- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 102 for rbacv1 (0.26 sec)
-
plugin/pkg/auth/authorizer/rbac/bootstrappolicy/controller_policy.go
} func eventsRule() rbacv1.PolicyRule { return rbacv1helpers.NewRule("create", "update", "patch").Groups(legacyGroup, eventsGroup).Resources("events").RuleOrDie() } func buildControllerRoles() ([]rbacv1.ClusterRole, []rbacv1.ClusterRoleBinding) { // controllerRoles is a slice of roles used for controllers controllerRoles := []rbacv1.ClusterRole{}
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Mar 08 19:25:10 UTC 2024 - 28.9K bytes - Viewed (0) -
plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy.go
} func addClusterRoleLabel(roles []rbacv1.ClusterRole) { for i := range roles { addDefaultMetadata(&roles[i]) } return } func addClusterRoleBindingLabel(rolebindings []rbacv1.ClusterRoleBinding) { for i := range rolebindings { addDefaultMetadata(&rolebindings[i]) } return } // NodeRules returns node policy rules, it is slice of rbacv1.PolicyRule. func NodeRules() []rbacv1.PolicyRule {
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Mar 08 19:25:10 UTC 2024 - 34.4K bytes - Viewed (0) -
cmd/kubeadm/app/util/apiclient/idempotency.go
func CreateOrUpdateRole(client clientset.Interface, role *rbac.Role) error { var lastError error err := wait.PollUntilContextTimeout(context.Background(), apiCallRetryInterval, kubeadmapi.GetActiveTimeouts().KubernetesAPICall.Duration, true, func(_ context.Context) (bool, error) { ctx := context.Background()
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sun Feb 18 11:14:32 UTC 2024 - 18.4K bytes - Viewed (0) -
plugin/pkg/auth/authorizer/node/node_authorizer.go
identifier nodeidentifier.NodeIdentifier nodeRules []rbacv1.PolicyRule // allows overriding for testing features featuregate.FeatureGate } var _ = authorizer.Authorizer(&NodeAuthorizer{}) var _ = authorizer.RuleResolver(&NodeAuthorizer{}) // NewAuthorizer returns a new node authorizer func NewAuthorizer(graph *Graph, identifier nodeidentifier.NodeIdentifier, rules []rbacv1.PolicyRule) *NodeAuthorizer { return &NodeAuthorizer{
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Mar 07 21:22:55 UTC 2024 - 16K bytes - Viewed (0) -
pkg/controlplane/instance.go
eventsv1 "k8s.io/api/events/v1" networkingapiv1 "k8s.io/api/networking/v1" networkingapiv1alpha1 "k8s.io/api/networking/v1alpha1" nodev1 "k8s.io/api/node/v1" policyapiv1 "k8s.io/api/policy/v1" rbacv1 "k8s.io/api/rbac/v1" resourcev1alpha2 "k8s.io/api/resource/v1alpha2" schedulingapiv1 "k8s.io/api/scheduling/v1" storageapiv1 "k8s.io/api/storage/v1" storageapiv1alpha1 "k8s.io/api/storage/v1alpha1"
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Jun 03 11:50:04 UTC 2024 - 21.2K bytes - Viewed (0) -
cmd/kubeadm/app/phases/kubeconfig/kubeconfig.go
crbExists bool clusterRoleBinding = &rbac.ClusterRoleBinding{ ObjectMeta: metav1.ObjectMeta{ Name: kubeadmconstants.ClusterAdminsGroupAndClusterRoleBinding, }, RoleRef: rbac.RoleRef{ APIGroup: rbac.GroupName, Kind: "ClusterRole", Name: "cluster-admin", }, Subjects: []rbac.Subject{ { Kind: rbac.GroupKind,
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Jun 07 17:04:18 UTC 2024 - 27K bytes - Viewed (0) -
pilot/pkg/security/authz/builder/builder.go
"istio.io/istio/pkg/wellknown" ) var rbacPolicyMatchNever = &rbacpb.Policy{ Permissions: []*rbacpb.Permission{{Rule: &rbacpb.Permission_NotRule{ NotRule: &rbacpb.Permission{Rule: &rbacpb.Permission_Any{Any: true}}, }}}, Principals: []*rbacpb.Principal{{Identifier: &rbacpb.Principal_NotId{ NotId: &rbacpb.Principal{Identifier: &rbacpb.Principal_Any{Any: true}}, }}}, } // General setting to control behavior
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Nov 20 22:15:12 UTC 2023 - 12.6K bytes - Viewed (0) -
pilot/pkg/networking/grpcgen/lds.go
// // nolint: unparam func buildRBAC(node *model.Proxy, push *model.PushContext, suffix string, context *tls.DownstreamTlsContext, a rbacpb.RBAC_Action, policies []model.AuthorizationPolicy, ) *rbacpb.RBAC { rules := &rbacpb.RBAC{ Action: a, Policies: map[string]*rbacpb.Policy{}, } for _, policy := range policies { for i, rule := range policy.Spec.Rules {
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Wed Apr 17 22:20:44 UTC 2024 - 14.6K bytes - Viewed (0) -
pilot/pkg/security/authz/model/model.go
var permissions []*rbacpb.Permission if r.extended != nil { if len(r.values) > 0 { p, err := r.extended.extendedPermission(r.key, r.values, forTCP) if err := r.checkError(action, err); err != nil { return nil, err } if p != nil { permissions = append(permissions, p) } } } else { var or []*rbacpb.Permission
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Mar 25 10:39:25 UTC 2024 - 13.8K bytes - Viewed (0) -
pilot/pkg/security/authz/model/model_test.go
}, }, }, }, { Identifier: &rbacpb.Principal_NotId{ NotId: &rbacpb.Principal{ Identifier: &rbacpb.Principal_OrIds{ OrIds: &rbacpb.Principal_Set{ Ids: []*rbacpb.Principal{ { Identifier: &rbacpb.Principal_Authenticated_{ Authenticated: &rbacpb.Principal_Authenticated{ PrincipalName: &matcherv3.StringMatcher{
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Nov 20 22:15:12 UTC 2023 - 10K bytes - Viewed (0)