apiVersion: authorization.k8s.io/v1
import "k8s.io/api/authorization/v1"
LocalSubjectAccessReview checks whether or not a user or group can perform an action in a given namespace. Having a namespace scoped resource makes it much easier to grant namespace scoped policy that includes permissions checking.
apiVersion: authorization.k8s.io/v1
kind: LocalSubjectAccessReview
metadata (ObjectMeta)
Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
spec (SubjectAccessReviewSpec), required
Spec holds information about the request being evaluated. spec.namespace must be equal to the namespace you made the request against. If empty, it is defaulted.
status (SubjectAccessReviewStatus)
Status is filled in by the server and indicates whether the request is allowed or not
© 2022 The Kubernetes Authors | Documentation Distributed under CC BY 4.0
Copyright © 2022 The Linux Foundation ®. All rights reserved.
https://kubernetes.io/docs/reference/kubernetes-api/authorization-resources/local-subject-access-review-v1/