-
Notifications
You must be signed in to change notification settings - Fork 217
/
accesscontextmanager_v1alpha1_accesscontextmanagergcpuseraccessbinding.yaml
181 lines (180 loc) · 7.56 KB
/
accesscontextmanager_v1alpha1_accesscontextmanagergcpuseraccessbinding.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
# Copyright 2020 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
cnrm.cloud.google.com/version: 1.110.0
creationTimestamp: null
labels:
cnrm.cloud.google.com/managed-by-kcc: "true"
cnrm.cloud.google.com/stability-level: alpha
cnrm.cloud.google.com/system: "true"
cnrm.cloud.google.com/tf2crd: "true"
name: accesscontextmanagergcpuseraccessbindings.accesscontextmanager.cnrm.cloud.google.com
spec:
group: accesscontextmanager.cnrm.cloud.google.com
names:
categories:
- gcp
kind: AccessContextManagerGCPUserAccessBinding
plural: accesscontextmanagergcpuseraccessbindings
shortNames:
- gcpaccesscontextmanagergcpuseraccessbinding
- gcpaccesscontextmanagergcpuseraccessbindings
singular: accesscontextmanagergcpuseraccessbinding
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: Age
type: date
- description: When 'True', the most recent reconcile of the resource succeeded
jsonPath: .status.conditions[?(@.type=='Ready')].status
name: Ready
type: string
- description: The reason for the value in 'Ready'
jsonPath: .status.conditions[?(@.type=='Ready')].reason
name: Status
type: string
- description: The last transition time for the value in 'Status'
jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime
name: Status Age
type: date
name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
description: 'apiVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
type: string
kind:
description: 'kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
properties:
accessLevels:
description: 'Required. Access level that a user must have to be granted
access. Only one access level is supported, not multiple. This repeated
field must have exactly one element. Example: "accessPolicies/9522/accessLevels/device_trusted".'
items:
type: string
type: array
groupKey:
description: 'Immutable. Required. Immutable. Google Group id whose
members are subject to this binding''s restrictions. See "id" in
the G Suite Directory API''s Groups resource. If a group''s email
address/alias is changed, this resource will continue to point at
the changed group. This field does not accept group email addresses
or aliases. Example: "01d520gv4vjcrht".'
type: string
organizationRef:
description: The organization that this resource belongs to.
oneOf:
- not:
required:
- external
required:
- name
- not:
anyOf:
- required:
- name
- required:
- namespace
required:
- external
properties:
external:
description: 'Allowed value: The `name` field of an `Organization`
resource.'
type: string
name:
description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
type: string
namespace:
description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
type: string
type: object
resourceID:
description: Immutable. Optional. The service-generated name of the
resource. Used for acquisition only. Leave unset to create a new
resource.
type: string
required:
- accessLevels
- groupKey
- organizationRef
type: object
status:
properties:
conditions:
description: Conditions represent the latest available observation
of the resource's current state.
items:
properties:
lastTransitionTime:
description: Last time the condition transitioned from one status
to another.
type: string
message:
description: Human-readable message indicating details about
last transition.
type: string
reason:
description: Unique, one-word, CamelCase reason for the condition's
last transition.
type: string
status:
description: Status is the status of the condition. Can be True,
False, Unknown.
type: string
type:
description: Type is the type of the condition.
type: string
type: object
type: array
name:
description: 'Immutable. Assigned by the server during creation. The
last segment has an arbitrary length and has only URI unreserved
characters (as defined by RFC 3986 Section 2.3). Should not be specified
by the client during creation. Example: "organizations/256/gcpUserAccessBindings/b3-BhcX_Ud5N".'
type: string
observedGeneration:
description: ObservedGeneration is the generation of the resource
that was most recently observed by the Config Connector controller.
If this is equal to metadata.generation, then that means that the
current reported status reflects the most recent desired state of
the resource.
type: integer
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions: []