support impersonation
grosser opened this issue · 2 comments
grosser commented
set these headers from reading kubectl config or from user-passed config:
"Impersonate-User": "<as>",
"Impersonate-Group": "<as-groups.join>",
"Impersonate-Extra-Reason": "<as-user-extra.reason.join>"
as-groups and as-user-extra.reason being arrays
did that locally and it works, it's just clumsy so having the config parser automatically do that and the auth_options support it would be nice
I can make a PR if this sounds sane :)
cben commented
First time I'm hearing about it, so don't have much to say. Go ahead :)
ref: https://kubernetes.io/docs/reference/access-authn-authz/authentication/#user-impersonation
Is there documentation on where it lives in kubeconfig? All I see in that doc are kubectl has --as and --as-group flags.