v1.SelfSubjectAccessReview

Description

SelfSubjectAccessReview checks whether or the current user can perform an action. Not filling in a spec.namespace means “in all namespaces”. Self is a special case, because users should always be able to check whether they can perform an action

Object Schema

Expand or mouse-over a field for more information about it.

  1. apiVersion:
  2. kind:
  3. metadata:
  4.   annotations:
  5.     [string]:
  6.   clusterName:
  7.   creationTimestamp:
  8.   deletionGracePeriodSeconds:
  9.   deletionTimestamp:
  10.   finalizers:
  11.   - [string]:
  12.   generateName:
  13.   generation:
  14.   initializers:
  15.     pending:
  16.     - name:
  17.     result:
  18.       apiVersion:
  19.       code:
  20.       details:
  21.         causes:
  22.         - field:
  23.           message:
  24.           reason:
  25.         group:
  26.         kind:
  27.         name:
  28.         retryAfterSeconds:
  29.         uid:
  30.       kind:
  31.       message:
  32.       metadata:
  33.         resourceVersion:
  34.         selfLink:
  35.       reason:
  36.       status:
  37.   labels:
  38.     [string]:
  39.   name:
  40.   namespace:
  41.   ownerReferences:
  42.   - apiVersion:
  43.     blockOwnerDeletion:
  44.     controller:
  45.     kind:
  46.     name:
  47.     uid:
  48.   resourceVersion:
  49.   selfLink:
  50.   uid:
  51. spec:
  52.   nonResourceAttributes:
  53.     path:
  54.     verb:
  55.   resourceAttributes:
  56.     group:
  57.     name:
  58.     namespace:
  59.     resource:
  60.     subresource:
  61.     verb:
  62.     version:
  63. status:
  64.   allowed:
  65.   evaluationError:
  66.   reason:

Operations

Create a SelfSubjectAccessReview

Create a SelfSubjectAccessReview

HTTP request

  1. POST /apis/authorization.k8s.io/v1/selfsubjectaccessreviews HTTP/1.1
  2. Authorization: Bearer $TOKEN
  3. Accept: application/json
  4. Connection: close
  5. Content-Type: application/json'
  7. {
  8.   "kind": "SelfSubjectAccessReview",
  9.   "apiVersion": "authorization.k8s.io/v1",
  10.   ...
  11. }

Curl request

  1. $ curl -k \
  2.     -X POST \
  3.     -d @- \
  4.     -H "Authorization: Bearer $TOKEN" \
  5.     -H 'Accept: application/json' \
  6.     -H 'Content-Type: application/json' \
  7.     https://$ENDPOINT/apis/authorization.k8s.io/v1/selfsubjectaccessreviews <<'EOF'
  8. {
  9.   "kind": "SelfSubjectAccessReview",
  10.   "apiVersion": "authorization.k8s.io/v1",
  11.   ...
  12. }
  13. EOF

HTTP body

ParameterSchema

body

v1.SelfSubjectAccessReview

Query parameters

ParameterDescription

pretty

If ‘true’, then the output is pretty printed.

Responses

HTTP CodeSchema

200 OK

v1.SelfSubjectAccessReview

401 Unauthorized

Consumes

  • */*

Produces

  • application/json

  • application/yaml

  • application/vnd.kubernetes.protobuf