LocalSubjectAccessReview

LocalSubjectAccessReview checks whether or not a user or group can perform an action in a given namespace. Having a namespace scoped resource makes it much easier to grant namespace scoped policy that includes permissions checking.

• apiVersion: authorization.k8s.io/v1

• kind: LocalSubjectAccessReview

• metadata ()

  Standard list metadata. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata

• spec (), required

• status (SubjectAccessReviewStatus)

  Status is filled in by the server and indicates whether the request is allowed or not

Operations

HTTP Request

POST /apis/authorization.k8s.io/v1/namespaces/{namespace}/localsubjectaccessreviews

Parameters

• body: , required

• dryRun (in query): string

  dryRun

• fieldValidation (in query): string

  fieldValidation

• pretty (in query): string

Response

200 (): OK

201 (LocalSubjectAccessReview): Created

202 (): Accepted