Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

support what-can-i-do in kubernetes #47834

Closed
xilabao opened this issue Jun 21, 2017 · 4 comments · Fixed by #48051
Closed

support what-can-i-do in kubernetes #47834

xilabao opened this issue Jun 21, 2017 · 4 comments · Fixed by #48051
Labels
sig/auth Categorizes an issue or PR as relevant to SIG Auth.

Comments

@xilabao
Copy link
Contributor

xilabao commented Jun 21, 2017

Currently if people only have permission to get several named resources. they can't use kubectl get <resource> to get the list. If we can support what-can-i-do, it will be very helpful.
I saw it in openshift (openshift/origin#8675). Could we add this to kubernetes? @deads2k @liggitt
@k8s-github-robot k8s-github-robot added the needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. label Jun 21, 2017
@xilabao
Copy link
Contributor Author

xilabao commented Jun 21, 2017

/sig auth

@k8s-ci-robot k8s-ci-robot added the sig/auth Categorizes an issue or PR as relevant to SIG Auth. label Jun 21, 2017
@k8s-github-robot k8s-github-robot removed the needs-sig Indicates an issue or PR lacks a `sig/foo` label and requires one. label Jun 21, 2017
@deads2k
Copy link
Contributor

deads2k commented Jun 21, 2017

It requires a new API and it would only work for some authorizers (RBAC would work). I'm in favor of doing it.

@xilabao xilabao mentioned this issue Jun 26, 2017
Merged
@mikedanese
Copy link
Member

mikedanese commented Jun 27, 2017
edited by bgrant0607
Loading

I feel like this is a dup of an older issue but I can't find it. cc @kubernetes/sig-auth-feature-requests

@kubernetes kubernetes deleted a comment from k8s-github-robot Jun 27, 2017
@bgrant0607
Copy link
Member

Dupe of #31292

k8s-github-robot pushed a commit that referenced this issue Sep 2, 2017
Merge pull request #48051 from xilabao/add-selfsubjectrulesreview-api
c84b313 
Automatic merge from submit-queue (batch tested with PRs 45724, 48051, 46444, 51056, 51605)

Add selfsubjectrulesreview in authorization

**What this PR does / why we need it**:

**Which issue this PR fixes**: fixes #47834 #31292

**Special notes for your reviewer**:

**Release note**:

```release-note
Add selfsubjectrulesreview API for allowing users to query which permissions they have in a given namespace.
```
/cc @deads2k @liggitt
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
sig/auth Categorizes an issue or PR as relevant to SIG Auth.
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add selfsubjectrulesreview in authorization xilabao/kubernetes
7 participants
@liggitt @mikedanese @bgrant0607 @deads2k @k8s-github-robot @k8s-ci-robot @xilabao