×

Description

SubjectAccessReview checks whether or not a user or group can perform an action.

Object Schema

Expand or mouse-over a field for more information about it.

apiVersion:
kind:
metadata:
annotations:
[string]:
clusterName:
creationTimestamp:
deletionGracePeriodSeconds:
deletionTimestamp:
finalizers:
- [string]:
generateName:
generation:
initializers:
pending:
- name:
result:
apiVersion:
code:
details:
causes:
- field:
message:
reason:
group:
kind:
name:
retryAfterSeconds:
uid:
kind:
message:
metadata:
resourceVersion:
selfLink:
reason:
status:
labels:
[string]:
name:
namespace:
ownerReferences:
- apiVersion:
blockOwnerDeletion:
controller:
kind:
name:
uid:
resourceVersion:
selfLink:
uid:
spec:
extra:
[string]:
group:
- [string]:
nonResourceAttributes:
path:
verb:
resourceAttributes:
group:
name:
namespace:
resource:
subresource:
verb:
version:
user:
status:
allowed:
evaluationError:
reason:

Operations

Create a SubjectAccessReview

Create a SubjectAccessReview

HTTP request

POST /apis/authorization.k8s.io/v1beta1/subjectaccessreviews HTTP/1.1
Authorization: Bearer $TOKEN
Accept: application/json
Connection: close
Content-Type: application/json'

{
  "kind": "SubjectAccessReview",
  "apiVersion": "authorization.k8s.io/v1beta1",
  ...
}

Curl request

$ curl -k \
    -X POST \
    -d @- \
    -H "Authorization: Bearer $TOKEN" \
    -H 'Accept: application/json' \
    -H 'Content-Type: application/json' \
    https://$ENDPOINT/apis/authorization.k8s.io/v1beta1/subjectaccessreviews <<'EOF'
{
  "kind": "SubjectAccessReview",
  "apiVersion": "authorization.k8s.io/v1beta1",
  ...
}
EOF

HTTP body

Parameter Schema

body

v1beta1.SubjectAccessReview

Query parameters

Parameter Description

pretty

If 'true', then the output is pretty printed.

Responses

HTTP Code Schema

200 OK

v1beta1.SubjectAccessReview

401 Unauthorized

Consumes

  • */*

Produces

  • application/json

  • application/yaml

  • application/vnd.kubernetes.protobuf