athenz

package

v1.1.2 Latest Latest Go to latest Published: May 8, 2024 License: BSD-3-Clause Imports: 7 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/yahoo/k8s-athenz-istio-auth

Links

Open Source Insights

Documentation ¶

Overview ¶

Index ¶

func DomainToNamespace(domain string) (namespace string)
func NamespaceToDomain(ns string) (domain string)
type GroupMembers
type Model
- func ConvertAthenzPoliciesIntoRbacModel(domain *zms.DomainData, crCache *cache.SharedIndexInformer) Model
type RoleAssertions
type RoleMembers
type RoleTags
type Roles

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func DomainToNamespace ¶

func DomainToNamespace(domain string) (namespace string)

DomainToNamespace will convert an athenz domain to a kubernetes namespace. Dots are converted to dashes and dashes are converted to double dashes. ex: k8s.athenz-istio-auth -> k8s-athenz--istio--auth

func NamespaceToDomain ¶

func NamespaceToDomain(ns string) (domain string)

NamespaceToDomain will convert the kubernetes namespace to an athenz domain. Dashes are converted to dots and double dashes are converted to single dashes. ex: k8s-athenz--istio--auth -> k8s.athenz-istio-auth

Types ¶

type GroupMembers ¶ added in v1.0.0

type GroupMembers map[zms.MemberName][]*zms.GroupMember

map of Group:GroupMembers for an Athenz domain

type Model ¶

type Model struct {
	Name         zms.DomainName `json:"name"`
	Namespace    string         `json:"namespace"`
	Roles        Roles          `json:"roles,omitempty"`
	Rules        RoleAssertions `json:"rules,omitempty"`
	Members      RoleMembers    `json:"members,omitempty"`
	GroupMembers GroupMembers   `json:"groups,omitempty"`
	RoleTags     RoleTags       `json:"roletags,omitempty"`
}

RBAC object to hold the policies for an Athenz domain

func ConvertAthenzPoliciesIntoRbacModel ¶

func ConvertAthenzPoliciesIntoRbacModel(domain *zms.DomainData, crCache *cache.SharedIndexInformer) Model

ConvertAthenzPoliciesIntoRbacModel transforms the given Athenz Domain structure into role-centric policies and members

type RoleAssertions ¶

type RoleAssertions map[zms.ResourceName][]*zms.Assertion

map of Athenz Role:Assertions for an Athenz Resource

type RoleMembers ¶

type RoleMembers map[zms.ResourceName][]*zms.RoleMember

map of Role:Members for an Athenz domain

type RoleTags ¶ added in v1.0.0

type RoleTags map[zms.ResourceName]map[zms.CompoundName]*zms.StringList

type Roles ¶

type Roles []zms.ResourceName

Athenz data structures the way we would want list of Athenz Role names for an Athenz domain

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL