Documentation ¶
Overview ¶
Package v1beta1 contains API Schema definitions for the iam v1beta1 API group +k8s:openapi-gen=true +k8s:deepcopy-gen=package,register +k8s:conversion-gen=github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/iam +k8s:defaulter-gen=TypeMeta +groupName=iam.cnrm.cloud.google.com
Package v1beta1 contains API Schema definitions for the iam v1beta1 API group +k8s:openapi-gen=true +k8s:deepcopy-gen=package,register +k8s:conversion-gen=github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/iam +k8s:defaulter-gen=TypeMeta +groupName=iam.cnrm.cloud.google.com
Index ¶
- Constants
- Variables
- func IsHandwrittenIAM(gvk schema.GroupVersionKind) bool
- type AuditLogConfig
- type IAMAuditConfig
- type IAMAuditConfigList
- type IAMAuditConfigSpec
- type IAMAuditConfigStatus
- type IAMCondition
- type IAMPartialPolicy
- type IAMPartialPolicyBinding
- type IAMPartialPolicyList
- type IAMPartialPolicyMember
- type IAMPartialPolicySpec
- type IAMPartialPolicyStatus
- type IAMPolicy
- type IAMPolicyAuditConfig
- type IAMPolicyBinding
- type IAMPolicyList
- type IAMPolicyMember
- type IAMPolicyMemberList
- type IAMPolicyMemberSpec
- type IAMPolicyMemberStatus
- type IAMPolicySpec
- type IAMPolicyStatus
- type Member
- type MemberReference
- type MemberSource
- type ResourceReference
Constants ¶
const IAMAuditConfigReconcileInterval = 10 * time.Minute
const IAMPartialPolicyReconcileInterval = 10 * time.Minute
const IAMPolicyMemberReconcileInterval = 10 * time.Minute
const IAMPolicyReconcileInterval = 10 * time.Minute
Variables ¶
var ( // SchemeGroupVersion is group version used to register these objects SchemeGroupVersion = schema.GroupVersion{Group: "iam.cnrm.cloud.google.com", Version: "v1beta1"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion} IAMPolicyGVK = schema.GroupVersionKind{ Group: SchemeGroupVersion.Group, Version: SchemeGroupVersion.Version, Kind: reflect.TypeOf(IAMPolicy{}).Name(), } IAMPartialPolicyGVK = schema.GroupVersionKind{ Group: SchemeGroupVersion.Group, Version: SchemeGroupVersion.Version, Kind: reflect.TypeOf(IAMPartialPolicy{}).Name(), } IAMPolicyMemberGVK = schema.GroupVersionKind{ Group: SchemeGroupVersion.Group, Version: SchemeGroupVersion.Version, Kind: reflect.TypeOf(IAMPolicyMember{}).Name(), } IAMAuditConfigGVK = schema.GroupVersionKind{ Group: SchemeGroupVersion.Group, Version: SchemeGroupVersion.Version, Kind: reflect.TypeOf(IAMAuditConfig{}).Name(), } IAMAPIVersion = SchemeGroupVersion.String() )
Functions ¶
func IsHandwrittenIAM ¶ added in v1.85.0
func IsHandwrittenIAM(gvk schema.GroupVersionKind) bool
IsHandwrittenIAM returns true if the given GVK corresponds to that of a handwritten IAM resource.
Types ¶
type AuditLogConfig ¶ added in v1.85.0
type AuditLogConfig struct { // Permission type for which logging is to be configured. Must be one of // 'DATA_READ', 'DATA_WRITE', or 'ADMIN_READ'. // +kubebuilder:validation:Pattern=^(DATA_READ|DATA_WRITE|ADMIN_READ)$ LogType string `json:"logType"` // Identities that do not cause logging for this type of permission. The // format is the same as that for 'members' in IAMPolicy/IAMPolicyMember. ExemptedMembers []Member `json:"exemptedMembers,omitempty"` }
func (*AuditLogConfig) DeepCopy ¶ added in v1.85.0
func (in *AuditLogConfig) DeepCopy() *AuditLogConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditLogConfig.
func (*AuditLogConfig) DeepCopyInto ¶ added in v1.85.0
func (in *AuditLogConfig) DeepCopyInto(out *AuditLogConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IAMAuditConfig ¶
type IAMAuditConfig struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec IAMAuditConfigSpec `json:"spec,omitempty"` Status IAMAuditConfigStatus `json:"status,omitempty"` }
IAMAuditConfig is the schema for the IAM audit logging API. +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:printcolumn:name="Ready",type=string,JSONPath=".status.conditions[?(@.type=='Ready')].status",description="When 'True' the most recent reconcile of the resource succeeded" +kubebuilder:printcolumn:name="Status",type=string,JSONPath=".status.conditions[?(@.type=='Ready')].reason",description="The reason for the value in 'Ready'" +kubebuilder:printcolumn:name="Status Age",type="date",JSONPath=".status.conditions[?(@.type=='Ready')].lastTransitionTime" +kubebuilder:subresource:status +k8s:openapi-gen=true
func (*IAMAuditConfig) DeepCopy ¶
func (in *IAMAuditConfig) DeepCopy() *IAMAuditConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuditConfig.
func (*IAMAuditConfig) DeepCopyInto ¶
func (in *IAMAuditConfig) DeepCopyInto(out *IAMAuditConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*IAMAuditConfig) DeepCopyObject ¶
func (in *IAMAuditConfig) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type IAMAuditConfigList ¶
type IAMAuditConfigList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []IAMAuditConfig `json:"items"` }
IAMAuditConfigList contains a list of IAMAuditConfig.
func (*IAMAuditConfigList) DeepCopy ¶
func (in *IAMAuditConfigList) DeepCopy() *IAMAuditConfigList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuditConfigList.
func (*IAMAuditConfigList) DeepCopyInto ¶
func (in *IAMAuditConfigList) DeepCopyInto(out *IAMAuditConfigList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*IAMAuditConfigList) DeepCopyObject ¶
func (in *IAMAuditConfigList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type IAMAuditConfigSpec ¶
type IAMAuditConfigSpec struct { // Immutable. Required. The GCP resource to set the IAMAuditConfig on // (e.g. project). ResourceReference ResourceReference `json:"resourceRef"` // Immutable. Required. The service for which to enable Data Access // audit logs. The special value 'allServices' covers all services. // Note that if there are audit configs covering both 'allServices' and // a specific service, then the union of the two audit configs is used // for that service: the 'logTypes' specified in each 'auditLogConfig' // are enabled, and the 'exemptedMembers' in each 'auditLogConfg' are // exempted. Service string `json:"service"` // Required. The configuration for logging of each type of permission. AuditLogConfigs []AuditLogConfig `json:"auditLogConfigs"` }
IAMAuditConfigSpec defines the desired state of IAMAuditConfig.
func (*IAMAuditConfigSpec) DeepCopy ¶
func (in *IAMAuditConfigSpec) DeepCopy() *IAMAuditConfigSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuditConfigSpec.
func (*IAMAuditConfigSpec) DeepCopyInto ¶
func (in *IAMAuditConfigSpec) DeepCopyInto(out *IAMAuditConfigSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IAMAuditConfigStatus ¶
type IAMAuditConfigStatus struct { // Conditions represent the latest available observations of the // IAMAuditConfig's current state. Conditions []v1alpha1.Condition `json:"conditions,omitempty"` // ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. // If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. // +optional ObservedGeneration int64 `json:"observedGeneration,omitempty"` }
IAMAuditConfigStatus defines the observed state of IAMAuditConfig.
func (*IAMAuditConfigStatus) DeepCopy ¶
func (in *IAMAuditConfigStatus) DeepCopy() *IAMAuditConfigStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuditConfigStatus.
func (*IAMAuditConfigStatus) DeepCopyInto ¶
func (in *IAMAuditConfigStatus) DeepCopyInto(out *IAMAuditConfigStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IAMCondition ¶ added in v1.85.0
type IAMCondition struct { Title string `json:"title"` Description string `json:"description,omitempty"` Expression string `json:"expression"` }
IAMCondition defines the IAM condition under which an IAM binding applies
func (*IAMCondition) DeepCopy ¶ added in v1.85.0
func (in *IAMCondition) DeepCopy() *IAMCondition
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMCondition.
func (*IAMCondition) DeepCopyInto ¶ added in v1.85.0
func (in *IAMCondition) DeepCopyInto(out *IAMCondition)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IAMPartialPolicy ¶ added in v1.54.0
type IAMPartialPolicy struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec IAMPartialPolicySpec `json:"spec,omitempty"` Status IAMPartialPolicyStatus `json:"status,omitempty"` }
IAMPartialPolicy is the Schema for the iampartialpolicy API +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:printcolumn:name="Ready",type=string,JSONPath=".status.conditions[?(@.type=='Ready')].status",description="When 'True' the most recent reconcile of the resource succeeded" +kubebuilder:printcolumn:name="Status",type=string,JSONPath=".status.conditions[?(@.type=='Ready')].reason",description="The reason for the value in 'Ready'" +kubebuilder:printcolumn:name="Status Age",type="date",JSONPath=".status.conditions[?(@.type=='Ready')].lastTransitionTime" +kubebuilder:subresource:status +k8s:openapi-gen=true
func (*IAMPartialPolicy) DeepCopy ¶ added in v1.54.0
func (in *IAMPartialPolicy) DeepCopy() *IAMPartialPolicy
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPartialPolicy.
func (*IAMPartialPolicy) DeepCopyInto ¶ added in v1.54.0
func (in *IAMPartialPolicy) DeepCopyInto(out *IAMPartialPolicy)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*IAMPartialPolicy) DeepCopyObject ¶ added in v1.54.0
func (in *IAMPartialPolicy) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type IAMPartialPolicyBinding ¶ added in v1.85.0
type IAMPartialPolicyBinding struct { // Optional. The list of IAM users to be bound to the role. Members []IAMPartialPolicyMember `json:"members,omitempty"` // Required. The role to bind the users to. // +kubebuilder:validation:Pattern=^((projects|organizations)/[^/]+/)?roles/[\w_\.]+$ Role string `json:"role"` // Optional. The condition under which the binding applies. Condition *IAMCondition `json:"condition,omitempty"` }
Specifies the members to bind to an IAM role.
func (*IAMPartialPolicyBinding) DeepCopy ¶ added in v1.85.0
func (in *IAMPartialPolicyBinding) DeepCopy() *IAMPartialPolicyBinding
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPartialPolicyBinding.
func (*IAMPartialPolicyBinding) DeepCopyInto ¶ added in v1.85.0
func (in *IAMPartialPolicyBinding) DeepCopyInto(out *IAMPartialPolicyBinding)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IAMPartialPolicyList ¶ added in v1.54.0
type IAMPartialPolicyList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []IAMPartialPolicy `json:"items"` }
IAMPartialPolicyList contains a list of IAMPartialPolicy
func (*IAMPartialPolicyList) DeepCopy ¶ added in v1.54.0
func (in *IAMPartialPolicyList) DeepCopy() *IAMPartialPolicyList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPartialPolicyList.
func (*IAMPartialPolicyList) DeepCopyInto ¶ added in v1.54.0
func (in *IAMPartialPolicyList) DeepCopyInto(out *IAMPartialPolicyList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*IAMPartialPolicyList) DeepCopyObject ¶ added in v1.54.0
func (in *IAMPartialPolicyList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type IAMPartialPolicyMember ¶ added in v1.85.0
type IAMPartialPolicyMember struct { // The IAM identity to be bound to the role. Exactly one of // 'member' or 'memberFrom' must be used. Member Member `json:"member,omitempty"` // The IAM identity to be bound to the role. Exactly one of // 'member' or 'memberFrom' must be used, and only one subfield within // 'memberFrom' can be used. MemberFrom *MemberSource `json:"memberFrom,omitempty"` }
func (*IAMPartialPolicyMember) DeepCopy ¶ added in v1.85.0
func (in *IAMPartialPolicyMember) DeepCopy() *IAMPartialPolicyMember
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPartialPolicyMember.
func (*IAMPartialPolicyMember) DeepCopyInto ¶ added in v1.85.0
func (in *IAMPartialPolicyMember) DeepCopyInto(out *IAMPartialPolicyMember)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IAMPartialPolicySpec ¶ added in v1.54.0
type IAMPartialPolicySpec struct { // Immutable. Required. The GCP resource to set the IAM policy on (e.g. // organization, project...) ResourceReference ResourceReference `json:"resourceRef"` // Optional. The list of IAM bindings managed by Config Connector. Bindings []IAMPartialPolicyBinding `json:"bindings,omitempty"` }
IAMPartialPolicySpec defines the desired state of IAMPartialPolicy
func (*IAMPartialPolicySpec) DeepCopy ¶ added in v1.54.0
func (in *IAMPartialPolicySpec) DeepCopy() *IAMPartialPolicySpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPartialPolicySpec.
func (*IAMPartialPolicySpec) DeepCopyInto ¶ added in v1.54.0
func (in *IAMPartialPolicySpec) DeepCopyInto(out *IAMPartialPolicySpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IAMPartialPolicyStatus ¶ added in v1.54.0
type IAMPartialPolicyStatus struct { // Conditions represent the latest available observations of the IAM // policy's current state. Conditions []v1alpha1.Condition `json:"conditions,omitempty"` // ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. // If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. // +optional ObservedGeneration int64 `json:"observedGeneration,omitempty"` // LastAppliedBindings is the list of IAM bindings that were most recently applied by Config Connector. LastAppliedBindings []IAMPolicyBinding `json:"lastAppliedBindings,omitempty"` // AllBindings surfaces all IAM bindings for the referenced resource. AllBindings []IAMPolicyBinding `json:"allBindings,omitempty"` }
IAMPartialPolicyStatus defines the observed state of IAMPartialPolicy
func (*IAMPartialPolicyStatus) DeepCopy ¶ added in v1.54.0
func (in *IAMPartialPolicyStatus) DeepCopy() *IAMPartialPolicyStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPartialPolicyStatus.
func (*IAMPartialPolicyStatus) DeepCopyInto ¶ added in v1.54.0
func (in *IAMPartialPolicyStatus) DeepCopyInto(out *IAMPartialPolicyStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IAMPolicy ¶
type IAMPolicy struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec IAMPolicySpec `json:"spec,omitempty"` Status IAMPolicyStatus `json:"status,omitempty"` }
IAMPolicy is the Schema for the iampolicies API +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:printcolumn:name="Ready",type=string,JSONPath=".status.conditions[?(@.type=='Ready')].status",description="When 'True' the most recent reconcile of the resource succeeded" +kubebuilder:printcolumn:name="Status",type=string,JSONPath=".status.conditions[?(@.type=='Ready')].reason",description="The reason for the value in 'Ready'" +kubebuilder:printcolumn:name="Status Age",type="date",JSONPath=".status.conditions[?(@.type=='Ready')].lastTransitionTime" +kubebuilder:subresource:status +k8s:openapi-gen=true
func (*IAMPolicy) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicy.
func (*IAMPolicy) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*IAMPolicy) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type IAMPolicyAuditConfig ¶ added in v1.85.0
type IAMPolicyAuditConfig struct { // Required. The service for which to enable Data Access audit logs. The // special value 'allServices' covers all services. Note that if there are // audit configs covering both 'allServices' and a specific service, then // the union of the two audit configs is used for that service: the // 'logTypes' specified in each 'auditLogConfig' are enabled, and the // 'exemptedMembers' in each 'auditLogConfg' are exempted. Service string `json:"service"` // Required. The configuration for logging of each type of permission. AuditLogConfigs []AuditLogConfig `json:"auditLogConfigs"` }
Specifies the Cloud Audit Logs configuration for the IAM policy.
func (*IAMPolicyAuditConfig) DeepCopy ¶ added in v1.85.0
func (in *IAMPolicyAuditConfig) DeepCopy() *IAMPolicyAuditConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyAuditConfig.
func (*IAMPolicyAuditConfig) DeepCopyInto ¶ added in v1.85.0
func (in *IAMPolicyAuditConfig) DeepCopyInto(out *IAMPolicyAuditConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IAMPolicyBinding ¶ added in v1.85.0
type IAMPolicyBinding struct { // Optional. The list of IAM users to be bound to the role. Members []Member `json:"members,omitempty"` // Required. The role to bind the users to. // +kubebuilder:validation:Pattern=^((projects|organizations)/[^/]+/)?roles/[\w_\.]+$ Role string `json:"role"` // Optional. The condition under which the binding applies. Condition *IAMCondition `json:"condition,omitempty"` }
Specifies the members to bind to an IAM role.
func (*IAMPolicyBinding) DeepCopy ¶ added in v1.85.0
func (in *IAMPolicyBinding) DeepCopy() *IAMPolicyBinding
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyBinding.
func (*IAMPolicyBinding) DeepCopyInto ¶ added in v1.85.0
func (in *IAMPolicyBinding) DeepCopyInto(out *IAMPolicyBinding)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IAMPolicyList ¶
type IAMPolicyList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []IAMPolicy `json:"items"` }
IAMPolicyList contains a list of IAMPolicy
func (*IAMPolicyList) DeepCopy ¶
func (in *IAMPolicyList) DeepCopy() *IAMPolicyList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyList.
func (*IAMPolicyList) DeepCopyInto ¶
func (in *IAMPolicyList) DeepCopyInto(out *IAMPolicyList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*IAMPolicyList) DeepCopyObject ¶
func (in *IAMPolicyList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type IAMPolicyMember ¶
type IAMPolicyMember struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec IAMPolicyMemberSpec `json:"spec,omitempty"` Status IAMPolicyMemberStatus `json:"status,omitempty"` }
IAMPolicyMember is the Schema for the iampolicies API +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:printcolumn:name="Ready",type=string,JSONPath=".status.conditions[?(@.type=='Ready')].status",description="When 'True' the most recent reconcile of the resource succeeded" +kubebuilder:printcolumn:name="Status",type=string,JSONPath=".status.conditions[?(@.type=='Ready')].reason",description="The reason for the value in 'Ready'" +kubebuilder:printcolumn:name="Status Age",type="date",JSONPath=".status.conditions[?(@.type=='Ready')].lastTransitionTime" +kubebuilder:subresource:status +k8s:openapi-gen=true
func (*IAMPolicyMember) DeepCopy ¶
func (in *IAMPolicyMember) DeepCopy() *IAMPolicyMember
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyMember.
func (*IAMPolicyMember) DeepCopyInto ¶
func (in *IAMPolicyMember) DeepCopyInto(out *IAMPolicyMember)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*IAMPolicyMember) DeepCopyObject ¶
func (in *IAMPolicyMember) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type IAMPolicyMemberList ¶
type IAMPolicyMemberList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []IAMPolicyMember `json:"items"` }
IAMPolicyMemberList contains a list of IAMPolicyMember
func (*IAMPolicyMemberList) DeepCopy ¶
func (in *IAMPolicyMemberList) DeepCopy() *IAMPolicyMemberList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyMemberList.
func (*IAMPolicyMemberList) DeepCopyInto ¶
func (in *IAMPolicyMemberList) DeepCopyInto(out *IAMPolicyMemberList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*IAMPolicyMemberList) DeepCopyObject ¶
func (in *IAMPolicyMemberList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type IAMPolicyMemberSpec ¶
type IAMPolicyMemberSpec struct { // Immutable. Required. The GCP resource to set the IAM policy on (e.g. // organization, project...) ResourceReference ResourceReference `json:"resourceRef"` // Immutable. The IAM identity to be bound to the role. Exactly one of // 'member' or 'memberFrom' must be used. Member Member `json:"member,omitempty"` // Immutable. The IAM identity to be bound to the role. Exactly one of // 'member' or 'memberFrom' must be used, and only one subfield within // 'memberFrom' can be used. MemberFrom *MemberSource `json:"memberFrom,omitempty"` // Immutable. Required. The role for which the Member will be bound. // +kubebuilder:validation:Pattern=^((projects|organizations)/[^/]+/)?roles/[\w_\.]+$ Role string `json:"role"` // Immutable. Optional. The condition under which the binding applies. Condition *IAMCondition `json:"condition,omitempty"` }
IAMPolicyMemberSpec defines the desired state of IAMPolicyMember
func (*IAMPolicyMemberSpec) DeepCopy ¶
func (in *IAMPolicyMemberSpec) DeepCopy() *IAMPolicyMemberSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyMemberSpec.
func (*IAMPolicyMemberSpec) DeepCopyInto ¶
func (in *IAMPolicyMemberSpec) DeepCopyInto(out *IAMPolicyMemberSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IAMPolicyMemberStatus ¶
type IAMPolicyMemberStatus struct { // Conditions represent the latest available observations of the IAM // policy's current state. Conditions []v1alpha1.Condition `json:"conditions,omitempty"` // ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. // If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. // +optional ObservedGeneration int64 `json:"observedGeneration,omitempty"` }
IAMPolicyMemberStatus defines the observed state of IAMPolicyMember
func (*IAMPolicyMemberStatus) DeepCopy ¶
func (in *IAMPolicyMemberStatus) DeepCopy() *IAMPolicyMemberStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyMemberStatus.
func (*IAMPolicyMemberStatus) DeepCopyInto ¶
func (in *IAMPolicyMemberStatus) DeepCopyInto(out *IAMPolicyMemberStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IAMPolicySpec ¶
type IAMPolicySpec struct { // Immutable. Required. The GCP resource to set the IAM policy on (e.g. // organization, project...) ResourceReference ResourceReference `json:"resourceRef"` // Optional. The list of IAM bindings. Bindings []IAMPolicyBinding `json:"bindings,omitempty"` // Optional. The list of IAM audit configs. AuditConfigs []IAMPolicyAuditConfig `json:"auditConfigs,omitempty"` // Etag is used for concurrency control, and ensures that policies are updated consistently. // Note that this field is not exposed in the CRD's OpenAPI schema. Etag string `json:"-"` }
IAMPolicySpec defines the desired state of IAMPolicy
func (*IAMPolicySpec) DeepCopy ¶
func (in *IAMPolicySpec) DeepCopy() *IAMPolicySpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicySpec.
func (*IAMPolicySpec) DeepCopyInto ¶
func (in *IAMPolicySpec) DeepCopyInto(out *IAMPolicySpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IAMPolicyStatus ¶
type IAMPolicyStatus struct { // Conditions represent the latest available observations of the IAM // policy's current state. Conditions []v1alpha1.Condition `json:"conditions,omitempty"` // ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. // If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. // +optional ObservedGeneration int64 `json:"observedGeneration,omitempty"` }
IAMPolicyStatus defines the observed state of IAMPolicy
func (*IAMPolicyStatus) DeepCopy ¶
func (in *IAMPolicyStatus) DeepCopy() *IAMPolicyStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyStatus.
func (*IAMPolicyStatus) DeepCopyInto ¶
func (in *IAMPolicyStatus) DeepCopyInto(out *IAMPolicyStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type MemberReference ¶ added in v1.85.0
type MemberReference struct { Namespace string `json:"namespace,omitempty"` Name string `json:"name"` }
MemberReference represents a resource with an IAM identity
func (*MemberReference) DeepCopy ¶ added in v1.85.0
func (in *MemberReference) DeepCopy() *MemberReference
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemberReference.
func (*MemberReference) DeepCopyInto ¶ added in v1.85.0
func (in *MemberReference) DeepCopyInto(out *MemberReference)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type MemberSource ¶ added in v1.85.0
type MemberSource struct { // The IAMServiceAccount to be bound to the role. ServiceAccountRef *MemberReference `json:"serviceAccountRef,omitempty"` // The LoggingLogSink whose writer identity (i.e. its // 'status.writerIdentity') is to be bound to the role. LogSinkRef *MemberReference `json:"logSinkRef,omitempty"` // The SQLInstance whose service account (i.e. its // 'status.serviceAccountEmailAddress') is to be bound to the role. SQLInstanceRef *MemberReference `json:"sqlInstanceRef,omitempty"` // The ServiceIdentity whose service account (i.e., its // 'status.email') is to be bound to the role. ServiceIdentityRef *MemberReference `json:"serviceIdentityRef,omitempty"` }
MemberSource represents a source for an IAM identity
func (*MemberSource) DeepCopy ¶ added in v1.85.0
func (in *MemberSource) DeepCopy() *MemberSource
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemberSource.
func (*MemberSource) DeepCopyInto ¶ added in v1.85.0
func (in *MemberSource) DeepCopyInto(out *MemberSource)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ResourceReference ¶ added in v1.85.0
type ResourceReference struct { Kind string `json:"kind"` Namespace string `json:"namespace,omitempty"` Name string `json:"name,omitempty"` APIVersion string `json:"apiVersion,omitempty"` External string `json:"external,omitempty"` }
*** PLEASE READ THE FOLLOWING COMMENT BEFORE MAKING CHANGES *** This ResourceReference definition is duplicated in the scripts/generate-go-crd-clients/k8s/ directory. If you're making modifications to this definition, please make sure to modify the corresponding struct in `types.go` (IAMResourceRef), so the generated go-clients have an accurate representation of this struct. ResourceReference defines a relationship to another resource
func (*ResourceReference) DeepCopy ¶ added in v1.85.0
func (in *ResourceReference) DeepCopy() *ResourceReference
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceReference.
func (*ResourceReference) DeepCopyInto ¶ added in v1.85.0
func (in *ResourceReference) DeepCopyInto(out *ResourceReference)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ResourceReference) GroupVersionKind ¶ added in v1.85.0
func (ref *ResourceReference) GroupVersionKind() schema.GroupVersionKind
func (*ResourceReference) SetGroupVersionKind ¶ added in v1.85.0
func (ref *ResourceReference) SetGroupVersionKind(gvk schema.GroupVersionKind)