POST /oapi/v1/resourceaccessreviews HTTP/1.1
Authorization: Bearer $TOKEN
Accept: application/json
Connection: close
Content-Type: application/json'
{
"kind": "ResourceAccessReview",
"apiVersion": "v1",
...
}
- Documentation
- OKD
- REST API Reference
- /oapi/v1
- v1.ResourceAccessReview
You are viewing documentation for a release that is no longer maintained. To view the documentation for the most recent version, see the latest OKD docs.
- About
- What's New?
- Getting Started
- Architecture
- Container Security Guide
- Installing Clusters
- Upgrading Clusters
- Configuring Clusters
- Overview
- Setting up the Registry
- Setting up a Router
- Deploying Red Hat CloudForms
- Master and Node Configuration
- OpenShift Ansible Broker Configuration
- Adding Hosts to an Existing Cluster
- Loading the Default Image Streams and Templates
- Configuring Custom Certificates
- Redeploying Certificates
- Configuring Authentication and User Agent
- Syncing groups with LDAP
- Configuring LDAP failover
- Configuring the SDN
- Configuring Nuage SDN
- Configuring Kuryr SDN
- Configuring for AWS
- Configuring for Red Hat Virtualization
- Configuring for OpenStack
- Configuring for Google Compute Engine
- Configuring for Azure
- Configuring for VMWare vSphere
- Configuring Local Volumes
- Configuring Persistent Storage
- Overview
- Using NFS
- Using GlusterFS
- Using OpenStack Cinder
- Using Ceph RBD
- Using AWS Elastic Block Store
- Using GCE Persistent Disk
- Using iSCSI
- Using Fibre Channel
- Using Azure Disk
- Using Azure File
- Using FlexVolume
- Using VMware vSphere volumes for persistent storage
- Using Local Volume
- Using Container Storage Interface (CSI)
- Using OpenStack Manila shares
- Dynamic Provisioning and Creating Storage Classes
- Volume Security
- Selector-Label Volume Binding
- Enabling Controller-managed Attachment and Detachment
- Persistent Volume Snapshots
- Persistent Storage Examples
- Overview
- Sharing an NFS PV Across Two Pods
- Using Ceph RBD for Persistent Storage
- Using Ceph RBD for dynamic provisioning
- Complete Example Using GlusterFS
- Complete Example Using GlusterFS for Dynamic Provisioning
- Mounting Volumes To Privileged Pods
- Switching an Integrated OpenShift Container Registry to GlusterFS
- Binding Persistent Volumes by Label
- Using StorageClasses for Dynamic Provisioning
- Using StorageClasses for Existing Legacy Storage
- Configuring Azure Blob Storage for Integrated Docker Registry
- Configuring Ephemeral Storage
- Working with HTTP Proxies
- Configuring Global Build Defaults and Overrides
- Configuring Pipeline Execution
- Configuring Route Timeouts
- Configuring Native Container Routing
- Routing from Edge Load Balancers
- Aggregating Container Logs
- Aggregate Logging Sizing Guidelines
- Enabling Cluster Metrics
- Customizing the Web Console
- Deploying External Persistent Volume Provisioners
- Day Two Operations Guide
- Cluster Administration
- Overview
- Managing Nodes
- Restoring your cluster
- Replacing a master host
- Managing Users
- Managing Projects
- Managing Pods
- Managing Networking
- Configuring Service Accounts
- Managing Role-based Access Control
- Image Policy
- Image Signatures
- Scoped Tokens
- Monitoring Images
- Managing Security Context Constraints
- Scheduling
- Setting Quotas
- Setting Multi-Project Quotas
- Setting Limit Ranges
- Pruning objects
- Extending the Kubernetes API with Custom Resources
- Garbage Collection
- Allocating Node Resources
- Opaque Integer Resources
- Node Problem Detector
- Overcommitting
- Assigning Unique External IPs for Ingress Traffic
- Out of Resource Handling
- Monitoring and Debugging Routers
- High Availability
- IPtables
- Securing Builds by Strategy
- Restricting Application Capabilities Using Seccomp
- Sysctls
- Encrypting Data at Datastore Layer
- Encrypting traffic between nodes with IPsec
- Building Dependency Trees
- Replacing a failed etcd member
- Restoring etcd quorum
- Troubleshooting Networking
- Diagnostics Tool
- Idling Applications
- Analyzing Cluster Capacity
- Disabling Features using Feature Gates
- Kuryr SDN Administration
- Scaling and Performance Guide
- Overview
- Recommended Installation Practices
- Recommended Host Practices
- Optimizing Compute Resources
- Optimizing Persistent Storage
- Optimizing Ephemeral Storage
- Network Optimization
- Routing Optimization
- Scaling Cluster Metrics
- Cluster Limits
- Using Cluster Loader
- Using CPU Manager
- Managing Huge Pages
- Optimizing On GlusterFS Storage
- CLI Reference
- Developer Guide
- Overview
- Application Life Cycle Management
- Authentication
- Authorization
- Projects
- Migrating Applications
- Tutorials
- Builds
- Deployments
- Templates
- Opening a Remote Shell to Containers
- Service Accounts
- Managing Images
- Quotas and Limit Ranges
- Injecting Information into Pods Using Pod Presets
- Getting Traffic into a Cluster
- Routes
- Integrating External Services
- Using Device Manager
- Using Device Plug-ins
- Secrets
- ConfigMaps
- Downward API
- Projected Volumes
- Using Daemonsets
- Pod Autoscaling
- Managing Volumes
- Using Persistent Volumes
- Expanding Persistent Volumes
- Executing Remote Commands
- Copying Files
- Port Forwarding
- Shared Memory
- Application Health
- Events
- Managing Environment Variables
- Jobs
- OpenShift Pipeline
- Cron Jobs
- Create from URL
- Creating an object from a custom resource definition
- Application memory sizing
- Creating Images
- Using Images
- Ansible Playbook Bundle Development Guide
- REST API Reference
- Overview
- Examples
- /api/v1
- v1.APIResourceList
- v1.APIVersions
- v1.Binding
- v1.ComponentStatus
- v1.ConfigMap
- v1.Endpoints
- v1.Event
- v1.LimitRange
- v1.Namespace
- v1.Node
- v1.PersistentVolume
- v1.PersistentVolumeClaim
- v1.Pod
- v1.PodTemplate
- v1.ReplicationController
- v1.ResourceQuota
- v1.Secret
- v1.SecurityContextConstraints
- v1.Service
- v1.ServiceAccount
- /apis/v1
- /apis/apps/v1beta1
- /apis/autoscaling/v1
- /apis/batch/v1
- /apis/batch/v2alpha1
- /apis/extensions/v1beta1
- /apis/policy/v1beta1
- /apis/authentication.k8s.io/v1
- /apis/authentication.k8s.io/v1beta1
- /apis/authorization.k8s.io/v1
- /apis/authorization.k8s.io/v1beta1
- /apis/rbac.authorization.k8s.io/v1beta1
- /apis/certificates.k8s.io/v1beta1
- /apis/networking.k8s.io/v1
- /apis/storage.k8s.io/v1
- /apis/storage.k8s.io/v1beta1
- /apis/apps.openshift.io/v1
- /apis/authorization.openshift.io/v1
- /apis/build.openshift.io/v1
- /apis/image.openshift.io/v1
- /apis/network.openshift.io/v1
- /apis/oauth.openshift.io/v1
- /apis/project.openshift.io/v1
- /apis/quota.openshift.io/v1
- /apis/route.openshift.io/v1
- /apis/security.openshift.io/v1
- /apis/template.openshift.io/v1
- /apis/user.openshift.io/v1
- /oapi/v1
- v1.AppliedClusterResourceQuota
- v1.Build
- v1.BuildConfig
- v1.ClusterNetwork
- v1.ClusterResourceQuota
- v1.ClusterRole
- v1.ClusterRoleBinding
- v1.DeploymentConfig
- v1.DeploymentConfigRollback
- v1.EgressNetworkPolicy
- v1.Group
- v1.HostSubnet
- v1.Identity
- v1.Image
- v1.ImageSignature
- v1.ImageStream
- v1.ImageStreamImage
- v1.ImageStreamImport
- v1.ImageStreamMapping
- v1.ImageStreamTag
- v1.LocalResourceAccessReview
- v1.LocalSubjectAccessReview
- v1.NetNamespace
- v1.OAuthAccessToken
- v1.OAuthAuthorizeToken
- v1.OAuthClient
- v1.OAuthClientAuthorization
- v1.PodSecurityPolicyReview
- v1.PodSecurityPolicySelfSubjectReview
- v1.PodSecurityPolicySubjectReview
- v1.ProcessedTemplate
- v1.Project
- v1.ProjectRequest
- v1.ResourceAccessReview
- v1.Role
- v1.RoleBinding
- v1.RoleBindingRestriction
- v1.Route
- v1.SelfSubjectRulesReview
- v1.SubjectAccessReview
- v1.SubjectRulesReview
- v1.Template
- v1.User
- v1.UserIdentityMapping
×
v1.ResourceAccessReview
Description
ResourceAccessReview is a means to request a list of which users and groups are authorized to perform the action specified by spec
Object Schema
Expand or mouse-over a field for more information about it.
apiVersion:content:
Raw:isNonResourceURL:kind:namespace:path:resource:resourceAPIGroup:resourceAPIVersion:resourceName:verb:
Operations
Create a ResourceAccessReview
Create a ResourceAccessReview
HTTP request
Create a ResourceAccessReview in a namespace
Create a ResourceAccessReview
HTTP request
POST /oapi/v1/namespaces/$NAMESPACE/resourceaccessreviews HTTP/1.1
Authorization: Bearer $TOKEN
Accept: application/json
Connection: close
Content-Type: application/json'
{
"kind": "ResourceAccessReview",
"apiVersion": "v1",
...
}
Curl request
$ curl -k \
-X POST \
-d @- \
-H "Authorization: Bearer $TOKEN" \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
https://$ENDPOINT/oapi/v1/namespaces/$NAMESPACE/resourceaccessreviews <<'EOF'
{
"kind": "ResourceAccessReview",
"apiVersion": "v1",
...
}
EOF