Subject

Subject matches the originator of a request, as identified by the request authentication system. There are three ways of matching an originator; by user, group, or service account.

Schema URL

https://raw.githubusercontent.com/nlamirault/schema-hub/main/schemas/flowcontrol.api.k8s.io/Subject_v1.json

▶ Usage examples

VS Code / yaml-language-server

# yaml-language-server: $schema=https://raw.githubusercontent.com/nlamirault/schema-hub/main/schemas/flowcontrol.api.k8s.io/Subject_v1.json

kubeconform

kubeconform -schema-location 'https://raw.githubusercontent.com/nlamirault/schema-hub/main/schemas/{{ .Group }}/{{ .ResourceKind }}_{{ .ResourceAPIVersion }}.json' manifest.yaml

Resource Structure

groupobject

`group` matches based on user group name.

kindstringRequired

`kind` indicates which one of the other fields is non-empty. Required

serviceAccountobject

`serviceAccount` matches ServiceAccounts.

userobject

`user` matches based on username.