sigs.k8s.io/cluster-api-provider-azure@v1.17.0/config/crd/bases/infrastructure.cluster.x-k8s.io_azureclusteridentities.yaml (about) 1 --- 2 apiVersion: apiextensions.k8s.io/v1 3 kind: CustomResourceDefinition 4 metadata: 5 annotations: 6 controller-gen.kubebuilder.io/version: v0.15.0 7 name: azureclusteridentities.infrastructure.cluster.x-k8s.io 8 spec: 9 group: infrastructure.cluster.x-k8s.io 10 names: 11 categories: 12 - cluster-api 13 kind: AzureClusterIdentity 14 listKind: AzureClusterIdentityList 15 plural: azureclusteridentities 16 singular: azureclusteridentity 17 scope: Namespaced 18 versions: 19 - additionalPrinterColumns: 20 - description: Type of AzureClusterIdentity 21 jsonPath: .spec.type 22 name: Type 23 type: string 24 - description: Time duration since creation of this AzureClusterIdentity 25 jsonPath: .metadata.creationTimestamp 26 name: Age 27 type: date 28 name: v1beta1 29 schema: 30 openAPIV3Schema: 31 description: AzureClusterIdentity is the Schema for the azureclustersidentities 32 API. 33 properties: 34 apiVersion: 35 description: |- 36 APIVersion defines the versioned schema of this representation of an object. 37 Servers should convert recognized schemas to the latest internal value, and 38 may reject unrecognized values. 39 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources 40 type: string 41 kind: 42 description: |- 43 Kind is a string value representing the REST resource this object represents. 44 Servers may infer this from the endpoint the client submits requests to. 45 Cannot be updated. 46 In CamelCase. 47 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds 48 type: string 49 metadata: 50 type: object 51 spec: 52 description: AzureClusterIdentitySpec defines the parameters that are 53 used to create an AzureIdentity. 54 properties: 55 allowedNamespaces: 56 description: |- 57 AllowedNamespaces is used to identify the namespaces the clusters are allowed to use the identity from. 58 Namespaces can be selected either using an array of namespaces or with label selector. 59 An empty allowedNamespaces object indicates that AzureClusters can use this identity from any namespace. 60 If this object is nil, no namespaces will be allowed (default behaviour, if this field is not provided) 61 A namespace should be either in the NamespaceList or match with Selector to use the identity. 62 nullable: true 63 properties: 64 list: 65 description: A nil or empty list indicates that AzureCluster cannot 66 use the identity from any namespace. 67 items: 68 type: string 69 nullable: true 70 type: array 71 selector: 72 description: |- 73 Selector is a selector of namespaces that AzureCluster can 74 use this Identity from. This is a standard Kubernetes LabelSelector, 75 a label query over a set of resources. The result of matchLabels and 76 matchExpressions are ANDed. 77 78 79 A nil or empty selector indicates that AzureCluster cannot use this 80 AzureClusterIdentity from any namespace. 81 properties: 82 matchExpressions: 83 description: matchExpressions is a list of label selector 84 requirements. The requirements are ANDed. 85 items: 86 description: |- 87 A label selector requirement is a selector that contains values, a key, and an operator that 88 relates the key and values. 89 properties: 90 key: 91 description: key is the label key that the selector 92 applies to. 93 type: string 94 operator: 95 description: |- 96 operator represents a key's relationship to a set of values. 97 Valid operators are In, NotIn, Exists and DoesNotExist. 98 type: string 99 values: 100 description: |- 101 values is an array of string values. If the operator is In or NotIn, 102 the values array must be non-empty. If the operator is Exists or DoesNotExist, 103 the values array must be empty. This array is replaced during a strategic 104 merge patch. 105 items: 106 type: string 107 type: array 108 x-kubernetes-list-type: atomic 109 required: 110 - key 111 - operator 112 type: object 113 type: array 114 x-kubernetes-list-type: atomic 115 matchLabels: 116 additionalProperties: 117 type: string 118 description: |- 119 matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels 120 map is equivalent to an element of matchExpressions, whose key field is "key", the 121 operator is "In", and the values array contains only "value". The requirements are ANDed. 122 type: object 123 type: object 124 x-kubernetes-map-type: atomic 125 type: object 126 clientID: 127 description: |- 128 ClientID is the service principal client ID. 129 Both User Assigned MSI and SP can use this field. 130 type: string 131 clientSecret: 132 description: ClientSecret is a secret reference which should contain 133 either a Service Principal password or certificate secret. 134 properties: 135 name: 136 description: name is unique within a namespace to reference a 137 secret resource. 138 type: string 139 namespace: 140 description: namespace defines the space within which the secret 141 name must be unique. 142 type: string 143 type: object 144 x-kubernetes-map-type: atomic 145 resourceID: 146 description: |- 147 ResourceID is the Azure resource ID for the User Assigned MSI resource. 148 Only applicable when type is UserAssignedMSI. 149 150 151 Deprecated: This field no longer has any effect. 152 type: string 153 tenantID: 154 description: TenantID is the service principal primary tenant id. 155 type: string 156 type: 157 description: |- 158 Type is the type of Azure Identity used. 159 ServicePrincipal, ServicePrincipalCertificate, UserAssignedMSI, ManualServicePrincipal or WorkloadIdentity. 160 enum: 161 - ServicePrincipal 162 - UserAssignedMSI 163 - ManualServicePrincipal 164 - ServicePrincipalCertificate 165 - WorkloadIdentity 166 type: string 167 required: 168 - clientID 169 - tenantID 170 - type 171 type: object 172 status: 173 description: AzureClusterIdentityStatus defines the observed state of 174 AzureClusterIdentity. 175 properties: 176 conditions: 177 description: Conditions defines current service state of the AzureClusterIdentity. 178 items: 179 description: Condition defines an observation of a Cluster API resource 180 operational state. 181 properties: 182 lastTransitionTime: 183 description: |- 184 Last time the condition transitioned from one status to another. 185 This should be when the underlying condition changed. If that is not known, then using the time when 186 the API field changed is acceptable. 187 format: date-time 188 type: string 189 message: 190 description: |- 191 A human readable message indicating details about the transition. 192 This field may be empty. 193 type: string 194 reason: 195 description: |- 196 The reason for the condition's last transition in CamelCase. 197 The specific API may choose whether or not this field is considered a guaranteed API. 198 This field may not be empty. 199 type: string 200 severity: 201 description: |- 202 Severity provides an explicit classification of Reason code, so the users or machines can immediately 203 understand the current situation and act accordingly. 204 The Severity field MUST be set only when Status=False. 205 type: string 206 status: 207 description: Status of the condition, one of True, False, Unknown. 208 type: string 209 type: 210 description: |- 211 Type of condition in CamelCase or in foo.example.com/CamelCase. 212 Many .condition.type values are consistent across resources like Available, but because arbitrary conditions 213 can be useful (see .node.status.conditions), the ability to deconflict is important. 214 type: string 215 required: 216 - lastTransitionTime 217 - status 218 - type 219 type: object 220 type: array 221 type: object 222 type: object 223 served: true 224 storage: true 225 subresources: 226 status: {}