SubjectAccessReview

SubjectAccessReview checks whether or not a user or group can perform an action.

Schema URL

https://raw.githubusercontent.com/nlamirault/schema-hub/main/schemas/authorization.api.k8s.io/SubjectAccessReview_v1.json

▶ Usage examples

VS Code / yaml-language-server

# yaml-language-server: $schema=https://raw.githubusercontent.com/nlamirault/schema-hub/main/schemas/authorization.api.k8s.io/SubjectAccessReview_v1.json

kubeconform

kubeconform -schema-location 'https://raw.githubusercontent.com/nlamirault/schema-hub/main/schemas/{{ .Group }}/{{ .ResourceKind }}_{{ .ResourceAPIVersion }}.json' manifest.yaml

Resource Structure

apiVersionstring

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

kindstring

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

metadataobject

Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

specobjectRequired

Spec holds information about the request being evaluated

statusobject

Status is filled in by the server and indicates whether the request is allowed or not