Repositories
v1v

kubernetes/authentication-resources

v1
Published by: Kubernetes1Updated

Kubernetes v1 authentication resources provide mechanisms for verifying identities within the cluster. These include ServiceAccounts, TokenRequests, TokenReviews, and CertificateSigningRequests, forming a robust system for secure access control in Kubernetes clusters.

v1
|

Authentication

Add API authentication details

HEADERS
X-APIKEY
string
Send X-APIKEY in Header

Readme

User instructions for this resource

The TokenReview template is designed to create a request for validating a token in Kubernetes. It uses a combination of facets and variables to allow for flexible configurations.

Variables

  • __TRV_ID__: This global variable represents the identifier for the TokenReview, used to access specific fields in the request values.

Collection Breakdown

  1. Base
{
    "kind": "TokenReview",
    "facets": ["master"],
    "metadata": "{{ __TRV_ID__.metadata }}",
    "apiVersion": "authentication.k8s.io/v1"
}

This section is always included (due to the master facet). It sets the kind, apiVersion, and metadata for the TokenReview resource.

  1. Token Specification
{
    "spec": {
        "token": "{{ __TRV_ID__.spec.token }}"
    },
    "facets": ["addon:spec"]
}

This section specifies the token to be reviewed. It's part of the core spec and is included when the addon:spec facet is used.

  1. Audiences
{
    "spec": {
        "audiences": "{{ __TRV_ID__.spec.audiences }}"
    },
    "facets": ["addon:spec", "addon:audiences"]
}

This optional section allows specification of the expected audiences for the token.

Design Decisions

  1. Modularity: The template is divided into multiple sections with separate facets, allowing users to include only the necessary parts of a TokenReview definition.

  2. Flexibility: The use of facets allows for optional inclusion of various TokenReview features, making the template suitable for both simple and complex token review configurations.

  3. Security Focus: The template is centered around the token, which is the core element of the review process.

  4. Audience Specification: The template allows for specifying audiences, which can be crucial for validating tokens intended for specific services.

  5. Simplicity: The template is kept relatively simple, reflecting the focused nature of the TokenReview resource.

Examples

Check Request Body tab section to play around with interactive examples.

Install(Example)

The Curl tab in the request section below provides the curl command for your resource.

curl -s -X POST "https://configfacets.com/apis/repos/kubernetes/authentication-resources/v1/resources/collections/tokenreview/exec?format=json" -d '{"facets":["master","addon:spec"],"values":{"basic_trv":{"spec":{"token":"eyJhbGciOiJSUzI1NiIsImtpZCI6IiJ9..."},"metadata":{"name":"example-token-review"}}},"globalvars":{"__TRV_ID__":"basic_trv"}}' | kubectl apply -f -

Collection API

POST/apis/repos/kubernetes/authentication-resources/v1/resources/collections/tokenreview/exec
REQUEST
QUERY-STRING PARAMETERS
format
string
No sources available.
API Server https://configfacets.com
API Key
Not set
RESPONSES
No content available.