github/kubernetes
1
0
Fork 0
mirror of https://github.com/k3s-io/kubernetes.git synced 2026-01-29 21:29:24 +00:00
Code Issues Projects Releases Wiki Activity

allow */subresource in rbac policy rules

Browse Source
This commit is contained in:
David Eads
2017-10-11 10:06:37 -04:00
parent 5a709021ab
commit e8a703b651
26 changed files with 205 additions and 49 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/apis/authorization/types.go
View File

@@ -205,7 +205,8 @@ type ResourceRule struct {
// APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of
// the enumerated resources in any API group will be allowed. "*" means all.
APIGroups []string
// Resources is a list of resources this rule applies to. ResourceAll represents all resources. "*" means all.
// Resources is a list of resources this rule applies to. "*" means all in the specified apiGroups.
// "*/foo" represents the subresource 'foo' for all resources in the specified apiGroups.
Resources []string
// ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. "*" means all.
ResourceNames []string