MCPcopy
hub / github.com/kubernetes/kops / Subject

Interface Subject

pkg/model/iam/subject.go:30–37  ·  view source on GitHub ↗

Subject represents an IAM identity, to which permissions are granted. It is implemented by NodeRole objects and per-ServiceAccount objects.

Source from the content-addressed store, hash-verified

28// Subject represents an IAM identity, to which permissions are granted.
29// It is implemented by NodeRole objects and per-ServiceAccount objects.
30type Subject interface {
31 // BuildAWSPolicy builds the AWS permissions for the given subject.
32 BuildAWSPolicy(*PolicyBuilder) (*Policy, error)
33
34 // ServiceAccount returns the kubernetes service account used by pods with this specified role.
35 // For node roles, it returns an empty NamespacedName and false.
36 ServiceAccount() (types.NamespacedName, bool)
37}
38
39// NodeRoleMaster represents the role of control-plane nodes, and implements Subject.
40type NodeRoleMaster struct{}

Callers 8

BuildAWSPolicyMethod · 0.65
OpenMethod · 0.65
BuildMethod · 0.65
buildIAMRoleMethod · 0.65
roleKeyMethod · 0.65
buildAWSIAMRolePolicyMethod · 0.65
GetACLMethod · 0.65

Implementers 15

ServiceAccountpkg/model/components/addonmanifests/ex
ServiceAccountpkg/model/components/addonmanifests/aw
ServiceAccountpkg/model/components/addonmanifests/ku
ServiceAccountpkg/model/components/addonmanifests/no
ServiceAccountpkg/model/components/addonmanifests/aw
ServiceAccountpkg/model/components/addonmanifests/ce
ServiceAccountpkg/model/components/addonmanifests/ka
ServiceAccountpkg/model/components/addonmanifests/cl
ServiceAccountpkg/model/components/addonmanifests/dn
ServiceAccountpkg/model/components/addonmanifests/aw
NodeRoleMasterpkg/model/iam/subject.go
NodeRoleAPIServerpkg/model/iam/subject.go

Calls

no outgoing calls

Tested by

no test coverage detected