AllowBootstrapTokensToPostCSRs creates RBAC rules in a way the makes Node Bootstrap Tokens able to post CSRs.

AutoApproveNodeBootstrapTokens creates RBAC rules in a way that makes Node Bootstrap Tokens' CSR auto-approved by the csrapprover controller.

AutoApproveNodeCertificateRotation creates RBAC rules in a way that makes Node certificate rotation CSR auto-approved by the csrapprover controller.

CreateNewTokens tries to create a token and fails if one with the same ID already exists.

UpdateOrCreateTokens attempts to update a token with the given ID, or create if it does not already exist.

CSRAutoApprovalClusterRoleName defines the name of the auto-bootstrapped ClusterRole for making the csrapprover controller auto-approve the CSR TODO: This value should be defined in an other, generic authz package instead of here Starting from v1.8, CSRAutoApprovalClusterRoleName is automatically created by the API server on startup.

NodeAutoApproveBootstrapClusterRoleBinding defines the name of the ClusterRoleBinding that makes the csrapprover approve node CSRs.

NodeAutoApproveCertificateRotationClusterRoleBinding defines name of the ClusterRoleBinding that makes the csrapprover approve node auto rotated CSRs.

NodeBootstrapperClusterRoleName defines the name of the auto-bootstrapped ClusterRole for letting someone post a CSR TODO: This value should be defined in an other, generic authz package instead of here.

NodeKubeletBootstrap defines the name of the ClusterRoleBinding that lets kubelets post CSRs.

NodeSelfCSRAutoApprovalClusterRoleName is a role defined in default 1.8 RBAC policies for automatic CSR approvals for automatically rotated node certificates.