authorization.v1.roleBindingRestrictionSpec

"RoleBindingRestrictionSpec defines a rolebinding restriction. Exactly one field must be non-nil."

Index

• obj grouprestriction
  • fn withGroups(groups)
  • fn withGroupsMixin(groups)
  • fn withLabels(labels)
  • fn withLabelsMixin(labels)
• obj serviceaccountrestriction
  • fn withNamespaces(namespaces)
  • fn withNamespacesMixin(namespaces)
  • fn withServiceaccounts(serviceaccounts)
  • fn withServiceaccountsMixin(serviceaccounts)
• obj userrestriction
  • fn withGroups(groups)
  • fn withGroupsMixin(groups)
  • fn withLabels(labels)
  • fn withLabelsMixin(labels)
  • fn withUsers(users)
  • fn withUsersMixin(users)

Fields

obj grouprestriction

"GroupRestriction matches a group either by a string match on the group name or a label selector applied to group labels."

fn grouprestriction.withGroups

withGroups(groups)

"Groups is a list of groups used to match against an individual user's groups. If the user is a member of one of the whitelisted groups, the user is allowed to be bound to a role."

fn grouprestriction.withGroupsMixin

withGroupsMixin(groups)

"Groups is a list of groups used to match against an individual user's groups. If the user is a member of one of the whitelisted groups, the user is allowed to be bound to a role."

Note: This function appends passed data to existing values

fn grouprestriction.withLabels

withLabels(labels)

"Selectors specifies a list of label selectors over group labels."

fn grouprestriction.withLabelsMixin

withLabelsMixin(labels)

"Selectors specifies a list of label selectors over group labels."

Note: This function appends passed data to existing values

obj serviceaccountrestriction

"ServiceAccountRestriction matches a service account by a string match on either the service-account name or the name of the service account's namespace."

fn serviceaccountrestriction.withNamespaces

withNamespaces(namespaces)

"Namespaces specifies a list of literal namespace names."

fn serviceaccountrestriction.withNamespacesMixin

withNamespacesMixin(namespaces)

"Namespaces specifies a list of literal namespace names."

Note: This function appends passed data to existing values

fn serviceaccountrestriction.withServiceaccounts

withServiceaccounts(serviceaccounts)

"ServiceAccounts specifies a list of literal service-account names."

fn serviceaccountrestriction.withServiceaccountsMixin

withServiceaccountsMixin(serviceaccounts)

"ServiceAccounts specifies a list of literal service-account names."

Note: This function appends passed data to existing values

obj userrestriction

"UserRestriction matches a user either by a string match on the user name, a string match on the name of a group to which the user belongs, or a label selector applied to the user labels."

fn userrestriction.withGroups

withGroups(groups)

"Groups specifies a list of literal group names."

fn userrestriction.withGroupsMixin

withGroupsMixin(groups)

"Groups specifies a list of literal group names."

Note: This function appends passed data to existing values

fn userrestriction.withLabels

withLabels(labels)

"Selectors specifies a list of label selectors over user labels."

fn userrestriction.withLabelsMixin

withLabelsMixin(labels)

"Selectors specifies a list of label selectors over user labels."

Note: This function appends passed data to existing values

fn userrestriction.withUsers

withUsers(users)

"Users specifies a list of literal user names."

fn userrestriction.withUsersMixin

withUsersMixin(users)

"Users specifies a list of literal user names."

Note: This function appends passed data to existing values