aadpodidentity

package
v1.8.3-rc.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 25, 2021 License: MIT Imports: 3 Imported by: 11

Documentation

Index

Constants

View Source
const (
	// CRDGroup is the group name of aad-pod-identity CRDs.
	CRDGroup = "aadpodidentity.k8s.io"

	// CRDVersion is the version of the CRD group.
	CRDVersion = "v1"

	// CRDLabelKey is the static label that is used in pods.
	CRDLabelKey = "aadpodidbinding"

	// BehaviorKey is the key that describes the behavior of aad-pod-identity.
	// Supported values:
	// namespaced - used for running in namespaced mode. AzureIdentity,
	//              AzureIdentityBinding and pod in the same namespace
	//              will only be matched for this behavior.
	BehaviorKey = "aadpodidentity.k8s.io/Behavior"

	// BehaviorNamespaced indicates that aad-pod-identity is behaving in namespaced mode.
	BehaviorNamespaced = "namespaced"

	// AssignedIDCreated indicates that an AzureAssignedIdentity is created.
	AssignedIDCreated = "Created"

	// AssignedIDAssigned indicates that an identity has been assigned to the node.
	AssignedIDAssigned = "Assigned"

	// AssignedIDUnAssigned indicates that an identity has been unassigned from the node.
	AssignedIDUnAssigned = "Unassigned"
)
View Source
const (
	// AzureIDResource is the name of AzureIdentity.
	AzureIDResource = "azureidentities"

	// AzureIDBindingResource is the name of AzureIdentityBinding.
	AzureIDBindingResource = "azureidentitybindings"

	// AzureAssignedIDResource is the name of AzureAssignedIdentity.
	AzureAssignedIDResource = "azureassignedidentities"

	// AzurePodIdentityExceptionResource is the name of AzureIdentityException.
	AzurePodIdentityExceptionResource = "azurepodidentityexceptions"
)

Variables

This section is empty.

Functions

func IsNamespacedIdentity

func IsNamespacedIdentity(azureID *AzureIdentity) bool

IsNamespacedIdentity returns true if azureID is a namespaced identity.

Types

type AssignedIDState

type AssignedIDState int

AssignedIDState represents the state of an AzureAssignedIdentity

const (
	// Created - Default state of the assigned identity
	Created AssignedIDState = 0

	// Assigned - When the underlying platform assignment of
	// managed identity is complete, the state moves to assigned
	Assigned AssignedIDState = 1
)

type AzureAssignedIdentity

type AzureAssignedIdentity struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AzureAssignedIdentitySpec   `json:"spec"`
	Status AzureAssignedIdentityStatus `json:"Status"`
}

AzureAssignedIdentity contains the identity <-> pod mapping which is matched. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AzureAssignedIdentity) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureAssignedIdentity.

func (*AzureAssignedIdentity) DeepCopyInto

func (in *AzureAssignedIdentity) DeepCopyInto(out *AzureAssignedIdentity)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzureAssignedIdentity) DeepCopyObject

func (in *AzureAssignedIdentity) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzureAssignedIdentityList

type AzureAssignedIdentityList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	Items []AzureAssignedIdentity `json:"items"`
}

AzureAssignedIdentityList contains a list of AzureAssignedIdentities. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AzureAssignedIdentityList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureAssignedIdentityList.

func (*AzureAssignedIdentityList) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzureAssignedIdentityList) DeepCopyObject

func (in *AzureAssignedIdentityList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzureAssignedIdentitySpec

type AzureAssignedIdentitySpec struct {
	metav1.ObjectMeta `json:"metadata,omitempty"`
	AzureIdentityRef  *AzureIdentity        `json:"azureidentityref"`
	AzureBindingRef   *AzureIdentityBinding `json:"azurebindingref"`
	Pod               string                `json:"pod"`
	PodNamespace      string                `json:"podnamespace"`
	NodeName          string                `json:"nodename"`

	Replicas *int32 `json:"replicas"`
}

AzureAssignedIdentitySpec contains the relationship between an AzureIdentity and an AzureIdentityBinding.

func (*AzureAssignedIdentitySpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureAssignedIdentitySpec.

func (*AzureAssignedIdentitySpec) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureAssignedIdentityStatus

type AzureAssignedIdentityStatus struct {
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Status            string `json:"status"`
	AvailableReplicas int32  `json:"availableReplicas"`
}

AzureAssignedIdentityStatus contains the replica status of the resource.

func (*AzureAssignedIdentityStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureAssignedIdentityStatus.

func (*AzureAssignedIdentityStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureIdentity

type AzureIdentity struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AzureIdentitySpec   `json:"spec"`
	Status AzureIdentityStatus `json:"status"`
}

AzureIdentity is the specification of the identity data structure. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AzureIdentity) DeepCopy

func (in *AzureIdentity) DeepCopy() *AzureIdentity

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureIdentity.

func (*AzureIdentity) DeepCopyInto

func (in *AzureIdentity) DeepCopyInto(out *AzureIdentity)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzureIdentity) DeepCopyObject

func (in *AzureIdentity) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzureIdentityBinding

type AzureIdentityBinding struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AzureIdentityBindingSpec   `json:"spec"`
	Status AzureIdentityBindingStatus `json:"status"`
}

AzureIdentityBinding brings together the spec of matching pods and the identity which they can use. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AzureIdentityBinding) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureIdentityBinding.

func (*AzureIdentityBinding) DeepCopyInto

func (in *AzureIdentityBinding) DeepCopyInto(out *AzureIdentityBinding)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzureIdentityBinding) DeepCopyObject

func (in *AzureIdentityBinding) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzureIdentityBindingList

type AzureIdentityBindingList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	Items []AzureIdentityBinding `json:"items"`
}

AzureIdentityBindingList contains a list of AzureIdentityBindings. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AzureIdentityBindingList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureIdentityBindingList.

func (*AzureIdentityBindingList) DeepCopyInto

func (in *AzureIdentityBindingList) DeepCopyInto(out *AzureIdentityBindingList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzureIdentityBindingList) DeepCopyObject

func (in *AzureIdentityBindingList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzureIdentityBindingSpec

type AzureIdentityBindingSpec struct {
	metav1.ObjectMeta `json:"metadata,omitempty"`
	AzureIdentity     string `json:"azureidentity"`
	Selector          string `json:"selector"`
	// Weight is used to figure out which of the matching identities would be selected.
	Weight int `json:"weight"`
}

AzureIdentityBindingSpec matches the pod with the Identity. Used to indicate the potential matches to look for between the pod/deployment and the identities present.

func (*AzureIdentityBindingSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureIdentityBindingSpec.

func (*AzureIdentityBindingSpec) DeepCopyInto

func (in *AzureIdentityBindingSpec) DeepCopyInto(out *AzureIdentityBindingSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureIdentityBindingStatus

type AzureIdentityBindingStatus struct {
	metav1.ObjectMeta `json:"metadata,omitempty"`
	AvailableReplicas int32 `json:"availableReplicas"`
}

AzureIdentityBindingStatus contains the status of an AzureIdentityBinding.

func (*AzureIdentityBindingStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureIdentityBindingStatus.

func (*AzureIdentityBindingStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureIdentityBindings added in v1.8.1

type AzureIdentityBindings []AzureIdentityBinding

func (AzureIdentityBindings) Len added in v1.8.1

func (a AzureIdentityBindings) Len() int

func (AzureIdentityBindings) Less added in v1.8.1

func (a AzureIdentityBindings) Less(i, j int) bool

func (AzureIdentityBindings) Swap added in v1.8.1

func (a AzureIdentityBindings) Swap(i, j int)

type AzureIdentityList

type AzureIdentityList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	Items []AzureIdentity `json:"items"`
}

AzureIdentityList contains a list of AzureIdentities. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AzureIdentityList) DeepCopy

func (in *AzureIdentityList) DeepCopy() *AzureIdentityList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureIdentityList.

func (*AzureIdentityList) DeepCopyInto

func (in *AzureIdentityList) DeepCopyInto(out *AzureIdentityList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzureIdentityList) DeepCopyObject

func (in *AzureIdentityList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzureIdentitySpec

type AzureIdentitySpec struct {
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// UserAssignedMSI or Service Principal
	Type IdentityType `json:"type"`

	// User assigned MSI resource id.
	ResourceID string `json:"resourceid"`
	// Both User Assigned MSI and SP can use this field.
	ClientID string `json:"clientid"`

	// Used for service principal
	ClientPassword api.SecretReference `json:"clientpassword"`
	// Service principal primary tenant id.
	TenantID string `json:"tenantid"`
	// Service principal auxiliary tenant ids
	AuxiliaryTenantIDs []string `json:"auxiliarytenantids"`
	// For service principal. Option param for specifying the  AD details.
	ADResourceID string `json:"adresourceid"`
	ADEndpoint   string `json:"adendpoint"`

	Replicas *int32 `json:"replicas"`
}

AzureIdentitySpec describes the credential specifications of an identity on Azure.

func (*AzureIdentitySpec) DeepCopy

func (in *AzureIdentitySpec) DeepCopy() *AzureIdentitySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureIdentitySpec.

func (*AzureIdentitySpec) DeepCopyInto

func (in *AzureIdentitySpec) DeepCopyInto(out *AzureIdentitySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureIdentityStatus

type AzureIdentityStatus struct {
	metav1.ObjectMeta `json:"metadata,omitempty"`
	AvailableReplicas int32 `json:"availableReplicas"`
}

AzureIdentityStatus contains the replica status of the resource.

func (*AzureIdentityStatus) DeepCopy

func (in *AzureIdentityStatus) DeepCopy() *AzureIdentityStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureIdentityStatus.

func (*AzureIdentityStatus) DeepCopyInto

func (in *AzureIdentityStatus) DeepCopyInto(out *AzureIdentityStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzurePodIdentityException

type AzurePodIdentityException struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AzurePodIdentityExceptionSpec   `json:"spec"`
	Status AzurePodIdentityExceptionStatus `json:"Status"`
}

AzurePodIdentityException contains the pod selectors for all pods that don't require NMI to process and request token on their behalf. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AzurePodIdentityException) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzurePodIdentityException.

func (*AzurePodIdentityException) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzurePodIdentityException) DeepCopyObject

func (in *AzurePodIdentityException) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzurePodIdentityExceptionList

type AzurePodIdentityExceptionList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata"`

	Items []AzurePodIdentityException `json:"items"`
}

AzurePodIdentityExceptionList contains a list of AzurePodIdentityExceptions. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

func (*AzurePodIdentityExceptionList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzurePodIdentityExceptionList.

func (*AzurePodIdentityExceptionList) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AzurePodIdentityExceptionList) DeepCopyObject

func (in *AzurePodIdentityExceptionList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AzurePodIdentityExceptionSpec

type AzurePodIdentityExceptionSpec struct {
	metav1.ObjectMeta `json:"metadata,omitempty"`
	PodLabels         map[string]string `json:"podLabels"`
}

AzurePodIdentityExceptionSpec matches pods with the selector defined. If request originates from a pod that matches the selector, nmi will proxy the request and send response back without any validation.

func (*AzurePodIdentityExceptionSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzurePodIdentityExceptionSpec.

func (*AzurePodIdentityExceptionSpec) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzurePodIdentityExceptionStatus

type AzurePodIdentityExceptionStatus struct {
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Status            string `json:"status"`
}

AzurePodIdentityExceptionStatus contains the status of an AzurePodIdentityException.

func (*AzurePodIdentityExceptionStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzurePodIdentityExceptionStatus.

func (*AzurePodIdentityExceptionStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EventType

type EventType int

EventType is a type that represents critical events that are sent to MIC.

const (
	// PodCreated is an event that is sent to the event channel when a pod is created.
	PodCreated EventType = 0

	// PodDeleted is an event that is sent to the event channel when a pod is deleted.
	PodDeleted EventType = 1

	// PodUpdated is an event that is sent to the event channel when a pod is updated.
	PodUpdated EventType = 2

	// IdentityCreated is an event that is sent to the event channel when an AzureIdentity is created.
	IdentityCreated EventType = 3

	// IdentityDeleted is an event that is sent to the event channel when an AzureIdentity is deleted.
	IdentityDeleted EventType = 4

	// IdentityUpdated is an event that is sent to the event channel when an AzureIdentity is updated.
	IdentityUpdated EventType = 5

	// BindingCreated is an event that is sent to the event channel when an AzureIdentityBinding is created.
	BindingCreated EventType = 6

	// BindingDeleted is an event that is sent to the event channel when an AzureIdentityBinding is deleted.
	BindingDeleted EventType = 7

	// BindingUpdated is an event that is sent to the event channel when an AzureIdentityBinding is updated.
	BindingUpdated EventType = 8

	// Exit is an event that is sent to the event channel when the program exits.
	Exit EventType = 9
)

type IdentityType

type IdentityType int

IdentityType represents different types of identities. +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object

const (
	// UserAssignedMSI represents a user-assigned identity.
	UserAssignedMSI IdentityType = 0

	// ServicePrincipal represents a service principal.
	ServicePrincipal IdentityType = 1

	// ServicePrincipalCertificate represents a service principal certificate.
	ServicePrincipalCertificate IdentityType = 2
)

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL