You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: config/schemas/config.yaml
+82Lines changed: 82 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -832,6 +832,80 @@ $defs:
832
832
description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string.
833
833
type: string
834
834
type: object
835
+
io.k8s.api.rbac.v1.Subject:
836
+
description: Subject contains a reference to the object or user identities a role
837
+
binding applies to. This can either hold a direct API object reference, or a
838
+
value for non-objects such as user and group names.
839
+
properties:
840
+
apiGroup:
841
+
description: APIGroup holds the API group of the referenced subject. Defaults
842
+
to "" for ServiceAccount subjects. Defaults to "rbac.authorization.k8s.io"
843
+
for User and Group subjects.
844
+
type: string
845
+
kind:
846
+
description: Kind of object being referenced. Values defined by this API group
847
+
are "User", "Group", and "ServiceAccount". If the Authorizer does not recognized
848
+
the kind value, the Authorizer should report an error.
849
+
type: string
850
+
enum:
851
+
- Group
852
+
- ServiceAccount
853
+
- User
854
+
name:
855
+
description: Name of the object being referenced.
856
+
type: string
857
+
namespace:
858
+
description: Namespace of the referenced object. If the object kind is non-namespace,
859
+
such as "User" or "Group", and this value is not empty the Authorizer should
860
+
report an error.
861
+
type: string
862
+
required:
863
+
- kind
864
+
- name
865
+
type: object
866
+
io.k8s.api.rbac.v1.PolicyRule:
867
+
description: PolicyRule holds information that describes a policy rule, but does
868
+
not contain information about who the rule applies to or which namespace the rule
869
+
applies to.
870
+
properties:
871
+
apiGroups:
872
+
description: APIGroups is the name of the APIGroup that contains the resources. If
873
+
multiple API groups are specified, any action requested against one of the
874
+
enumerated resources in any API group will be allowed.
875
+
items:
876
+
type: string
877
+
type: array
878
+
nonResourceURLs:
879
+
description: NonResourceURLs is a set of partial urls that a user should have
880
+
access to. *s are allowed, but only as the full, final step in the path Since
881
+
non-resource URLs are not namespaced, this field is only applicable for ClusterRoles
882
+
referenced from a ClusterRoleBinding. Rules can either apply to API resources
883
+
(such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but
884
+
not both.
885
+
items:
886
+
type: string
887
+
type: array
888
+
resourceNames:
889
+
description: ResourceNames is an optional white list of names that the rule
890
+
applies to. An empty set means that everything is allowed.
891
+
items:
892
+
type: string
893
+
type: array
894
+
resources:
895
+
description: Resources is a list of resources this rule applies to. ResourceAll
896
+
represents all resources.
897
+
items:
898
+
type: string
899
+
type: array
900
+
verbs:
901
+
description: Verbs is a list of Verbs that apply to ALL the ResourceKinds and
902
+
AttributeRestrictions contained in this rule. VerbAll represents all kinds.
0 commit comments