This Document documents the types introduced by the Access-Manager to be consumed by users.
- BindingsSpec
- ClusterSpec
- NamespacedSpec
- NamespaceSpec
- RbacDefinition
- RbacDefinitionList
- RbacDefinitionSpec
BindingsSpec defines the name and "body" of a RoleBinding.
Field | Description | Scheme | Required |
---|---|---|---|
name | Name of the RoleBinding. Optional, if not set roleName is used. |
string | false |
roleName | Name of the Role or ClusterRole to reference. | string | true |
kind | Kind of the roleName Either Role or ClusterRole . |
string | true |
allServiceAccounts | Whether all ServiceAccount s of this namespace should be included as subjects. |
bool | false |
subjects | List of RBAC-Subjects. | []rbacv1.Subject | true |
ClusterSpec defines the name and "body" of a ClusterRoleBinding.
Field | Description | Scheme | Required |
---|---|---|---|
name | Name of the ClusterRoleBinding. Optional, if not set clusterRoleName is used. |
string | false |
clusterRoleName | Name of the ClusterRole to reference. | string | true |
subjects | List of RBAC-Subjects. | []rbacv1.Subject | true |
NamespacedSpec describes a set of RoleBindings to create in different namespaces.
Field | Description | Scheme | Required |
---|---|---|---|
namespace | Single namespace name. Optional, but one of namespace or namespaceSelector is required. |
NamespaceSpec | false |
namespaceSelector | LabelSelector. Optional, but one of namespace or namespaceSelector is required. |
metav1.LabelSelector | false |
bindings | List of RoleBindings to create. | []BindingsSpec | true |
NamespaceSpec defines a name of a single namespace.
Field | Description | Scheme | Required |
---|---|---|---|
name | Name of a single namespace. | string | true |
RbacDefinition is the definition object itself.
Field | Description | Scheme | Required |
---|---|---|---|
metadata | metav1.ObjectMeta | true | |
spec | RbacDefinitionSpec | true |
RbacDefinitionList is a list of RbacDefinitions.
Field | Description | Scheme | Required |
---|---|---|---|
metadata | Standard list metadata. | metav1.ListMeta | true |
items | List of Definitions. | []*RbacDefinition | true |
RbacDefinitionSpec defines namespace- and cluster-spec objects.
Field | Description | Scheme | Required |
---|---|---|---|
paused | Represents whether any actions on the underlaying managed objects are being performed. Only delete actions will be performed. | bool | false |
namespaced | Optional, but one of namespaced or cluster is required. |
NamespacedSpec | false |
cluster | Optional, but one of namespaced or cluster is required. |
ClusterSpec | false |