kubernetes
/
apiserver
mirror of https://github.com/kubernetes/apiserver.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
726 Commits 29 Branches 1,436 Tags 31 MiB
Commit Graph

3 Commits

Author SHA1 Message Date
Eric Chiang 1fa829c7c8 Audit policy v1beta1 now supports matching subresources and resource names. 
policy:
	- level: Metadata
	  resources:
	  - group: ""
	    resources ["pods/logs"]
	- level: None
	  resources:
	  - group: ""
	    resources: ["configmaps"]
	    resourceNames: ["controller-leader"]

The top level resource no longer matches the subresource. For example "pods"
no longer matches requests to the logs subresource on pods.

```release-note
Audit policy supports matching subresources and resource names, but the top level resource no longer matches the subresouce. For example "pods" no longer matches requests to the logs subresource of pods. Use "pods/logs" to match subresources.
```

Kubernetes-commit: 85491f1578b9b97751a332d3b957d874cecf27b3
 2017-09-01 16:38:01 +00:00
Cao Shufeng 0ce81fed2f add validate for advanced audit policy 
This change checks group name and non-resrouce URLs format for audit
policy.

Kubernetes-commit: 7437b88386665ff4a16fe37d02818285636ec8ce
 2017-07-04 08:39:44 +00:00
Tim St. Clair 8ff532a4cb Implement audit policy logic 
Kubernetes-commit: a5de309ee261aea15bb1cc12647b32640c2ac196
 2017-06-13 20:47:28 +00:00