Module rbac/v1

Resources

Resources

Resource ClusterRole

class ClusterRole extends CustomResource

ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding or ClusterRoleBinding.

constructor

new ClusterRole(name: string, args?: inputs.rbac.v1.ClusterRole, opts?: pulumi.CustomResourceOptions)

Create a rbac.v1.ClusterRole resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, opts?: pulumi.CustomResourceOptions): ClusterRole

Get the state of an existing ClusterRole resource, as identified by id. The ID is of the form [namespace]/&lt;name&gt;; if namespace is omitted, then (per Kubernetes convention) the ID becomes default/&lt;name&gt;.

Pulumi will keep track of this resource using name as the Pulumi ID.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of ClusterRole. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property aggregationRule

public aggregationRule: pulumi.Output<outputs.rbac.v1.AggregationRule>;

AggregationRule is an optional field that describes how to build the Rules for this ClusterRole. If AggregationRule is set, then the Rules are controller managed and direct changes to Rules will be stomped by the controller.

property apiVersion

public apiVersion: pulumi.Output<"rbac.authorization.k8s.io/v1">;

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property kind

public kind: pulumi.Output<"ClusterRole">;

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

public metadata: pulumi.Output<outputs.meta.v1.ObjectMeta>;

Standard object’s metadata.

property rules

public rules: pulumi.Output<outputs.rbac.v1.PolicyRule[]>;

Rules holds all the PolicyRules for this ClusterRole

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource ClusterRoleBinding

class ClusterRoleBinding extends CustomResource

ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a ClusterRole in the global namespace, and adds who information via Subject.

constructor

new ClusterRoleBinding(name: string, args?: inputs.rbac.v1.ClusterRoleBinding, opts?: pulumi.CustomResourceOptions)

Create a rbac.v1.ClusterRoleBinding resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, opts?: pulumi.CustomResourceOptions): ClusterRoleBinding

Get the state of an existing ClusterRoleBinding resource, as identified by id. The ID is of the form [namespace]/&lt;name&gt;; if namespace is omitted, then (per Kubernetes convention) the ID becomes default/&lt;name&gt;.

Pulumi will keep track of this resource using name as the Pulumi ID.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of ClusterRoleBinding. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property apiVersion

public apiVersion: pulumi.Output<"rbac.authorization.k8s.io/v1">;

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property kind

public kind: pulumi.Output<"ClusterRoleBinding">;

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

public metadata: pulumi.Output<outputs.meta.v1.ObjectMeta>;

Standard object’s metadata.

property roleRef

public roleRef: pulumi.Output<outputs.rbac.v1.RoleRef>;

RoleRef can only reference a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.

property subjects

public subjects: pulumi.Output<outputs.rbac.v1.Subject[]>;

Subjects holds references to the objects the role applies to.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource ClusterRoleBindingList

class ClusterRoleBindingList extends CustomResource

ClusterRoleBindingList is a collection of ClusterRoleBindings

constructor

new ClusterRoleBindingList(name: string, args?: inputs.rbac.v1.ClusterRoleBindingList, opts?: pulumi.CustomResourceOptions)

Create a rbac.v1.ClusterRoleBindingList resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, opts?: pulumi.CustomResourceOptions): ClusterRoleBindingList

Get the state of an existing ClusterRoleBindingList resource, as identified by id. The ID is of the form [namespace]/&lt;name&gt;; if namespace is omitted, then (per Kubernetes convention) the ID becomes default/&lt;name&gt;.

Pulumi will keep track of this resource using name as the Pulumi ID.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of ClusterRoleBindingList. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property apiVersion

public apiVersion: pulumi.Output<"rbac.authorization.k8s.io/v1">;

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property items

public items: pulumi.Output<outputs.rbac.v1.ClusterRoleBinding[]>;

Items is a list of ClusterRoleBindings

property kind

public kind: pulumi.Output<"ClusterRoleBindingList">;

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

public metadata: pulumi.Output<outputs.meta.v1.ListMeta>;

Standard object’s metadata.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource ClusterRoleList

class ClusterRoleList extends CustomResource

ClusterRoleList is a collection of ClusterRoles

constructor

new ClusterRoleList(name: string, args?: inputs.rbac.v1.ClusterRoleList, opts?: pulumi.CustomResourceOptions)

Create a rbac.v1.ClusterRoleList resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, opts?: pulumi.CustomResourceOptions): ClusterRoleList

Get the state of an existing ClusterRoleList resource, as identified by id. The ID is of the form [namespace]/&lt;name&gt;; if namespace is omitted, then (per Kubernetes convention) the ID becomes default/&lt;name&gt;.

Pulumi will keep track of this resource using name as the Pulumi ID.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of ClusterRoleList. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property apiVersion

public apiVersion: pulumi.Output<"rbac.authorization.k8s.io/v1">;

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property items

public items: pulumi.Output<outputs.rbac.v1.ClusterRole[]>;

Items is a list of ClusterRoles

property kind

public kind: pulumi.Output<"ClusterRoleList">;

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

public metadata: pulumi.Output<outputs.meta.v1.ListMeta>;

Standard object’s metadata.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Role

class Role extends CustomResource

Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a RoleBinding.

constructor

new Role(name: string, args?: inputs.rbac.v1.Role, opts?: pulumi.CustomResourceOptions)

Create a rbac.v1.Role resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, opts?: pulumi.CustomResourceOptions): Role

Get the state of an existing Role resource, as identified by id. The ID is of the form [namespace]/&lt;name&gt;; if namespace is omitted, then (per Kubernetes convention) the ID becomes default/&lt;name&gt;.

Pulumi will keep track of this resource using name as the Pulumi ID.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of Role. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property apiVersion

public apiVersion: pulumi.Output<"rbac.authorization.k8s.io/v1">;

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property kind

public kind: pulumi.Output<"Role">;

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

public metadata: pulumi.Output<outputs.meta.v1.ObjectMeta>;

Standard object’s metadata.

property rules

public rules: pulumi.Output<outputs.rbac.v1.PolicyRule[]>;

Rules holds all the PolicyRules for this Role

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource RoleBinding

class RoleBinding extends CustomResource

RoleBinding references a role, but does not contain it. It can reference a Role in the same namespace or a ClusterRole in the global namespace. It adds who information via Subjects and namespace information by which namespace it exists in. RoleBindings in a given namespace only have effect in that namespace.

constructor

new RoleBinding(name: string, args?: inputs.rbac.v1.RoleBinding, opts?: pulumi.CustomResourceOptions)

Create a rbac.v1.RoleBinding resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, opts?: pulumi.CustomResourceOptions): RoleBinding

Get the state of an existing RoleBinding resource, as identified by id. The ID is of the form [namespace]/&lt;name&gt;; if namespace is omitted, then (per Kubernetes convention) the ID becomes default/&lt;name&gt;.

Pulumi will keep track of this resource using name as the Pulumi ID.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of RoleBinding. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property apiVersion

public apiVersion: pulumi.Output<"rbac.authorization.k8s.io/v1">;

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property kind

public kind: pulumi.Output<"RoleBinding">;

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

public metadata: pulumi.Output<outputs.meta.v1.ObjectMeta>;

Standard object’s metadata.

property roleRef

public roleRef: pulumi.Output<outputs.rbac.v1.RoleRef>;

RoleRef can reference a Role in the current namespace or a ClusterRole in the global namespace. If the RoleRef cannot be resolved, the Authorizer must return an error.

property subjects

public subjects: pulumi.Output<outputs.rbac.v1.Subject[]>;

Subjects holds references to the objects the role applies to.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource RoleBindingList

class RoleBindingList extends CustomResource

RoleBindingList is a collection of RoleBindings

constructor

new RoleBindingList(name: string, args?: inputs.rbac.v1.RoleBindingList, opts?: pulumi.CustomResourceOptions)

Create a rbac.v1.RoleBindingList resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, opts?: pulumi.CustomResourceOptions): RoleBindingList

Get the state of an existing RoleBindingList resource, as identified by id. The ID is of the form [namespace]/&lt;name&gt;; if namespace is omitted, then (per Kubernetes convention) the ID becomes default/&lt;name&gt;.

Pulumi will keep track of this resource using name as the Pulumi ID.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of RoleBindingList. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property apiVersion

public apiVersion: pulumi.Output<"rbac.authorization.k8s.io/v1">;

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property items

public items: pulumi.Output<outputs.rbac.v1.RoleBinding[]>;

Items is a list of RoleBindings

property kind

public kind: pulumi.Output<"RoleBindingList">;

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

public metadata: pulumi.Output<outputs.meta.v1.ListMeta>;

Standard object’s metadata.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource RoleList

class RoleList extends CustomResource

RoleList is a collection of Roles

constructor

new RoleList(name: string, args?: inputs.rbac.v1.RoleList, opts?: pulumi.CustomResourceOptions)

Create a rbac.v1.RoleList resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, opts?: pulumi.CustomResourceOptions): RoleList

Get the state of an existing RoleList resource, as identified by id. The ID is of the form [namespace]/&lt;name&gt;; if namespace is omitted, then (per Kubernetes convention) the ID becomes default/&lt;name&gt;.

Pulumi will keep track of this resource using name as the Pulumi ID.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of RoleList. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property apiVersion

public apiVersion: pulumi.Output<"rbac.authorization.k8s.io/v1">;

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property items

public items: pulumi.Output<outputs.rbac.v1.Role[]>;

Items is a list of Roles

property kind

public kind: pulumi.Output<"RoleList">;

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

property metadata

public metadata: pulumi.Output<outputs.meta.v1.ListMeta>;

Standard object’s metadata.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.