Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func BindingAuthorized

func BindingAuthorized(ctx context.Context, roleRef rbac.RoleRef, bindingNamespace string, a authorizer.Authorizer) bool

    BindingAuthorized returns true if the user associated with the context is explicitly authorized to bind the specified roleRef

    func EscalationAllowed

    func EscalationAllowed(ctx context.Context) bool

      EscalationAllowed checks if the user associated with the context is a superuser

      func IsOnlyMutatingGCFields

      func IsOnlyMutatingGCFields(obj, old runtime.Object, equalities conversion.Equalities) bool

        IsOnlyMutatingGCFields checks finalizers and ownerrefs which GC manipulates and indicates that only those fields are changing

        func RoleEscalationAuthorized

        func RoleEscalationAuthorized(ctx context.Context, a authorizer.Authorizer) bool

          RoleEscalationAuthorized checks if the user associated with the context is explicitly authorized to escalate the role resource associated with the context

          Types

          This section is empty.

          Directories

          Path Synopsis
          Package certificates provides Registry interface and its RESTStorage implementation for storing ClusterRole objects.
          Package certificates provides Registry interface and its RESTStorage implementation for storing ClusterRole objects.
          policybased
          Package policybased implements a standard storage for ClusterRole that prevents privilege escalation.
          Package policybased implements a standard storage for ClusterRole that prevents privilege escalation.
          Package certificates provides Registry interface and its RESTStorage implementation for storing ClusterRoleBinding objects.
          Package certificates provides Registry interface and its RESTStorage implementation for storing ClusterRoleBinding objects.
          policybased
          Package policybased implements a standard storage for ClusterRoleBinding that prevents privilege escalation.
          Package policybased implements a standard storage for ClusterRoleBinding that prevents privilege escalation.
          Package certificates provides Registry interface and its RESTStorage implementation for storing Role objects.
          Package certificates provides Registry interface and its RESTStorage implementation for storing Role objects.
          policybased
          Package policybased implements a standard storage for Role that prevents privilege escalation.
          Package policybased implements a standard storage for Role that prevents privilege escalation.
          Package certificates provides Registry interface and its RESTStorage implementation for storing RoleBinding objects.
          Package certificates provides Registry interface and its RESTStorage implementation for storing RoleBinding objects.
          policybased
          Package policybased implements a standard storage for RoleBinding that prevents privilege escalation.
          Package policybased implements a standard storage for RoleBinding that prevents privilege escalation.