github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
k3s/pkg
History
Kubernetes Submit Queue b256b07007 Merge pull request #32407 from deads2k/authz-01-lsar 
Automatic merge from submit-queue

add local subject access review API

Adds a local subject access review endpoint to allow a project-admin (someone with full rights within a namespace) the power to inspect whether a person can perform an action in his namespace.  This is a separate resource be factoring like this ensures that it is impossible for him to look outside his namespace and makes it possible to create authorization rules that can restrict this power to a project-admin in his own namespace.  Other factorings require introspection of objects.

@kubernetes/sig-auth
 		2016-09-13 22:09:35 -07:00
..
admission
api Revert "Allow webhook authenticator to use TokenReviewsInterface" 2016-09-13 11:48:43 -07:00
apimachinery filter enabled versions by enablement 2016-09-09 13:51:21 -04:00
apis Merge pull request #32407 from deads2k/authz-01-lsar 2016-09-13 22:09:35 -07:00
apiserver Improvements on OpenAPI spec generation: 2016-09-12 18:47:03 -07:00
auth
capabilities
client generated client 2016-09-13 08:54:23 -04:00
cloudprovider Merge pull request #32265 from lojies/errmodify 2016-09-13 01:16:03 -07:00
controller add localSAR 2016-09-13 08:54:23 -04:00
conversion
credentialprovider
dns add err to glog 2016-09-09 17:03:27 +08:00
fieldpath
fields
genericapiserver Merge pull request #32582 from jlowdermilk/api-all 2016-09-13 20:27:34 -07:00
healthz
httplog Log useful information on 500's 2016-08-31 13:46:40 -07:00
hyperkube
kubectl Merge pull request #32274 from ping035627/ping035627-patch-0908 2016-09-13 01:15:52 -07:00
kubelet Merge pull request #31576 from feiskyer/kuberuntime-filter 2016-09-13 16:42:13 -07:00
kubemark Kubelet Refactoring 2016-08-25 10:57:31 -07:00
labels
master add localSAR 2016-09-13 08:54:23 -04:00
metrics
probe
proxy Fix kube-proxy logic to change iptables chains when ESIPP is turned on or off 2016-09-06 11:04:36 -07:00
quota
registry add localSAR 2016-09-13 08:54:23 -04:00
runtime Update generated proto and swagger docs 2016-09-12 18:47:03 -07:00
security Fix PSP volumes error message 2016-09-01 15:55:34 -07:00
securitycontext
selection
serviceaccount
ssh
storage Extend logging for performance debuggin 2016-09-12 12:46:19 +02:00
types
ui
util Merge pull request #32244 from tksm/fix-cache-race 2016-09-13 14:36:26 -07:00
version Add +k8s:openapi-gen tag to API types 2016-09-12 18:47:03 -07:00
volume Merge pull request #32242 from jingxu97/bug-wrongvolume-9-2 2016-09-12 15:29:38 -07:00
watch Federated Ingress: unify UID's across Cluster Ingress Controllers 2016-09-13 08:29:33 -07:00
OWNERS