Subject represents an IAM identity, to which permissions are granted. It is implemented by NodeRole objects and per-ServiceAccount objects.
| 28 | // Subject represents an IAM identity, to which permissions are granted. |
| 29 | // It is implemented by NodeRole objects and per-ServiceAccount objects. |
| 30 | type Subject interface { |
| 31 | // BuildAWSPolicy builds the AWS permissions for the given subject. |
| 32 | BuildAWSPolicy(*PolicyBuilder) (*Policy, error) |
| 33 | |
| 34 | // ServiceAccount returns the kubernetes service account used by pods with this specified role. |
| 35 | // For node roles, it returns an empty NamespacedName and false. |
| 36 | ServiceAccount() (types.NamespacedName, bool) |
| 37 | } |
| 38 | |
| 39 | // NodeRoleMaster represents the role of control-plane nodes, and implements Subject. |
| 40 | type NodeRoleMaster struct{} |
no outgoing calls
no test coverage detected