- Sort Score
- Result 10 results
- Languages All
Results 61 - 70 of 79 for PolicyRule (0.3 sec)
-
staging/src/k8s.io/apiserver/pkg/audit/policy/reader_test.go
- level: None resources: - group: coordination.k8s.io resources: - "leases" verbs: ["watch", "get", "list"] # invalid indentation on verbs ` var expectedPolicy = &audit.Policy{ Rules: []audit.PolicyRule{{ Level: audit.LevelNone, NonResourceURLs: []string{"/healthz*", "/version"}, }, { Level: audit.LevelRequestResponse, Users: []string{"tim"}, UserGroups: []string{"testers", "developers"},
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Apr 12 15:46:12 UTC 2023 - 4.2K bytes - Viewed (0) -
cmd/kubeadm/app/phases/bootstraptoken/node/tlsbootstrap.go
if err := apiclient.CreateOrUpdateClusterRole(client, &rbac.ClusterRole{ ObjectMeta: metav1.ObjectMeta{ Name: constants.GetNodesClusterRoleName, }, Rules: []rbac.PolicyRule{ { Verbs: []string{"get"}, APIGroups: []string{""}, Resources: []string{"nodes"}, }, }, }); err != nil { return err }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sun Oct 15 10:49:52 UTC 2023 - 4.2K bytes - Viewed (0) -
plugin/pkg/auth/authorizer/rbac/subject_locator.go
// of the role binding, the empty string if a cluster role binding. GetRoleReferenceRules(roleRef rbacv1.RoleRef, namespace string) ([]rbacv1.PolicyRule, error) } type SubjectLocator interface { AllowedSubjects(attributes authorizer.Attributes) ([]rbacv1.Subject, error) } var _ = SubjectLocator(&SubjectAccessEvaluator{})
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Tue May 22 12:17:05 UTC 2018 - 4.7K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/apis/audit/v1/types.go
Items []Policy `json:"items" protobuf:"bytes,2,rep,name=items"` } // PolicyRule maps requests based off metadata to an audit Level. // Requests must match the rules of every field (an intersection of rules). type PolicyRule struct { // The Level that requests matching this rule are recorded at. Level Level `json:"level" protobuf:"bytes,1,opt,name=level,casttype=Level"`
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Nov 27 20:24:10 UTC 2023 - 14.5K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/apis/audit/validation/validation.go
rulePath := field.NewPath("rules") for i, rule := range policy.Rules { allErrs = append(allErrs, validatePolicyRule(rule, rulePath.Index(i))...) } return allErrs } func validatePolicyRule(rule audit.PolicyRule, fldPath *field.Path) field.ErrorList { var allErrs field.ErrorList allErrs = append(allErrs, validateLevel(rule.Level, fldPath.Child("level"))...)
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Feb 15 14:13:07 UTC 2019 - 4.6K bytes - Viewed (0) -
cmd/kubeadm/app/phases/bootstraptoken/clusterinfo/clusterinfo_test.go
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sun Feb 18 11:14:32 UTC 2024 - 5.3K bytes - Viewed (0) -
pkg/registry/rbac/clusterrole/policybased/storage.go
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Nov 18 10:11:16 UTC 2022 - 5.2K bytes - Viewed (0) -
cmd/kubeadm/app/phases/kubelet/config.go
if err := apiclient.CreateOrUpdateRole(client, &rbac.Role{ ObjectMeta: metav1.ObjectMeta{ Name: kubeadmconstants.KubeletBaseConfigMapRole, Namespace: metav1.NamespaceSystem, }, Rules: []rbac.PolicyRule{ { Verbs: []string{"get"}, APIGroups: []string{""}, Resources: []string{"configmaps"}, ResourceNames: []string{kubeadmconstants.KubeletBaseConfigurationConfigMap}, },
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Feb 02 12:34:30 UTC 2024 - 5.9K bytes - Viewed (0) -
staging/src/k8s.io/apiserver/pkg/server/options/audit_test.go
return f.Name() } func makeTmpPolicy(t *testing.T) string { pol := auditv1.Policy{ TypeMeta: metav1.TypeMeta{ APIVersion: "audit.k8s.io/v1", }, Rules: []auditv1.PolicyRule{ { Level: auditv1.LevelRequestResponse, }, }, } f, err := ioutil.TempFile("", "k8s_audit_policy_test_") require.NoError(t, err, "creating temp file")
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Mon Jun 27 14:57:26 UTC 2022 - 7.8K bytes - Viewed (0) -
plugin/pkg/auth/authorizer/node/node_authorizer.go
nodeRules []rbacv1.PolicyRule // allows overriding for testing features featuregate.FeatureGate } var _ = authorizer.Authorizer(&NodeAuthorizer{}) var _ = authorizer.RuleResolver(&NodeAuthorizer{}) // NewAuthorizer returns a new node authorizer func NewAuthorizer(graph *Graph, identifier nodeidentifier.NodeIdentifier, rules []rbacv1.PolicyRule) *NodeAuthorizer { return &NodeAuthorizer{
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Mar 07 21:22:55 UTC 2024 - 16K bytes - Viewed (0)