Kazan v0.7.0 Kazan.Apis.Authorization.V1beta1.SubjectRulesReviewStatus View Source

SubjectRulesReviewStatus contains the result of a rules check. This check can be incomplete depending on the set of authorizers the server is configured with and any errors experienced during evaluation. Because authorization rules are additive, if a rule appears in a list it’s safe to assume the subject has that permission, even if that list is incomplete.

OpenAPI Definition: io.k8s.api.authorization.v1beta1.SubjectRulesReviewStatus

Properties

  • evaluation_error :: String

    • EvaluationError can appear in combination with Rules. It indicates an error occurred during rule evaluation, such as an authorizer that doesn’t support rule evaluation, and that ResourceRules and/or NonResourceRules may be incomplete.
  • incomplete :: Boolean

    • Incomplete is true when the rules returned by this call are incomplete. This is most commonly encountered when an authorizer, such as an external authorizer, doesn’t support rules evaluation.
  • non_resource_rules :: [ Kazan.Apis.Authorization.V1beta1.NonResourceRule ]

    • NonResourceRules is the list of actions the subject is allowed to perform on non-resources. The list ordering isn’t significant, may contain duplicates, and possibly be incomplete.
  • resource_rules :: [ Kazan.Apis.Authorization.V1beta1.ResourceRule ]

    • ResourceRules is the list of actions the subject is allowed to perform on resources. The list ordering isn’t significant, may contain duplicates, and possibly be incomplete.