apiVersion: rbac.authorization.k8s.io/v1
import "k8s.io/api/rbac/v1"
PolicyRule holds information that describes a policy rule, but does not contain information about who the rule applies to or which namespace the rule applies to.
| Field | Description |
|---|---|
apiGroupsstring array |
APIGroups is the name of the APIGroup that contains the resources. If multiple API groups are specified, any action requested against one of the enumerated resources in any API group will be allowed. "" represents the core API group and "*" represents all API groups. |
nonResourceURLsstring array |
NonResourceURLs is a set of partial urls that a user should have access to. *s are allowed, but only as the full, final step in the path Since non-resource URLs are not namespaced, this field is only applicable for ClusterRoles referenced from a ClusterRoleBinding. Rules can either apply to API resources (such as "pods" or "secrets") or non-resource URL paths (such as "/api"), but not both. |
resourceNamesstring array |
ResourceNames is an optional white list of names that the rule applies to. An empty set means that everything is allowed. |
resourcesstring array |
Resources is a list of resources this rule applies to. '\*' represents all resources. |
verbs *string array |
Verbs is a list of Verbs that apply to ALL the ResourceKinds contained in this rule. '\*' represents all verbs. |
This page is automatically generated.
If you plan to report an issue with this page, mention that the page is auto-generated in your issue description. The fix may need to happen elsewhere in the Kubernetes project.