pulumi-kubernetes-kotlin/com.pulumi.kubernetes.rbac.v1alpha1.kotlin.outputs

Package-level declarations

Types

AggregationRule

data class AggregationRule(val clusterRoleSelectors: List<LabelSelector>? = null)

AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole

AggregationRulePatch

data class AggregationRulePatch(val clusterRoleSelectors: List<LabelSelectorPatch>? = null)

AggregationRule describes how to locate ClusterRoles to aggregate into the ClusterRole

ClusterRole

data class ClusterRole(val aggregationRule: AggregationRule? = null, val apiVersion: String? = null, val kind: String? = null, val metadata: ObjectMeta? = null, val rules: List<PolicyRule>? = null)

ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRole, and will no longer be served in v1.20.

ClusterRoleBinding

data class ClusterRoleBinding(val apiVersion: String? = null, val kind: String? = null, val metadata: ObjectMeta? = null, val roleRef: RoleRef, val subjects: List<Subject>? = null)

ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace, and adds who information via Subject. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoleBinding, and will no longer be served in v1.20.

PolicyRule

data class PolicyRule(val apiGroups: List<String>? = null, val nonResourceURLs: List<String>? = null, val resourceNames: List<String>? = null, val resources: List<String>? = null, val verbs: List<String>)

PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.

PolicyRulePatch

data class PolicyRulePatch(val apiGroups: List<String>? = null, val nonResourceURLs: List<String>? = null, val resourceNames: List<String>? = null, val resources: List<String>? = null, val verbs: List<String>? = null)

PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.

Role

data class Role(val apiVersion: String? = null, val kind: String? = null, val metadata: ObjectMeta? = null, val rules: List<PolicyRule>? = null)

Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 Role, and will no longer be served in v1.20.

RoleBinding

data class RoleBinding(val apiVersion: String? = null, val kind: String? = null, val metadata: ObjectMeta? = null, val roleRef: RoleRef, val subjects: List<Subject>? = null)

RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 RoleBinding, and will no longer be served in v1.20.

RoleRef

data class RoleRef(val apiGroup: String, val kind: String, val name: String)

RoleRef contains information that points to the role being used

RoleRefPatch

data class RoleRefPatch(val apiGroup: String? = null, val kind: String? = null, val name: String? = null)

RoleRef contains information that points to the role being used

Subject

data class Subject(val apiVersion: String? = null, val kind: String, val name: String, val namespace: String? = null)

Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, or a value for non-objects such as user and group names.

SubjectPatch

data class SubjectPatch(val apiVersion: String? = null, val kind: String? = null, val name: String? = null, val namespace: String? = null)

Subject contains a reference to the object or user identities a role binding applies to. This can either hold a direct API object reference, or a value for non-objects such as user and group names.