You are viewing documentation for Kubernetes version: v1.23
Kubernetes v1.23 documentation is no longer actively maintained. The version you are currently viewing is a static snapshot. For up-to-date documentation, see the latest version.
LocalSubjectAccessReview
apiVersion: authorization.k8s.io/v1
import "k8s.io/api/authorization/v1"
LocalSubjectAccessReview
LocalSubjectAccessReview checks whether or not a user or group can perform an action in a given namespace. Having a namespace scoped resource makes it much easier to grant namespace scoped policy that includes permissions checking.
-
apiVersion: authorization.k8s.io/v1
-
kind: LocalSubjectAccessReview
-
metadata (ObjectMeta)
Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
-
spec (SubjectAccessReviewSpec), required
Spec holds information about the request being evaluated. spec.namespace must be equal to the namespace you made the request against. If empty, it is defaulted.
-
status (SubjectAccessReviewStatus)
Status is filled in by the server and indicates whether the request is allowed or not
Operations
create
create a LocalSubjectAccessReview
HTTP Request
POST /apis/authorization.k8s.io/v1/namespaces/{namespace}/localsubjectaccessreviews
Parameters
-
namespace (in path): string, required
-
body: LocalSubjectAccessReview, required
-
dryRun (in query): string
-
fieldManager (in query): string
-
fieldValidation (in query): string
-
pretty (in query): string
Response
200 (LocalSubjectAccessReview): OK
201 (LocalSubjectAccessReview): Created
202 (LocalSubjectAccessReview): Accepted
401: Unauthorized