Created
December 19, 2023 21:08
-
-
Save thoraxe/46e007547f022a03172e2d979186a8af to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| from dotenv import load_dotenv | |
| load_dotenv() | |
| import kubernetes.client | |
| import kubernetes.utils | |
| configuration = kubernetes.client.Configuration() | |
| # Configure API key authorization: BearerToken | |
| configuration.api_key['authorization'] = os.getenv("K8S_TOKEN") | |
| # Uncomment below to setup prefix (e.g. Bearer) for API key, if needed | |
| configuration.api_key_prefix['authorization'] = 'Bearer' | |
| # Defining host is optional and default to http://localhost | |
| configuration.host = os.getenv("K8S_CLUSTER_API") | |
| # cluster is using a self-signed cert -- would need to inject CA information | |
| configuration.verify_ssl = False | |
| k8s_client = kubernetes.client.ApiClient(configuration) | |
| jsonstr = '{"apiVersion":"authorization.k8s.io/v1","kind":"SelfSubjectAccessReview","spec":{"nonResourceAttributes":{"path":"/ols","verb":"get"}}}' | |
| import json | |
| jd = json.loads(jsonstr) | |
| response = kubernetes.utils.create_from_dict(k8s_client, jd) | |
| if response[0].status.allowed: | |
| print("you are authorized") | |
| else: | |
| print("you're not authorized") |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment