| Version         | String  | Yes      | Value must be `2011-06-15`                                           |
| Token           | String  | Yes      | Token to be authenticated by identity plugin                         |
| RoleArn         | String  | Yes      | Must match the Role ARN generated for the identity plugin            |

{* ../../docs_src/security/tutorial002_an_py310.py hl[25] *}

## Get the user { #get-the-user }

`get_current_user` will use a (fake) utility function we created, that takes a token as a `str` and returns our Pydantic `User` model:

*   Pod preemption has been improved.
    *   Now takes PodDisruptionBudget into account. ([#56178](https://github.com/kubernetes/kubernetes/pull/56178),[ @bsalamat](https://github.com/bsalamat))

- kube-apiserver: `--service-account-max-token-expiration` can now be used in combination with an external token signer `--service-account-signing-endpoint`, as long as the `--service-account-max-token-expiration` is not longer than the external token signer's max expiration. ([#129816](https://github.com/kubernetes/kubernetes/pull/129816), [@sambdavidson](https://github.com/sambdavidson)) [SIG...

 - The default Bootstrap Token created with `kubeadm init` v1.8 expires
 and is deleted after 24 hours by default to limit the exposure of the
 valuable credential. You can create a new Bootstrap Token with
 `kubeadm token create` or make the default token permanently valid by specifying
 `--token-ttl 0` to `kubeadm init`. The default token can later be deleted with
 `kubeadm token delete`.

labels.handler_parameter=Parameter
labels.handlerScript=Script
labels.data_crawling_button_create=Maken
labels.data_crawling_button_create_job=Nieuwe taak maken
labels.wizard_title_configuration=Configuratiewizard
labels.wizard_start_title=Snelle installatie
labels.wizard_start_desc=U kunt eenvoudig een crawlconfiguratie maken met behulp van de configuratiewizard.
labels.wizard_start_button=Start configuratie

- Kubeadm: fix the bug that configurable KubernetesVersion not respected during kubeadm join ([#111022](https://github.com/kubernetes/kubernetes/pull/111022), [@SataQiu](https://github.com/SataQiu)) [SIG Cluster Lifecycle]
- Reduced time taken to sync proxy rules on Windows kube-proxy with kernelspace mode ([#110702](https://github.com/kubernetes/kubernetes/pull/110702), [@daschott](https://github.com/daschott)) [SIG Network and Windows]

Shinsuke Sugaya <******@****.***> 1436049991 +0900

# Security { #security }

There are many ways to handle security, authentication and authorization.

And it normally is a complex and "difficult" topic.

In many frameworks and systems just handling security and authentication takes a big amount of effort and code (in many cases it can be 50% or more of all the code written).

And that function takes parameters in the same way that *path operation functions* do.

/// tip

You'll see what other "things", apart from functions, can be used as dependencies in the next chapter.

///

Whenever a new request arrives, **FastAPI** will take care of:

* Calling your dependency ("dependable") function with the correct parameters.