policy

package
Version: v1.14.6 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 16, 2019 License: Apache-2.0, Apache-2.0 Imports: 14 Imported by: 0

Documentation

Index

Constants

View Source
const (
	// DefaultAuditLevel is the default level to audit at, if no policy rules are matched.
	DefaultAuditLevel = audit.LevelNone
)

Variables

This section is empty.

Functions

func AllLevels added in v1.13.0

func AllLevels() sets.String

AllLevels returns all possible levels

func AllStages added in v1.13.0

func AllStages() sets.String

AllStages returns all possible stages

func ConvertDynamicPolicyToInternal added in v1.13.0

func ConvertDynamicPolicyToInternal(p *v1alpha1.Policy) *audit.Policy

ConvertDynamicPolicyToInternal constructs an internal policy type from a v1alpha1 dynamic type

func ConvertStagesToStrings added in v1.13.0

func ConvertStagesToStrings(stages []audit.Stage) []string

ConvertStagesToStrings converts an array of stages to a string array

func ConvertStringSetToStages added in v1.13.0

func ConvertStringSetToStages(set sets.String) []audit.Stage

ConvertStringSetToStages converts a string set to an array of stages

func EnforcePolicy added in v1.13.0

func EnforcePolicy(event *audit.Event, level audit.Level, omitStages []audit.Stage) (*audit.Event, error)

EnforcePolicy drops any part of the event that doesn't conform to a policy level or omitStages and sets the event level accordingly

func InvertStages added in v1.13.0

func InvertStages(stages []audit.Stage) []audit.Stage

InvertStages subtracts the given array of stages from all stages

func LoadPolicyFromBytes added in v1.13.0

func LoadPolicyFromBytes(policyDef []byte) (*auditinternal.Policy, error)

func LoadPolicyFromFile

func LoadPolicyFromFile(filePath string) (*auditinternal.Policy, error)

Types

type Checker

type Checker interface {
	// Check the audit level for a request with the given authorizer attributes.
	LevelAndStages(authorizer.Attributes) (audit.Level, []audit.Stage)
}

Checker exposes methods for checking the policy rules.

func FakeChecker

func FakeChecker(level audit.Level, stage []audit.Stage) Checker

FakeChecker creates a checker that returns a constant level for all requests (for testing).

func NewChecker

func NewChecker(policy *audit.Policy) Checker

NewChecker creates a new policy checker.

func NewDynamicChecker added in v1.13.0

func NewDynamicChecker() Checker

NewDynamicChecker returns a new dynamic policy checker

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL