'kubectl auth can-i --list' 有 Python 客户 API
is there Python client API for 'kubectl auth can-i --list'
我正在尝试列出与服务帐户关联的权限 'foobar-user' 应用到命名空间 'kube-system' 中的集群:
kubectl auth can-i --list --as=system:serviceaccount:kube-system:foobar-user --namespace=kube-system
Resources Non-Resource URLs Resource Names Verbs
clusterroles [] [] [create list update watch get]
deployments [] [] [create list update watch get]
endpoints [] [] [create list update watch get]
pods [] [] [create list update watch get]
rolebindings [] [] [create list update watch get]
roles [] [] [create list update watch get]
secrets [] [] [create list update watch get]
services [] [] [create list update watch get]
selfsubjectaccessreviews.authorization.k8s.io [] [] [create]
selfsubjectrulesreviews.authorization.k8s.io [] [] [create]
[/.well-known/openid-configuration] [] [get]
[/api/*] [] [get]
[/api] [] [get]
[/apis/*] [] [get]
[/apis] [] [get]
[/healthz] [] [get]
[/healthz] [] [get]
[/livez] [] [get]
[/livez] [] [get]
[/openapi/*] [] [get]
[/openapi] [] [get]
[/openid/v1/jwks] [] [get]
[/readyz] [] [get]
[/readyz] [] [get]
[/version/] [] [get]
[/version/] [] [get]
[/version] [] [get]
[/version] [] [get]
nodes [] [] [list watch get]
什么是等效的 API 通过 Python 客户端为 kubernetes 列出与服务帐户关联的权限?感谢您的帮助,谢谢!
通过 Python kubernetes 客户端执行此操作的等效 API 是:
AuthorizationV1Api - create a SelfSubjectRulesReview
Kubernetes官方文档如下:
SelfSubjectRulesReview
:审查 returns 用户可以在命名空间内执行的一组操作。对用户快速总结他们自己的访问或对 hide/show 操作的 UI 很有用。
我正在尝试列出与服务帐户关联的权限 'foobar-user' 应用到命名空间 'kube-system' 中的集群:
kubectl auth can-i --list --as=system:serviceaccount:kube-system:foobar-user --namespace=kube-system
Resources Non-Resource URLs Resource Names Verbs
clusterroles [] [] [create list update watch get]
deployments [] [] [create list update watch get]
endpoints [] [] [create list update watch get]
pods [] [] [create list update watch get]
rolebindings [] [] [create list update watch get]
roles [] [] [create list update watch get]
secrets [] [] [create list update watch get]
services [] [] [create list update watch get]
selfsubjectaccessreviews.authorization.k8s.io [] [] [create]
selfsubjectrulesreviews.authorization.k8s.io [] [] [create]
[/.well-known/openid-configuration] [] [get]
[/api/*] [] [get]
[/api] [] [get]
[/apis/*] [] [get]
[/apis] [] [get]
[/healthz] [] [get]
[/healthz] [] [get]
[/livez] [] [get]
[/livez] [] [get]
[/openapi/*] [] [get]
[/openapi] [] [get]
[/openid/v1/jwks] [] [get]
[/readyz] [] [get]
[/readyz] [] [get]
[/version/] [] [get]
[/version/] [] [get]
[/version] [] [get]
[/version] [] [get]
nodes [] [] [list watch get]
什么是等效的 API 通过 Python 客户端为 kubernetes 列出与服务帐户关联的权限?感谢您的帮助,谢谢!
通过 Python kubernetes 客户端执行此操作的等效 API 是:
AuthorizationV1Api - create a SelfSubjectRulesReview
Kubernetes官方文档如下:
SelfSubjectRulesReview
:审查 returns 用户可以在命名空间内执行的一组操作。对用户快速总结他们自己的访问或对 hide/show 操作的 UI 很有用。