProjectPolicyBindingList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of policies.
	Items []ProjectPolicyBinding
}

ProjectPolicyBindingList is the whole list of all ProjectPolicyBindings.

func (*ProjectPolicyBindingList) DeepCopy added in v1.3.1 

func (in *ProjectPolicyBindingList) DeepCopy() *ProjectPolicyBindingList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectPolicyBindingList.

func (*ProjectPolicyBindingList) DeepCopyInto added in v1.3.1 

func (in *ProjectPolicyBindingList) DeepCopyInto(out *ProjectPolicyBindingList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ProjectPolicyBindingList) DeepCopyObject added in v1.3.1 

func (in *ProjectPolicyBindingList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ProjectPolicyBindingRequest added in v1.3.1 

type ProjectPolicyBindingRequest struct {
	metav1.TypeMeta

	TenantID string
	// Policies holds the policies will bind to the subjects.
	// +optional
	Policies []string

	Users  []Subject
	Groups []Subject
}

ProjectPolicyBindingRequest references the request to bind or unbind project policies to the role.

func (*ProjectPolicyBindingRequest) DeepCopy added in v1.3.1 

func (in *ProjectPolicyBindingRequest) DeepCopy() *ProjectPolicyBindingRequest

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectPolicyBindingRequest.

func (*ProjectPolicyBindingRequest) DeepCopyInto added in v1.3.1 

func (in *ProjectPolicyBindingRequest) DeepCopyInto(out *ProjectPolicyBindingRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ProjectPolicyBindingRequest) DeepCopyObject added in v1.3.1 

func (in *ProjectPolicyBindingRequest) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type ProjectPolicyBindingSpec added in v1.3.1 

type ProjectPolicyBindingSpec struct {
	Finalizers []FinalizerName
	TenantID   string
	ProjectID  string
	PolicyID   string
	Users      []Subject
	Groups     []Subject
}

ProjectPolicyBindingSpec defines the desired identities of ProjectPolicyBindingSpec document in this set.

func (*ProjectPolicyBindingSpec) DeepCopy added in v1.3.1 

func (in *ProjectPolicyBindingSpec) DeepCopy() *ProjectPolicyBindingSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectPolicyBindingSpec.

func (*ProjectPolicyBindingSpec) DeepCopyInto added in v1.3.1 

func (in *ProjectPolicyBindingSpec) DeepCopyInto(out *ProjectPolicyBindingSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ProjectPolicyBindingStatus added in v1.3.1 

type ProjectPolicyBindingStatus struct {
	Phase BindingPhase
}

ProjectPolicyBindingStatus represents information about the status of a ProjectPolicyBinding.

func (*ProjectPolicyBindingStatus) DeepCopy added in v1.3.1 

func (in *ProjectPolicyBindingStatus) DeepCopy() *ProjectPolicyBindingStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ProjectPolicyBindingStatus.

func (*ProjectPolicyBindingStatus) DeepCopyInto added in v1.3.1 

func (in *ProjectPolicyBindingStatus) DeepCopyInto(out *ProjectPolicyBindingStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ResourceAttributes 

type ResourceAttributes struct {
	// Namespace is the namespace of the action being requested.  Currently, there is no distinction between no namespace and all namespaces
	// "" (empty) is defaulted for LocalSubjectAccessReviews
	// "" (empty) is empty for cluster-scoped resources
	// "" (empty) means "all" for namespace scoped resources from a SubjectAccessReview or SelfSubjectAccessReview
	Namespace string
	// Verb is a kubernetes resource API verb, like: get, list, watch, create, update, delete, proxy.  "*" means all.
	Verb string
	// Group is the API Group of the Resource.  "*" means all.
	Group string
	// Version is the API Version of the Resource.  "*" means all.
	Version string
	// Resource is one of the existing resource types.  "*" means all.
	Resource string
	// Subresource is one of the existing resource types.  "" means none.
	Subresource string
	// Name is the name of the resource being requested for a "get" or deleted for a "delete". "" (empty) means all.
	Name string
}

ResourceAttributes includes the authorization attributes available for resource requests to the Authorizer interface

func (*ResourceAttributes) DeepCopy 

func (in *ResourceAttributes) DeepCopy() *ResourceAttributes

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceAttributes.

func (*ResourceAttributes) DeepCopyInto 

func (in *ResourceAttributes) DeepCopyInto(out *ResourceAttributes)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Role 

type Role struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	// Spec defines the desired identities of role document in this set.
	Spec RoleSpec

	// +optional
	Status RoleStatus
}

Role is a collection with multiple policies.

func (*Role) DeepCopy 

func (in *Role) DeepCopy() *Role

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Role.

func (*Role) DeepCopyInto 

func (in *Role) DeepCopyInto(out *Role)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Role) DeepCopyObject 

func (in *Role) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type RoleList 

type RoleList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of rules.
	Items []Role
}

RoleList is the whole list of policy.

func (*RoleList) DeepCopy 

func (in *RoleList) DeepCopy() *RoleList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleList.

func (*RoleList) DeepCopyInto 

func (in *RoleList) DeepCopyInto(out *RoleList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RoleList) DeepCopyObject 

func (in *RoleList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type RolePhase 

type RolePhase string

RolePhase defines the phase of role constructor. 

const (
	RoleActive RolePhase = "Active"
	// RoleTerminating means the role is undergoing graceful termination.
	RoleTerminating RolePhase = "Terminating"
)

type RoleSpec 

type RoleSpec struct {
	Finalizers []FinalizerName

	DisplayName string
	TenantID    string
	ProjectID   string

	// Username is Creator
	Username    string
	Description string

	Policies []string
}

RoleSpec is a description of role.

func (*RoleSpec) DeepCopy 

func (in *RoleSpec) DeepCopy() *RoleSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleSpec.

func (*RoleSpec) DeepCopyInto 

func (in *RoleSpec) DeepCopyInto(out *RoleSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RoleStatus 

type RoleStatus struct {
	// +optional
	Phase RolePhase

	// Users represents the users of the applies to.
	Users []Subject

	// +optional
	// Groups represents the groups the policy applies to.
	Groups []Subject
}

RoleStatus represents information about the status of a role.

func (*RoleStatus) DeepCopy 

func (in *RoleStatus) DeepCopy() *RoleStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleStatus.

func (*RoleStatus) DeepCopyInto 

func (in *RoleStatus) DeepCopyInto(out *RoleStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Rule 

type Rule struct {
	metav1.TypeMeta
	metav1.ObjectMeta
	// Spec defines the desired identities of policy document in this set.
	Spec RuleSpec
}

Rule represents a rule document for access control.

func (*Rule) DeepCopy 

func (in *Rule) DeepCopy() *Rule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Rule.

func (*Rule) DeepCopyInto 

func (in *Rule) DeepCopyInto(out *Rule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Rule) DeepCopyObject 

func (in *Rule) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type RuleList 

type RuleList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of rules.
	Items []Rule
}

RuleList is the whole list of all rules.

func (*RuleList) DeepCopy 

func (in *RuleList) DeepCopy() *RuleList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleList.

func (*RuleList) DeepCopyInto 

func (in *RuleList) DeepCopyInto(out *RuleList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RuleList) DeepCopyObject 

func (in *RuleList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type RuleSpec 

type RuleSpec struct {
	PType string `json:"ptype"`
	V0    string `json:"v0"`
	V1    string `json:"v1"`
	V2    string `json:"v2"`
	V3    string `json:"v3"`
	V4    string `json:"v4"`
	V5    string `json:"v5"`
	V6    string `json:"v6"`
}

RuleSpec is a description of a rule.

func (*RuleSpec) DeepCopy 

func (in *RuleSpec) DeepCopy() *RuleSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RuleSpec.

func (*RuleSpec) DeepCopyInto 

func (in *RuleSpec) DeepCopyInto(out *RuleSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Statement 

type Statement struct {
	Actions   []string
	Resources []string
	// Effect indicates action on the resource is allowed or not, can be "allow" or "deny"
	Effect Effect
}

Statement defines a series of action on resource can be done or not.

func (*Statement) DeepCopy 

func (in *Statement) DeepCopy() *Statement

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Statement.

func (*Statement) DeepCopyInto 

func (in *Statement) DeepCopyInto(out *Statement)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Subject 

type Subject struct {
	ID   string
	Name string
}

Subject references a user can specify by id or name.

func (*Subject) DeepCopy 

func (in *Subject) DeepCopy() *Subject

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Subject.

func (*Subject) DeepCopyInto 

func (in *Subject) DeepCopyInto(out *Subject)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SubjectAccessReview 

type SubjectAccessReview struct {
	metav1.TypeMeta
	metav1.ObjectMeta

	// Spec holds information about the request being evaluated
	Spec SubjectAccessReviewSpec

	// Status is filled in by the server and indicates whether the request is allowed or not
	Status SubjectAccessReviewStatus
}

SubjectAccessReview checks whether or not a user or group can perform an action. Not filling in a spec.namespace means "in all namespaces".

func (*SubjectAccessReview) DeepCopy 

func (in *SubjectAccessReview) DeepCopy() *SubjectAccessReview

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SubjectAccessReview.

func (*SubjectAccessReview) DeepCopyInto 

func (in *SubjectAccessReview) DeepCopyInto(out *SubjectAccessReview)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*SubjectAccessReview) DeepCopyObject 

func (in *SubjectAccessReview) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type SubjectAccessReviewSpec 

type SubjectAccessReviewSpec struct {
	// ResourceAttributes describes information for a resource access request
	ResourceAttributes *ResourceAttributes

	// ResourceAttributesList describes information for multi resource access request.
	ResourceAttributesList []*ResourceAttributes

	// NonResourceAttributes describes information for a non-resource access request
	NonResourceAttributes *NonResourceAttributes

	// User is the user you're testing for.
	// If you specify "User" but not "Group", then is it interpreted as "What if User were not a member of any groups
	User string
	// Groups is the groups you're testing for.
	Groups []string
	// Extra corresponds to the user.Info.GetExtra() method from the authenticator.  Since that is input to the authorizer
	// it needs a reflection here.
	Extra map[string]ExtraValue
	// UID information about the requesting user.
	UID string
}

SubjectAccessReviewSpec is a description of the access request. Exactly one of ResourceAttributes and NonResourceAttributes must be set

func (*SubjectAccessReviewSpec) DeepCopy 

func (in *SubjectAccessReviewSpec) DeepCopy() *SubjectAccessReviewSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SubjectAccessReviewSpec.

func (*SubjectAccessReviewSpec) DeepCopyInto 

func (in *SubjectAccessReviewSpec) DeepCopyInto(out *SubjectAccessReviewSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SubjectAccessReviewStatus 

type SubjectAccessReviewStatus struct {
	// Allowed is required. True if the action would be allowed, false otherwise.
	Allowed bool
	// Denied is optional. True if the action would be denied, otherwise
	// false. If both allowed is false and denied is false, then the
	// authorizer has no opinion on whether to authorize the action. Denied
	// may not be true if Allowed is true.
	Denied bool
	// Reason is optional.  It indicates why a request was allowed or denied.
	Reason string
	// EvaluationError is an indication that some error occurred during the authorization check.
	// It is entirely possible to get an error and be able to continue determine authorization status in spite of it.
	// For instance, RBAC can be missing a role, but enough roles are still present and bound to reason about the request.
	EvaluationError string

	// AllowedList is the allowed response for batch authorization request.
	AllowedList []*AllowedStatus
}

SubjectAccessReviewStatus represents the current state of a SubjectAccessReview.

func (*SubjectAccessReviewStatus) DeepCopy 

func (in *SubjectAccessReviewStatus) DeepCopy() *SubjectAccessReviewStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SubjectAccessReviewStatus.

func (*SubjectAccessReviewStatus) DeepCopyInto 

func (in *SubjectAccessReviewStatus) DeepCopyInto(out *SubjectAccessReviewStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type User 

type User struct {
	metav1.TypeMeta
	metav1.ObjectMeta
	// Spec defines the desired identities of identity in this set.
	Spec UserSpec
}

User is an object that contains the metadata about identify about tke local idp or third-party idp.

func (*User) DeepCopy 

func (in *User) DeepCopy() *User

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new User.

func (*User) DeepCopyInto 

func (in *User) DeepCopyInto(out *User)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*User) DeepCopyObject 

func (in *User) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type UserList 

type UserList struct {
	metav1.TypeMeta
	metav1.ListMeta
	// List of User.
	Items []User
}

UserList is the whole list of all users.

func (*UserList) DeepCopy 

func (in *UserList) DeepCopy() *UserList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserList.

func (*UserList) DeepCopyInto 

func (in *UserList) DeepCopyInto(out *UserList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*UserList) DeepCopyObject 

func (in *UserList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type UserSpec 

type UserSpec struct {
	ID string

	// Name must be unique in the same tenant.
	Name        string
	DisplayName string
	Email       string
	PhoneNumber string
	TenantID    string

	Extra map[string]string
}

UserSpec is a description of an user.

func (*UserSpec) DeepCopy 

func (in *UserSpec) DeepCopy() *UserSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserSpec.

func (*UserSpec) DeepCopyInto 

func (in *UserSpec) DeepCopyInto(out *UserSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Directories

Path Synopsis
Package v1 is the v1 version of the API.
 Package v1 is the v1 version of the API.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.