abac

package
v0.0.0-...-cf23810 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 24, 2017 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

View Source
const GroupName = "abac.authorization.kubernetes.io"

Group is the API group for abac

Variables

View Source
var (
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
	AddToScheme   = SchemeBuilder.AddToScheme
)

Codecs provides access to encoding and decoding for the scheme

View Source
var Scheme = runtime.NewScheme()

Scheme is the default instance of runtime.Scheme to which types in the abac API group are api.Registry. TODO: remove this, abac should not have its own scheme.

View Source
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}

Functions

func GetGeneratedDeepCopyFuncs deprecated

func GetGeneratedDeepCopyFuncs() []conversion.GeneratedDeepCopyFunc

GetGeneratedDeepCopyFuncs returns the generated funcs, since we aren't registering them.

Deprecated: deepcopy registration will go away when static deepcopy is fully implemented.

Types

type Policy

type Policy struct {
	metav1.TypeMeta

	// Spec describes the policy rule
	Spec PolicySpec
}

Policy contains a single ABAC policy rule

func (*Policy) DeepCopy

func (in *Policy) DeepCopy() *Policy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy.

func (*Policy) DeepCopyInto

func (in *Policy) DeepCopyInto(out *Policy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Policy) DeepCopyObject

func (in *Policy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type PolicySpec

type PolicySpec struct {

	// User is the username this rule applies to.
	// Either user or group is required to match the request.
	// "*" matches all users.
	User string

	// Group is the group this rule applies to.
	// Either user or group is required to match the request.
	// "*" matches all groups.
	Group string

	// Readonly matches readonly requests when true, and all requests when false
	Readonly bool

	// APIGroup is the name of an API group. APIGroup, Resource, and Namespace are required to match resource requests.
	// "*" matches all API groups
	APIGroup string

	// Resource is the name of a resource. APIGroup, Resource, and Namespace are required to match resource requests.
	// "*" matches all resources
	Resource string

	// Namespace is the name of a namespace. APIGroup, Resource, and Namespace are required to match resource requests.
	// "*" matches all namespaces (including unnamespaced requests)
	Namespace string

	// NonResourcePath matches non-resource request paths.
	// "*" matches all paths
	// "/foo/*" matches all subpaths of foo
	NonResourcePath string
}

PolicySpec contains the attributes for a policy rule

func (*PolicySpec) DeepCopy

func (in *PolicySpec) DeepCopy() *PolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicySpec.

func (*PolicySpec) DeepCopyInto

func (in *PolicySpec) DeepCopyInto(out *PolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Directories

Path Synopsis
+groupName=abac.authorization.kubernetes.io +k8s:openapi-gen=true
+groupName=abac.authorization.kubernetes.io +k8s:openapi-gen=true
+groupName=abac.authorization.kubernetes.io +k8s:openapi-gen=true
+groupName=abac.authorization.kubernetes.io +k8s:openapi-gen=true

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL