v1beta1

package
v1.123.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 19, 2024 License: Apache-2.0 Imports: 7 Imported by: 6

Documentation

Overview

Package v1beta1 contains API Schema definitions for the iam v1beta1 API group +k8s:openapi-gen=true +k8s:deepcopy-gen=package,register +k8s:conversion-gen=github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/iam +k8s:defaulter-gen=TypeMeta +groupName=iam.cnrm.cloud.google.com

Package v1beta1 contains API Schema definitions for the iam v1beta1 API group +k8s:openapi-gen=true +k8s:deepcopy-gen=package,register +k8s:conversion-gen=github.com/GoogleCloudPlatform/k8s-config-connector/pkg/apis/iam +k8s:defaulter-gen=TypeMeta +groupName=iam.cnrm.cloud.google.com

Index

Constants

View Source
const IAMAuditConfigReconcileInterval = 10 * time.Minute
View Source
const IAMPartialPolicyReconcileInterval = 10 * time.Minute
View Source
const IAMPolicyMemberReconcileInterval = 10 * time.Minute
View Source
const IAMPolicyReconcileInterval = 10 * time.Minute

Variables

View Source
var (
	// SchemeGroupVersion is group version used to register these objects
	SchemeGroupVersion = schema.GroupVersion{Group: "iam.cnrm.cloud.google.com", Version: "v1beta1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}

	IAMPolicyGVK = schema.GroupVersionKind{
		Group:   SchemeGroupVersion.Group,
		Version: SchemeGroupVersion.Version,
		Kind:    reflect.TypeOf(IAMPolicy{}).Name(),
	}
	IAMPartialPolicyGVK = schema.GroupVersionKind{
		Group:   SchemeGroupVersion.Group,
		Version: SchemeGroupVersion.Version,
		Kind:    reflect.TypeOf(IAMPartialPolicy{}).Name(),
	}
	IAMPolicyMemberGVK = schema.GroupVersionKind{
		Group:   SchemeGroupVersion.Group,
		Version: SchemeGroupVersion.Version,
		Kind:    reflect.TypeOf(IAMPolicyMember{}).Name(),
	}
	IAMAuditConfigGVK = schema.GroupVersionKind{
		Group:   SchemeGroupVersion.Group,
		Version: SchemeGroupVersion.Version,
		Kind:    reflect.TypeOf(IAMAuditConfig{}).Name(),
	}
	IAMAPIVersion = SchemeGroupVersion.String()
)

Functions

func IsHandwrittenIAM added in v1.85.0

func IsHandwrittenIAM(gvk schema.GroupVersionKind) bool

IsHandwrittenIAM returns true if the given GVK corresponds to that of a handwritten IAM resource.

Types

type AuditLogConfig added in v1.85.0

type AuditLogConfig struct {
	// Permission type for which logging is to be configured. Must be one of
	// 'DATA_READ', 'DATA_WRITE', or 'ADMIN_READ'.
	// +kubebuilder:validation:Pattern=^(DATA_READ|DATA_WRITE|ADMIN_READ)$
	LogType string `json:"logType"`

	// Identities that do not cause logging for this type of permission. The
	// format is the same as that for 'members' in IAMPolicy/IAMPolicyMember.
	ExemptedMembers []Member `json:"exemptedMembers,omitempty"`
}

func (*AuditLogConfig) DeepCopy added in v1.85.0

func (in *AuditLogConfig) DeepCopy() *AuditLogConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditLogConfig.

func (*AuditLogConfig) DeepCopyInto added in v1.85.0

func (in *AuditLogConfig) DeepCopyInto(out *AuditLogConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMAuditConfig

type IAMAuditConfig struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IAMAuditConfigSpec   `json:"spec,omitempty"`
	Status IAMAuditConfigStatus `json:"status,omitempty"`
}

IAMAuditConfig is the schema for the IAM audit logging API. +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:printcolumn:name="Ready",type=string,JSONPath=".status.conditions[?(@.type=='Ready')].status",description="When 'True' the most recent reconcile of the resource succeeded" +kubebuilder:printcolumn:name="Status",type=string,JSONPath=".status.conditions[?(@.type=='Ready')].reason",description="The reason for the value in 'Ready'" +kubebuilder:printcolumn:name="Status Age",type="date",JSONPath=".status.conditions[?(@.type=='Ready')].lastTransitionTime" +kubebuilder:subresource:status +k8s:openapi-gen=true

func (*IAMAuditConfig) DeepCopy

func (in *IAMAuditConfig) DeepCopy() *IAMAuditConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuditConfig.

func (*IAMAuditConfig) DeepCopyInto

func (in *IAMAuditConfig) DeepCopyInto(out *IAMAuditConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMAuditConfig) DeepCopyObject

func (in *IAMAuditConfig) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMAuditConfigList

type IAMAuditConfigList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IAMAuditConfig `json:"items"`
}

IAMAuditConfigList contains a list of IAMAuditConfig.

func (*IAMAuditConfigList) DeepCopy

func (in *IAMAuditConfigList) DeepCopy() *IAMAuditConfigList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuditConfigList.

func (*IAMAuditConfigList) DeepCopyInto

func (in *IAMAuditConfigList) DeepCopyInto(out *IAMAuditConfigList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMAuditConfigList) DeepCopyObject

func (in *IAMAuditConfigList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMAuditConfigSpec

type IAMAuditConfigSpec struct {
	// Immutable. Required. The GCP resource to set the IAMAuditConfig on
	// (e.g. project).
	ResourceReference ResourceReference `json:"resourceRef"`

	// Immutable. Required. The service for which to enable Data Access
	// audit logs. The special value 'allServices' covers all services.
	// Note that if there are audit configs covering both 'allServices' and
	// a specific service, then the union of the two audit configs is used
	// for that service: the 'logTypes' specified in each 'auditLogConfig'
	// are enabled, and the 'exemptedMembers' in each 'auditLogConfg' are
	// exempted.
	Service string `json:"service"`
	// Required. The configuration for logging of each type of permission.
	AuditLogConfigs []AuditLogConfig `json:"auditLogConfigs"`
}

IAMAuditConfigSpec defines the desired state of IAMAuditConfig.

func (*IAMAuditConfigSpec) DeepCopy

func (in *IAMAuditConfigSpec) DeepCopy() *IAMAuditConfigSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuditConfigSpec.

func (*IAMAuditConfigSpec) DeepCopyInto

func (in *IAMAuditConfigSpec) DeepCopyInto(out *IAMAuditConfigSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMAuditConfigStatus

type IAMAuditConfigStatus struct {
	// Conditions represent the latest available observations of the
	// IAMAuditConfig's current state.
	Conditions []v1alpha1.Condition `json:"conditions,omitempty"`
	// ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller.
	// If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource.
	// +optional
	ObservedGeneration int64 `json:"observedGeneration,omitempty"`
}

IAMAuditConfigStatus defines the observed state of IAMAuditConfig.

func (*IAMAuditConfigStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuditConfigStatus.

func (*IAMAuditConfigStatus) DeepCopyInto

func (in *IAMAuditConfigStatus) DeepCopyInto(out *IAMAuditConfigStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMCondition added in v1.85.0

type IAMCondition struct {
	Title       string `json:"title"`
	Description string `json:"description,omitempty"`
	Expression  string `json:"expression"`
}

IAMCondition defines the IAM condition under which an IAM binding applies

func (*IAMCondition) DeepCopy added in v1.85.0

func (in *IAMCondition) DeepCopy() *IAMCondition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMCondition.

func (*IAMCondition) DeepCopyInto added in v1.85.0

func (in *IAMCondition) DeepCopyInto(out *IAMCondition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPartialPolicy added in v1.54.0

type IAMPartialPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IAMPartialPolicySpec   `json:"spec,omitempty"`
	Status IAMPartialPolicyStatus `json:"status,omitempty"`
}

IAMPartialPolicy is the Schema for the iampartialpolicy API +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:printcolumn:name="Ready",type=string,JSONPath=".status.conditions[?(@.type=='Ready')].status",description="When 'True' the most recent reconcile of the resource succeeded" +kubebuilder:printcolumn:name="Status",type=string,JSONPath=".status.conditions[?(@.type=='Ready')].reason",description="The reason for the value in 'Ready'" +kubebuilder:printcolumn:name="Status Age",type="date",JSONPath=".status.conditions[?(@.type=='Ready')].lastTransitionTime" +kubebuilder:subresource:status +k8s:openapi-gen=true

func (*IAMPartialPolicy) DeepCopy added in v1.54.0

func (in *IAMPartialPolicy) DeepCopy() *IAMPartialPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPartialPolicy.

func (*IAMPartialPolicy) DeepCopyInto added in v1.54.0

func (in *IAMPartialPolicy) DeepCopyInto(out *IAMPartialPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMPartialPolicy) DeepCopyObject added in v1.54.0

func (in *IAMPartialPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMPartialPolicyBinding added in v1.85.0

type IAMPartialPolicyBinding struct {
	// Optional. The list of IAM users to be bound to the role.
	Members []IAMPartialPolicyMember `json:"members,omitempty"`
	// Required. The role to bind the users to.
	// +kubebuilder:validation:Pattern=^((projects|organizations)/[^/]+/)?roles/[\w_\.]+$
	Role string `json:"role"`
	// Optional. The condition under which the binding applies.
	Condition *IAMCondition `json:"condition,omitempty"`
}

Specifies the members to bind to an IAM role.

func (*IAMPartialPolicyBinding) DeepCopy added in v1.85.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPartialPolicyBinding.

func (*IAMPartialPolicyBinding) DeepCopyInto added in v1.85.0

func (in *IAMPartialPolicyBinding) DeepCopyInto(out *IAMPartialPolicyBinding)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPartialPolicyList added in v1.54.0

type IAMPartialPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IAMPartialPolicy `json:"items"`
}

IAMPartialPolicyList contains a list of IAMPartialPolicy

func (*IAMPartialPolicyList) DeepCopy added in v1.54.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPartialPolicyList.

func (*IAMPartialPolicyList) DeepCopyInto added in v1.54.0

func (in *IAMPartialPolicyList) DeepCopyInto(out *IAMPartialPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMPartialPolicyList) DeepCopyObject added in v1.54.0

func (in *IAMPartialPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMPartialPolicyMember added in v1.85.0

type IAMPartialPolicyMember struct {
	// The IAM identity to be bound to the role. Exactly one of
	// 'member' or 'memberFrom' must be used.
	Member Member `json:"member,omitempty"`

	// The IAM identity to be bound to the role. Exactly one of
	// 'member' or 'memberFrom' must be used, and only one subfield within
	// 'memberFrom' can be used.
	MemberFrom *MemberSource `json:"memberFrom,omitempty"`
}

func (*IAMPartialPolicyMember) DeepCopy added in v1.85.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPartialPolicyMember.

func (*IAMPartialPolicyMember) DeepCopyInto added in v1.85.0

func (in *IAMPartialPolicyMember) DeepCopyInto(out *IAMPartialPolicyMember)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPartialPolicySpec added in v1.54.0

type IAMPartialPolicySpec struct {
	// Immutable. Required. The GCP resource to set the IAM policy on (e.g.
	// organization, project...)
	ResourceReference ResourceReference `json:"resourceRef"`
	// Optional. The list of IAM bindings managed by Config Connector.
	Bindings []IAMPartialPolicyBinding `json:"bindings,omitempty"`
}

IAMPartialPolicySpec defines the desired state of IAMPartialPolicy

func (*IAMPartialPolicySpec) DeepCopy added in v1.54.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPartialPolicySpec.

func (*IAMPartialPolicySpec) DeepCopyInto added in v1.54.0

func (in *IAMPartialPolicySpec) DeepCopyInto(out *IAMPartialPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPartialPolicyStatus added in v1.54.0

type IAMPartialPolicyStatus struct {
	// Conditions represent the latest available observations of the IAM
	// policy's current state.
	Conditions []v1alpha1.Condition `json:"conditions,omitempty"`
	// ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller.
	// If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource.
	// +optional
	ObservedGeneration int64 `json:"observedGeneration,omitempty"`
	// LastAppliedBindings is the list of IAM bindings that were most recently applied by Config Connector.
	LastAppliedBindings []IAMPolicyBinding `json:"lastAppliedBindings,omitempty"`
	// AllBindings surfaces all IAM bindings for the referenced resource.
	AllBindings []IAMPolicyBinding `json:"allBindings,omitempty"`
}

IAMPartialPolicyStatus defines the observed state of IAMPartialPolicy

func (*IAMPartialPolicyStatus) DeepCopy added in v1.54.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPartialPolicyStatus.

func (*IAMPartialPolicyStatus) DeepCopyInto added in v1.54.0

func (in *IAMPartialPolicyStatus) DeepCopyInto(out *IAMPartialPolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPolicy

type IAMPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IAMPolicySpec   `json:"spec,omitempty"`
	Status IAMPolicyStatus `json:"status,omitempty"`
}

IAMPolicy is the Schema for the iampolicies API +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:printcolumn:name="Ready",type=string,JSONPath=".status.conditions[?(@.type=='Ready')].status",description="When 'True' the most recent reconcile of the resource succeeded" +kubebuilder:printcolumn:name="Status",type=string,JSONPath=".status.conditions[?(@.type=='Ready')].reason",description="The reason for the value in 'Ready'" +kubebuilder:printcolumn:name="Status Age",type="date",JSONPath=".status.conditions[?(@.type=='Ready')].lastTransitionTime" +kubebuilder:subresource:status +k8s:openapi-gen=true

func (*IAMPolicy) DeepCopy

func (in *IAMPolicy) DeepCopy() *IAMPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicy.

func (*IAMPolicy) DeepCopyInto

func (in *IAMPolicy) DeepCopyInto(out *IAMPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMPolicy) DeepCopyObject

func (in *IAMPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMPolicyAuditConfig added in v1.85.0

type IAMPolicyAuditConfig struct {
	// Required. The service for which to enable Data Access audit logs. The
	// special value 'allServices' covers all services. Note that if there are
	// audit configs covering both 'allServices' and a specific service, then
	// the union of the two audit configs is used for that service: the
	// 'logTypes' specified in each 'auditLogConfig' are enabled, and the
	// 'exemptedMembers' in each 'auditLogConfg' are exempted.
	Service string `json:"service"`
	// Required. The configuration for logging of each type of permission.
	AuditLogConfigs []AuditLogConfig `json:"auditLogConfigs"`
}

Specifies the Cloud Audit Logs configuration for the IAM policy.

func (*IAMPolicyAuditConfig) DeepCopy added in v1.85.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyAuditConfig.

func (*IAMPolicyAuditConfig) DeepCopyInto added in v1.85.0

func (in *IAMPolicyAuditConfig) DeepCopyInto(out *IAMPolicyAuditConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPolicyBinding added in v1.85.0

type IAMPolicyBinding struct {
	// Optional. The list of IAM users to be bound to the role.
	Members []Member `json:"members,omitempty"`
	// Required. The role to bind the users to.
	// +kubebuilder:validation:Pattern=^((projects|organizations)/[^/]+/)?roles/[\w_\.]+$
	Role string `json:"role"`
	// Optional. The condition under which the binding applies.
	Condition *IAMCondition `json:"condition,omitempty"`
}

Specifies the members to bind to an IAM role.

func (*IAMPolicyBinding) DeepCopy added in v1.85.0

func (in *IAMPolicyBinding) DeepCopy() *IAMPolicyBinding

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyBinding.

func (*IAMPolicyBinding) DeepCopyInto added in v1.85.0

func (in *IAMPolicyBinding) DeepCopyInto(out *IAMPolicyBinding)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPolicyList

type IAMPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IAMPolicy `json:"items"`
}

IAMPolicyList contains a list of IAMPolicy

func (*IAMPolicyList) DeepCopy

func (in *IAMPolicyList) DeepCopy() *IAMPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyList.

func (*IAMPolicyList) DeepCopyInto

func (in *IAMPolicyList) DeepCopyInto(out *IAMPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMPolicyList) DeepCopyObject

func (in *IAMPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMPolicyMember

type IAMPolicyMember struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IAMPolicyMemberSpec   `json:"spec,omitempty"`
	Status IAMPolicyMemberStatus `json:"status,omitempty"`
}

IAMPolicyMember is the Schema for the iampolicies API +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:printcolumn:name="Ready",type=string,JSONPath=".status.conditions[?(@.type=='Ready')].status",description="When 'True' the most recent reconcile of the resource succeeded" +kubebuilder:printcolumn:name="Status",type=string,JSONPath=".status.conditions[?(@.type=='Ready')].reason",description="The reason for the value in 'Ready'" +kubebuilder:printcolumn:name="Status Age",type="date",JSONPath=".status.conditions[?(@.type=='Ready')].lastTransitionTime" +kubebuilder:subresource:status +k8s:openapi-gen=true

func (*IAMPolicyMember) DeepCopy

func (in *IAMPolicyMember) DeepCopy() *IAMPolicyMember

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyMember.

func (*IAMPolicyMember) DeepCopyInto

func (in *IAMPolicyMember) DeepCopyInto(out *IAMPolicyMember)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMPolicyMember) DeepCopyObject

func (in *IAMPolicyMember) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMPolicyMemberList

type IAMPolicyMemberList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IAMPolicyMember `json:"items"`
}

IAMPolicyMemberList contains a list of IAMPolicyMember

func (*IAMPolicyMemberList) DeepCopy

func (in *IAMPolicyMemberList) DeepCopy() *IAMPolicyMemberList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyMemberList.

func (*IAMPolicyMemberList) DeepCopyInto

func (in *IAMPolicyMemberList) DeepCopyInto(out *IAMPolicyMemberList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMPolicyMemberList) DeepCopyObject

func (in *IAMPolicyMemberList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMPolicyMemberSpec

type IAMPolicyMemberSpec struct {
	// Immutable. Required. The GCP resource to set the IAM policy on (e.g.
	// organization, project...)
	ResourceReference ResourceReference `json:"resourceRef"`

	// Immutable. The IAM identity to be bound to the role. Exactly one of
	// 'member' or 'memberFrom' must be used.
	Member Member `json:"member,omitempty"`

	// Immutable. The IAM identity to be bound to the role. Exactly one of
	// 'member' or 'memberFrom' must be used, and only one subfield within
	// 'memberFrom' can be used.
	MemberFrom *MemberSource `json:"memberFrom,omitempty"`

	// Immutable. Required. The role for which the Member will be bound.
	// +kubebuilder:validation:Pattern=^((projects|organizations)/[^/]+/)?roles/[\w_\.]+$
	Role string `json:"role"`
	// Immutable. Optional. The condition under which the binding applies.
	Condition *IAMCondition `json:"condition,omitempty"`
}

IAMPolicyMemberSpec defines the desired state of IAMPolicyMember

func (*IAMPolicyMemberSpec) DeepCopy

func (in *IAMPolicyMemberSpec) DeepCopy() *IAMPolicyMemberSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyMemberSpec.

func (*IAMPolicyMemberSpec) DeepCopyInto

func (in *IAMPolicyMemberSpec) DeepCopyInto(out *IAMPolicyMemberSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPolicyMemberStatus

type IAMPolicyMemberStatus struct {
	// Conditions represent the latest available observations of the IAM
	// policy's current state.
	Conditions []v1alpha1.Condition `json:"conditions,omitempty"`
	// ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller.
	// If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource.
	// +optional
	ObservedGeneration int64 `json:"observedGeneration,omitempty"`
}

IAMPolicyMemberStatus defines the observed state of IAMPolicyMember

func (*IAMPolicyMemberStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyMemberStatus.

func (*IAMPolicyMemberStatus) DeepCopyInto

func (in *IAMPolicyMemberStatus) DeepCopyInto(out *IAMPolicyMemberStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPolicySpec

type IAMPolicySpec struct {
	// Immutable. Required. The GCP resource to set the IAM policy on (e.g.
	// organization, project...)
	ResourceReference ResourceReference `json:"resourceRef"`
	// Optional. The list of IAM bindings.
	Bindings []IAMPolicyBinding `json:"bindings,omitempty"`
	// Optional. The list of IAM audit configs.
	AuditConfigs []IAMPolicyAuditConfig `json:"auditConfigs,omitempty"`
	// Etag is used for concurrency control, and ensures that policies are updated consistently.
	// Note that this field is not exposed in the CRD's OpenAPI schema.
	Etag string `json:"-"`
}

IAMPolicySpec defines the desired state of IAMPolicy

func (*IAMPolicySpec) DeepCopy

func (in *IAMPolicySpec) DeepCopy() *IAMPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicySpec.

func (*IAMPolicySpec) DeepCopyInto

func (in *IAMPolicySpec) DeepCopyInto(out *IAMPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPolicyStatus

type IAMPolicyStatus struct {
	// Conditions represent the latest available observations of the IAM
	// policy's current state.
	Conditions []v1alpha1.Condition `json:"conditions,omitempty"`
	// ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller.
	// If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource.
	// +optional
	ObservedGeneration int64 `json:"observedGeneration,omitempty"`
}

IAMPolicyStatus defines the observed state of IAMPolicy

func (*IAMPolicyStatus) DeepCopy

func (in *IAMPolicyStatus) DeepCopy() *IAMPolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyStatus.

func (*IAMPolicyStatus) DeepCopyInto

func (in *IAMPolicyStatus) DeepCopyInto(out *IAMPolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Member added in v1.85.0

type Member string

type MemberReference added in v1.85.0

type MemberReference struct {
	Namespace string `json:"namespace,omitempty"`
	Name      string `json:"name"`
}

MemberReference represents a resource with an IAM identity

func (*MemberReference) DeepCopy added in v1.85.0

func (in *MemberReference) DeepCopy() *MemberReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemberReference.

func (*MemberReference) DeepCopyInto added in v1.85.0

func (in *MemberReference) DeepCopyInto(out *MemberReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MemberSource added in v1.85.0

type MemberSource struct {
	// The IAMServiceAccount to be bound to the role.
	ServiceAccountRef *MemberReference `json:"serviceAccountRef,omitempty"`

	// The LoggingLogSink whose writer identity (i.e. its
	// 'status.writerIdentity') is to be bound to the role.
	LogSinkRef *MemberReference `json:"logSinkRef,omitempty"`

	// The SQLInstance whose service account (i.e. its
	// 'status.serviceAccountEmailAddress') is to be bound to the role.
	SQLInstanceRef *MemberReference `json:"sqlInstanceRef,omitempty"`

	// The ServiceIdentity whose service account (i.e., its
	// 'status.email') is to be bound to the role.
	ServiceIdentityRef *MemberReference `json:"serviceIdentityRef,omitempty"`
}

MemberSource represents a source for an IAM identity

func (*MemberSource) DeepCopy added in v1.85.0

func (in *MemberSource) DeepCopy() *MemberSource

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MemberSource.

func (*MemberSource) DeepCopyInto added in v1.85.0

func (in *MemberSource) DeepCopyInto(out *MemberSource)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ResourceReference added in v1.85.0

type ResourceReference struct {
	Kind       string `json:"kind"`
	Namespace  string `json:"namespace,omitempty"`
	Name       string `json:"name,omitempty"`
	APIVersion string `json:"apiVersion,omitempty"`
	External   string `json:"external,omitempty"`
}

*** PLEASE READ THE FOLLOWING COMMENT BEFORE MAKING CHANGES *** This ResourceReference definition is duplicated in the scripts/generate-go-crd-clients/k8s/ directory. If you're making modifications to this definition, please make sure to modify the corresponding struct in `types.go` (IAMResourceRef), so the generated go-clients have an accurate representation of this struct. ResourceReference defines a relationship to another resource

func (*ResourceReference) DeepCopy added in v1.85.0

func (in *ResourceReference) DeepCopy() *ResourceReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ResourceReference.

func (*ResourceReference) DeepCopyInto added in v1.85.0

func (in *ResourceReference) DeepCopyInto(out *ResourceReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ResourceReference) GroupVersionKind added in v1.85.0

func (ref *ResourceReference) GroupVersionKind() schema.GroupVersionKind

func (*ResourceReference) SetGroupVersionKind added in v1.85.0

func (ref *ResourceReference) SetGroupVersionKind(gvk schema.GroupVersionKind)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL