v1.SubjectAccessReview

Description

SubjectAccessReview checks whether or not a user or group can perform an action.

Object Schema

Expand or mouse-over a field for more information about it.

apiVersion:
kind:
metadata:
  annotations:
    [string]:
  clusterName:
  creationTimestamp:
  deletionGracePeriodSeconds:
  deletionTimestamp:
  finalizers:
  - [string]:
  generateName:
  generation:
  initializers:
    pending:
    - name:
    result:
      apiVersion:
      code:
      details:
        causes:
        - field:
          message:
          reason:
        group:
        kind:
        name:
        retryAfterSeconds:
        uid:
      kind:
      message:
      metadata:
        resourceVersion:
        selfLink:
      reason:
      status:
  labels:
    [string]:
  name:
  namespace:
  ownerReferences:
  - apiVersion:
    blockOwnerDeletion:
    controller:
    kind:
    name:
    uid:
  resourceVersion:
  selfLink:
  uid:
spec:
  extra:
    [string]:
  groups:
  - [string]:
  nonResourceAttributes:
    path:
    verb:
  resourceAttributes:
    group:
    name:
    namespace:
    resource:
    subresource:
    verb:
    version:
  user:
status:
  allowed:
  evaluationError:
  reason:

Operations

Create a SubjectAccessReview

Create a SubjectAccessReview

HTTP request

POST /apis/authorization.k8s.io/v1/subjectaccessreviews HTTP/1.1
Authorization: Bearer $TOKEN
Accept: application/json
Connection: close
Content-Type: application/json'
{
  "kind": "SubjectAccessReview",
  "apiVersion": "authorization.k8s.io/v1",
  ...
}

Curl request

$ curl -k \
    -X POST \
    -d @- \
    -H "Authorization: Bearer $TOKEN" \
    -H 'Accept: application/json' \
    -H 'Content-Type: application/json' \
    https://$ENDPOINT/apis/authorization.k8s.io/v1/subjectaccessreviews <<'EOF'
{
  "kind": "SubjectAccessReview",
  "apiVersion": "authorization.k8s.io/v1",
  ...
}
EOF

HTTP body

Query parameters

Responses

Consumes

• */*

Produces

• application/json

• application/yaml

• application/vnd.kubernetes.protobuf