@@ -214,7 +214,8 @@ func (s *APIServer) AddFlags(fs *pflag.FlagSet) {
fs.BoolVar(&s.ServiceAccountLookup,"service-account-lookup",s.ServiceAccountLookup,"If true, validate ServiceAccount tokens exist in etcd as part of authentication.")
fs.StringVar(&s.KeystoneURL,"experimental-keystone-url",s.KeystoneURL,"If passed, activates the keystone authentication plugin")
fs.StringVar(&s.AuthorizationMode,"authorization-mode",s.AuthorizationMode,"Ordered list of plug-ins to do authorization on secure port. Comma-delimited list of: "+strings.Join(apiserver.AuthorizationModeChoices,","))
fs.StringVar(&s.AuthorizationPolicyFile,"authorization-policy-file",s.AuthorizationPolicyFile,"File with authorization policy in csv format, used with --authorization-mode=ABAC, on the secure port.")
fs.StringVar(&s.AuthorizationConfig.PolicyFile,"authorization-policy-file",s.AuthorizationConfig.PolicyFile,"File with authorization policy in csv format, used with --authorization-mode=ABAC, on the secure port.")
fs.StringVar(&s.AuthorizationConfig.WebhookConfigFile,"authorization-webhook-config-file",s.AuthorizationConfig.WebhookConfigFile,"File with webhook configuration in kubeconfig format, used with --authorization-mode=Webhook. The API server will query the remote service to determine access on the API server's secure port.")
fs.StringVar(&s.AdmissionControl,"admission-control",s.AdmissionControl,"Ordered list of plug-ins to do admission control of resources into cluster. Comma-delimited list of: "+strings.Join(admission.GetPlugins(),", "))
fs.StringVar(&s.AdmissionControlConfigFile,"admission-control-config-file",s.AdmissionControlConfigFile,"File with admission control configuration.")
fs.StringSliceVar(&s.EtcdServerList,"etcd-servers",s.EtcdServerList,"List of etcd servers to watch (http://ip:port), comma separated. Mutually exclusive with -etcd-config")