webhook

Commit Graph

Author	SHA1	Message	Date
Michael Bolot	9c124a4e10	Adding docs generation and example docs files Adds logic to auto-generate a documentation directory and provides two docs files	2023-06-06 13:48:54 -05:00
Dan Ramich	3d719a033a	Add validation for rancher rbac objects Problem: Adding the role restricted-admin in rancher requires validation of objects through diferent means to validate the user doing the action Solution: Add webhook validation to GRBs PRTBs and CRTBs. GRBs: Validation is done to ensure the GRB being created by the user will not cause escalated privileges so the user creating the GRB must have at minimum the permissions they are attempting to grant through the GRB PRTBs and CRTBs: The same check is done for both. First validation is only done on the local cluster. Then a subject access review is done for the requester checking that they have '**' access in the local cluster.	2020-09-25 11:31:29 -06:00

Author

SHA1

Message

Date

Michael Bolot

9c124a4e10

Adding docs generation and example docs files

Adds logic to auto-generate a documentation directory and provides two
docs files

2023-06-06 13:48:54 -05:00

Dan Ramich

3d719a033a

Add validation for rancher rbac objects

Problem:
Adding the role restricted-admin in rancher requires validation of
objects through diferent means to validate the user doing the action

Solution:
Add webhook validation to GRBs PRTBs and CRTBs.
GRBs: Validation is done to ensure the GRB being created by the user will
not cause escalated privileges so the user creating the GRB must have at
minimum the permissions they are attempting to grant through the GRB

PRTBs and CRTBs: The same check is done for both. First validation is
only done on the local cluster. Then a subject access review is done for
the requester checking that they have '**' access in the local cluster.

2020-09-25 11:31:29 -06:00

2 Commits