Skip to content

Instantly share code, notes, and snippets.

@thoraxe
Created December 19, 2023 21:08
Show Gist options
  • Save thoraxe/46e007547f022a03172e2d979186a8af to your computer and use it in GitHub Desktop.
Save thoraxe/46e007547f022a03172e2d979186a8af to your computer and use it in GitHub Desktop.
import os
from dotenv import load_dotenv
load_dotenv()
import kubernetes.client
import kubernetes.utils
configuration = kubernetes.client.Configuration()
# Configure API key authorization: BearerToken
configuration.api_key['authorization'] = os.getenv("K8S_TOKEN")
# Uncomment below to setup prefix (e.g. Bearer) for API key, if needed
configuration.api_key_prefix['authorization'] = 'Bearer'
# Defining host is optional and default to http://localhost
configuration.host = os.getenv("K8S_CLUSTER_API")
# cluster is using a self-signed cert -- would need to inject CA information
configuration.verify_ssl = False
k8s_client = kubernetes.client.ApiClient(configuration)
jsonstr = '{"apiVersion":"authorization.k8s.io/v1","kind":"SelfSubjectAccessReview","spec":{"nonResourceAttributes":{"path":"/ols","verb":"get"}}}'
import json
jd = json.loads(jsonstr)
response = kubernetes.utils.create_from_dict(k8s_client, jd)
if response[0].status.allowed:
print("you are authorized")
else:
print("you're not authorized")
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment