v1beta1.SelfSubjectAccessReview

You are viewing documentation for a release that is no longer supported. The latest supported version of version 3 is [3.11]. For the most recent version 4, see [4]

You are viewing documentation for a release that is no longer supported. The latest supported version of version 3 is [3.11]. For the most recent version 4, see [4]

Description

SelfSubjectAccessReview checks whether or the current user can perform an action. Not filling in a spec.namespace means “in all namespaces”. Self is a special case, because users should always be able to check whether they can perform an action

Object Schema

Expand or mouse-over a field for more information about it.

  1. apiVersion:
  2. kind:
  3. metadata:
  4. annotations:
  5. [string]:
  6. clusterName:
  7. creationTimestamp:
  8. deletionGracePeriodSeconds:
  9. deletionTimestamp:
  10. finalizers:
  11. - [string]:
  12. generateName:
  13. generation:
  14. initializers:
  15. pending:
  16. - name:
  17. result:
  18. apiVersion:
  19. code:
  20. details:
  21. causes:
  22. - field:
  23. message:
  24. reason:
  25. group:
  26. kind:
  27. name:
  28. retryAfterSeconds:
  29. uid:
  30. kind:
  31. message:
  32. metadata:
  33. resourceVersion:
  34. selfLink:
  35. reason:
  36. status:
  37. labels:
  38. [string]:
  39. name:
  40. namespace:
  41. ownerReferences:
  42. - apiVersion:
  43. blockOwnerDeletion:
  44. controller:
  45. kind:
  46. name:
  47. uid:
  48. resourceVersion:
  49. selfLink:
  50. uid:
  51. spec:
  52. nonResourceAttributes:
  53. path:
  54. verb:
  55. resourceAttributes:
  56. group:
  57. name:
  58. namespace:
  59. resource:
  60. subresource:
  61. verb:
  62. version:
  63. status:
  64. allowed:
  65. evaluationError:
  66. reason:

Operations

Create a SelfSubjectAccessReview

Create a SelfSubjectAccessReview

HTTP request

  1. POST /apis/authorization.k8s.io/v1beta1/selfsubjectaccessreviews HTTP/1.1
  2. Authorization: Bearer $TOKEN
  3. Accept: application/json
  4. Connection: close
  5. Content-Type: application/json'
  6. {
  7. "kind": "SelfSubjectAccessReview",
  8. "apiVersion": "authorization.k8s.io/v1beta1",
  9. ...
  10. }

Curl request

  1. $ curl -k \
  2. -X POST \
  3. -d @- \
  4. -H "Authorization: Bearer $TOKEN" \
  5. -H 'Accept: application/json' \
  6. -H 'Content-Type: application/json' \
  7. https://$ENDPOINT/apis/authorization.k8s.io/v1beta1/selfsubjectaccessreviews <<'EOF'
  8. {
  9. "kind": "SelfSubjectAccessReview",
  10. "apiVersion": "authorization.k8s.io/v1beta1",
  11. ...
  12. }
  13. EOF

HTTP body

ParameterSchema

body

v1beta1.SelfSubjectAccessReview

Query parameters

ParameterDescription

pretty

If ‘true’, then the output is pretty printed.

Responses

HTTP CodeSchema

200 OK

v1beta1.SelfSubjectAccessReview

401 Unauthorized

Consumes

  • */*

Produces

  • application/json

  • application/yaml

  • application/vnd.kubernetes.protobuf