- Sort Score
- Result 10 results
- Languages All
Results 121 - 130 of 144 for Authorize (0.16 sec)
-
plugin/pkg/auth/authorizer/rbac/subject_locator_test.go
"testing" rbacv1 "k8s.io/api/rbac/v1" "k8s.io/apiserver/pkg/authentication/user" "k8s.io/apiserver/pkg/authorization/authorizer" rbacregistryvalidation "k8s.io/kubernetes/pkg/registry/rbac/validation" ) func TestSubjectLocator(t *testing.T) { type actionToSubjects struct { action authorizer.Attributes subjects []rbacv1.Subject } tests := []struct { name string
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue May 22 12:17:05 UTC 2018 - 5.6K bytes - Viewed (0) -
pkg/registry/rbac/rolebinding/registry.go
if err := rbacv1helpers.Convert_rbac_RoleBindingList_To_v1_RoleBindingList(obj.(*rbac.RoleBindingList), ret, nil); err != nil { return nil, err } return ret, nil } // AuthorizerAdapter adapts the registry to the authorizer interface type AuthorizerAdapter struct { Registry Registry } func (a AuthorizerAdapter) ListRoleBindings(namespace string) ([]*rbacv1.RoleBinding, error) {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue May 22 12:17:05 UTC 2018 - 2.3K bytes - Viewed (0) -
pkg/registry/rbac/clusterrole/registry.go
if err := rbacv1helpers.Convert_rbac_ClusterRole_To_v1_ClusterRole(obj.(*rbac.ClusterRole), ret, nil); err != nil { return nil, err } return ret, nil } // AuthorizerAdapter adapts the registry to the authorizer interface type AuthorizerAdapter struct { Registry Registry } // GetClusterRole returns the corresponding ClusterRole by name func (a AuthorizerAdapter) GetClusterRole(name string) (*rbacv1.ClusterRole, error) {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu May 02 02:35:47 UTC 2019 - 2.1K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/authorization/authorizer/rule.go
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. */ package authorizer type ResourceRuleInfo interface { // GetVerbs returns a list of kubernetes resource API verbs. GetVerbs() []string // GetAPIGroups return the names of the APIGroup that contains the resources.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Sep 01 11:09:43 UTC 2017 - 2.1K bytes - Viewed (0) -
pkg/registry/rbac/role/registry.go
ret := &rbacv1.Role{} if err := rbacv1helpers.Convert_rbac_Role_To_v1_Role(obj.(*rbac.Role), ret, nil); err != nil { return nil, err } return ret, nil } // AuthorizerAdapter adapts the registry to the authorizer interface type AuthorizerAdapter struct { Registry Registry } // GetRole returns the corresponding Role by name in specified namespace func (a AuthorizerAdapter) GetRole(namespace, name string) (*rbacv1.Role, error) {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu May 02 02:36:35 UTC 2019 - 2K bytes - Viewed (0) -
pkg/registry/rbac/clusterrolebinding/registry.go
return nil, err } return ret, nil } // AuthorizerAdapter adapts the registry to the authorizer interface type AuthorizerAdapter struct { Registry Registry } func (a AuthorizerAdapter) ListClusterRoleBindings() ([]*rbacv1.ClusterRoleBinding, error) {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue May 22 12:17:05 UTC 2018 - 2.3K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/authentication/user/user.go
// GetExtra can contain any additional information that the authenticator // thought was interesting. One example would be scopes on a token. // Keys in this map should be namespaced to the authenticator or // authenticator/authorizer pair making use of them. // For instance: "example.org/foo" instead of "foo" // This is a map[string][]string because it needs to be serializeable into // a SubjectAccessReviewSpec.authorization.k8s.io for proper authorization
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Jul 24 16:21:55 UTC 2020 - 2.6K bytes - Viewed (0) -
docs/multi-user/README.md
"s3:PutObject" ], "Effect": "Allow", "Resource": ["arn:aws:s3:::mybucket/${aws:username}/*"] } ] } ``` If the user is authenticating using an STS credential which was authorized from OpenID connect we allow all `jwt:*` variables specified in the JWT specification, custom `jwt:*` or extensions are not supported. List of policy variables for OpenID based STS. - `jwt:sub` - `jwt:iss` - `jwt:aud`
Registered: Sun Jun 16 00:44:34 UTC 2024 - Last Modified: Tue Mar 21 06:38:06 UTC 2023 - 8K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/server/options/admission.go
// In addition the method lazily initializes a generic plugin that is appended to the list of pluginInitializers // note this method uses: // // genericconfig.Authorizer func (a *AdmissionOptions) ApplyTo( c *server.Config, informers informers.SharedInformerFactory, kubeClient kubernetes.Interface, dynamicClient dynamic.Interface, features featuregate.FeatureGate,
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sun May 12 08:49:42 UTC 2024 - 9.7K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/audit/request.go
"k8s.io/apiserver/pkg/authentication/user" "k8s.io/apiserver/pkg/authorization/authorizer" "k8s.io/klog/v2" ) const ( maxUserAgentLength = 1024 userAgentTruncateSuffix = "...TRUNCATED" ) func LogRequestMetadata(ctx context.Context, req *http.Request, requestReceivedTimestamp time.Time, level auditinternal.Level, attribs authorizer.Attributes) { ac := AuditContextFrom(ctx) if !ac.Enabled() { return }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Jul 03 16:16:51 UTC 2023 - 9K bytes - Viewed (0)