v1beta1

package
v1.127.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 19, 2024 License: Apache-2.0 Imports: 6 Imported by: 0

Documentation

Overview

Package v1beta1 contains API Schema definitions for the iam v1beta1 API group. +k8s:openapi-gen=true +k8s:deepcopy-gen=package,register +k8s:conversion-gen=github.com/GoogleCloudPlatform/k8s-config-connector/pkg/clients/generated/pkg/apis/iam +k8s:defaulter-gen=TypeMeta +groupName=iam.cnrm.cloud.google.com

Index

Constants

This section is empty.

Variables

View Source
var (
	// SchemeGroupVersion is the group version used to register these objects.
	SchemeGroupVersion = schema.GroupVersion{Group: "iam.cnrm.cloud.google.com", Version: "v1beta1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme.
	SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}

	// AddToScheme is a global function that registers this API group & version to a scheme
	AddToScheme = SchemeBuilder.AddToScheme

	IAMAccessBoundaryPolicyGVK = schema.GroupVersionKind{
		Group:   SchemeGroupVersion.Group,
		Version: SchemeGroupVersion.Version,
		Kind:    reflect.TypeOf(IAMAccessBoundaryPolicy{}).Name(),
	}

	IAMAuditConfigGVK = schema.GroupVersionKind{
		Group:   SchemeGroupVersion.Group,
		Version: SchemeGroupVersion.Version,
		Kind:    reflect.TypeOf(IAMAuditConfig{}).Name(),
	}

	IAMCustomRoleGVK = schema.GroupVersionKind{
		Group:   SchemeGroupVersion.Group,
		Version: SchemeGroupVersion.Version,
		Kind:    reflect.TypeOf(IAMCustomRole{}).Name(),
	}

	IAMPartialPolicyGVK = schema.GroupVersionKind{
		Group:   SchemeGroupVersion.Group,
		Version: SchemeGroupVersion.Version,
		Kind:    reflect.TypeOf(IAMPartialPolicy{}).Name(),
	}

	IAMPolicyGVK = schema.GroupVersionKind{
		Group:   SchemeGroupVersion.Group,
		Version: SchemeGroupVersion.Version,
		Kind:    reflect.TypeOf(IAMPolicy{}).Name(),
	}

	IAMPolicyMemberGVK = schema.GroupVersionKind{
		Group:   SchemeGroupVersion.Group,
		Version: SchemeGroupVersion.Version,
		Kind:    reflect.TypeOf(IAMPolicyMember{}).Name(),
	}

	IAMServiceAccountGVK = schema.GroupVersionKind{
		Group:   SchemeGroupVersion.Group,
		Version: SchemeGroupVersion.Version,
		Kind:    reflect.TypeOf(IAMServiceAccount{}).Name(),
	}

	IAMServiceAccountKeyGVK = schema.GroupVersionKind{
		Group:   SchemeGroupVersion.Group,
		Version: SchemeGroupVersion.Version,
		Kind:    reflect.TypeOf(IAMServiceAccountKey{}).Name(),
	}

	IAMWorkforcePoolGVK = schema.GroupVersionKind{
		Group:   SchemeGroupVersion.Group,
		Version: SchemeGroupVersion.Version,
		Kind:    reflect.TypeOf(IAMWorkforcePool{}).Name(),
	}

	IAMWorkforcePoolProviderGVK = schema.GroupVersionKind{
		Group:   SchemeGroupVersion.Group,
		Version: SchemeGroupVersion.Version,
		Kind:    reflect.TypeOf(IAMWorkforcePoolProvider{}).Name(),
	}

	IAMWorkloadIdentityPoolGVK = schema.GroupVersionKind{
		Group:   SchemeGroupVersion.Group,
		Version: SchemeGroupVersion.Version,
		Kind:    reflect.TypeOf(IAMWorkloadIdentityPool{}).Name(),
	}

	IAMWorkloadIdentityPoolProviderGVK = schema.GroupVersionKind{
		Group:   SchemeGroupVersion.Group,
		Version: SchemeGroupVersion.Version,
		Kind:    reflect.TypeOf(IAMWorkloadIdentityPoolProvider{}).Name(),
	}
)

Functions

This section is empty.

Types

type AccessboundarypolicyAccessBoundaryRule added in v1.102.0

type AccessboundarypolicyAccessBoundaryRule struct {
	/* The availability condition further constrains the access allowed by the access boundary rule. */
	// +optional
	AvailabilityCondition *AccessboundarypolicyAvailabilityCondition `json:"availabilityCondition,omitempty"`

	/* A list of permissions that may be allowed for use on the specified resource. */
	// +optional
	AvailablePermissions []string `json:"availablePermissions,omitempty"`

	/* The full resource name of a Google Cloud resource entity. */
	// +optional
	AvailableResource *string `json:"availableResource,omitempty"`
}

func (*AccessboundarypolicyAccessBoundaryRule) DeepCopy added in v1.102.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessboundarypolicyAccessBoundaryRule.

func (*AccessboundarypolicyAccessBoundaryRule) DeepCopyInto added in v1.102.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AccessboundarypolicyAvailabilityCondition added in v1.102.0

type AccessboundarypolicyAvailabilityCondition struct {
	/* Description of the expression. This is a longer text which describes the expression,
	e.g. when hovered over it in a UI. */
	// +optional
	Description *string `json:"description,omitempty"`

	/* Textual representation of an expression in Common Expression Language syntax. */
	Expression string `json:"expression"`

	/* String indicating the location of the expression for error reporting,
	e.g. a file name and a position in the file. */
	// +optional
	Location *string `json:"location,omitempty"`

	/* Title for the expression, i.e. a short string describing its purpose.
	This can be used e.g. in UIs which allow to enter the expression. */
	// +optional
	Title *string `json:"title,omitempty"`
}

func (*AccessboundarypolicyAvailabilityCondition) DeepCopy added in v1.102.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessboundarypolicyAvailabilityCondition.

func (*AccessboundarypolicyAvailabilityCondition) DeepCopyInto added in v1.102.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AccessboundarypolicyRules added in v1.102.0

type AccessboundarypolicyRules struct {
	/* An access boundary rule in an IAM policy. */
	// +optional
	AccessBoundaryRule *AccessboundarypolicyAccessBoundaryRule `json:"accessBoundaryRule,omitempty"`

	/* The description of the rule. */
	// +optional
	Description *string `json:"description,omitempty"`
}

func (*AccessboundarypolicyRules) DeepCopy added in v1.102.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccessboundarypolicyRules.

func (*AccessboundarypolicyRules) DeepCopyInto added in v1.102.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuditconfigAuditLogConfigs

type AuditconfigAuditLogConfigs struct {
	/* Identities that do not cause logging for this type of permission. The format is the same as that for 'members' in IAMPolicy/IAMPolicyMember. */
	// +optional
	ExemptedMembers []string `json:"exemptedMembers,omitempty"`

	/* Permission type for which logging is to be configured. Must be one of 'DATA_READ', 'DATA_WRITE', or 'ADMIN_READ'. */
	LogType string `json:"logType"`
}

func (*AuditconfigAuditLogConfigs) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuditconfigAuditLogConfigs.

func (*AuditconfigAuditLogConfigs) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMAccessBoundaryPolicy added in v1.102.0

type IAMAccessBoundaryPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IAMAccessBoundaryPolicySpec   `json:"spec,omitempty"`
	Status IAMAccessBoundaryPolicyStatus `json:"status,omitempty"`
}

IAMAccessBoundaryPolicy is the Schema for the iam API +k8s:openapi-gen=true

func (*IAMAccessBoundaryPolicy) DeepCopy added in v1.102.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAccessBoundaryPolicy.

func (*IAMAccessBoundaryPolicy) DeepCopyInto added in v1.102.0

func (in *IAMAccessBoundaryPolicy) DeepCopyInto(out *IAMAccessBoundaryPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMAccessBoundaryPolicy) DeepCopyObject added in v1.102.0

func (in *IAMAccessBoundaryPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMAccessBoundaryPolicyList added in v1.102.0

type IAMAccessBoundaryPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IAMAccessBoundaryPolicy `json:"items"`
}

IAMAccessBoundaryPolicyList contains a list of IAMAccessBoundaryPolicy

func (*IAMAccessBoundaryPolicyList) DeepCopy added in v1.102.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAccessBoundaryPolicyList.

func (*IAMAccessBoundaryPolicyList) DeepCopyInto added in v1.102.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMAccessBoundaryPolicyList) DeepCopyObject added in v1.102.0

func (in *IAMAccessBoundaryPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMAccessBoundaryPolicySpec added in v1.102.0

type IAMAccessBoundaryPolicySpec struct {
	/* The display name of the rule. */
	// +optional
	DisplayName *string `json:"displayName,omitempty"`

	ProjectRef v1alpha1.ResourceRef `json:"projectRef"`

	/* Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. */
	// +optional
	ResourceID *string `json:"resourceID,omitempty"`

	/* Rules to be applied. */
	Rules []AccessboundarypolicyRules `json:"rules"`
}

func (*IAMAccessBoundaryPolicySpec) DeepCopy added in v1.102.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAccessBoundaryPolicySpec.

func (*IAMAccessBoundaryPolicySpec) DeepCopyInto added in v1.102.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMAccessBoundaryPolicyStatus added in v1.102.0

type IAMAccessBoundaryPolicyStatus struct {
	/* Conditions represent the latest available observations of the
	   IAMAccessBoundaryPolicy's current state. */
	Conditions []v1alpha1.Condition `json:"conditions,omitempty"`
	/* The hash of the resource. Used internally during updates. */
	// +optional
	Etag *string `json:"etag,omitempty"`

	/* ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. */
	// +optional
	ObservedGeneration *int64 `json:"observedGeneration,omitempty"`
}

func (*IAMAccessBoundaryPolicyStatus) DeepCopy added in v1.102.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAccessBoundaryPolicyStatus.

func (*IAMAccessBoundaryPolicyStatus) DeepCopyInto added in v1.102.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMAuditConfig

type IAMAuditConfig struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IAMAuditConfigSpec   `json:"spec,omitempty"`
	Status IAMAuditConfigStatus `json:"status,omitempty"`
}

IAMAuditConfig is the Schema for the iam API +k8s:openapi-gen=true

func (*IAMAuditConfig) DeepCopy

func (in *IAMAuditConfig) DeepCopy() *IAMAuditConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuditConfig.

func (*IAMAuditConfig) DeepCopyInto

func (in *IAMAuditConfig) DeepCopyInto(out *IAMAuditConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMAuditConfig) DeepCopyObject

func (in *IAMAuditConfig) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMAuditConfigList

type IAMAuditConfigList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IAMAuditConfig `json:"items"`
}

IAMAuditConfigList contains a list of IAMAuditConfig

func (*IAMAuditConfigList) DeepCopy

func (in *IAMAuditConfigList) DeepCopy() *IAMAuditConfigList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuditConfigList.

func (*IAMAuditConfigList) DeepCopyInto

func (in *IAMAuditConfigList) DeepCopyInto(out *IAMAuditConfigList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMAuditConfigList) DeepCopyObject

func (in *IAMAuditConfigList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMAuditConfigSpec

type IAMAuditConfigSpec struct {
	/* Required. The configuration for logging of each type of permission. */
	AuditLogConfigs []AuditconfigAuditLogConfigs `json:"auditLogConfigs"`

	/* Immutable. Required. The GCP resource to set the IAMAuditConfig on (e.g. project). */
	ResourceRef v1alpha1.IAMResourceRef `json:"resourceRef"`

	/* Immutable. Required. The service for which to enable Data Access audit logs. The special value 'allServices' covers all services. Note that if there are audit configs covering both 'allServices' and a specific service, then the union of the two audit configs is used for that service: the 'logTypes' specified in each 'auditLogConfig' are enabled, and the 'exemptedMembers' in each 'auditLogConfig' are exempted. */
	Service string `json:"service"`
}

func (*IAMAuditConfigSpec) DeepCopy

func (in *IAMAuditConfigSpec) DeepCopy() *IAMAuditConfigSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuditConfigSpec.

func (*IAMAuditConfigSpec) DeepCopyInto

func (in *IAMAuditConfigSpec) DeepCopyInto(out *IAMAuditConfigSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMAuditConfigStatus

type IAMAuditConfigStatus struct {
	/* Conditions represent the latest available observations of the
	   IAMAuditConfig's current state. */
	Conditions []v1alpha1.Condition `json:"conditions,omitempty"`
	/* ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. */
	// +optional
	ObservedGeneration *int64 `json:"observedGeneration,omitempty"`
}

func (*IAMAuditConfigStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuditConfigStatus.

func (*IAMAuditConfigStatus) DeepCopyInto

func (in *IAMAuditConfigStatus) DeepCopyInto(out *IAMAuditConfigStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMCustomRole

type IAMCustomRole struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IAMCustomRoleSpec   `json:"spec,omitempty"`
	Status IAMCustomRoleStatus `json:"status,omitempty"`
}

IAMCustomRole is the Schema for the iam API +k8s:openapi-gen=true

func (*IAMCustomRole) DeepCopy

func (in *IAMCustomRole) DeepCopy() *IAMCustomRole

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMCustomRole.

func (*IAMCustomRole) DeepCopyInto

func (in *IAMCustomRole) DeepCopyInto(out *IAMCustomRole)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMCustomRole) DeepCopyObject

func (in *IAMCustomRole) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMCustomRoleList

type IAMCustomRoleList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IAMCustomRole `json:"items"`
}

IAMCustomRoleList contains a list of IAMCustomRole

func (*IAMCustomRoleList) DeepCopy

func (in *IAMCustomRoleList) DeepCopy() *IAMCustomRoleList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMCustomRoleList.

func (*IAMCustomRoleList) DeepCopyInto

func (in *IAMCustomRoleList) DeepCopyInto(out *IAMCustomRoleList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMCustomRoleList) DeepCopyObject

func (in *IAMCustomRoleList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMCustomRoleSpec

type IAMCustomRoleSpec struct {
	/* A human-readable description for the role. */
	// +optional
	Description *string `json:"description,omitempty"`

	/* The names of the permissions this role grants when bound in an IAM policy. At least one permission must be specified. */
	Permissions []string `json:"permissions"`

	/* Immutable. Optional. The roleId of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. */
	// +optional
	ResourceID *string `json:"resourceID,omitempty"`

	/* The current launch stage of the role. Defaults to GA. */
	// +optional
	Stage *string `json:"stage,omitempty"`

	/* A human-readable title for the role. */
	Title string `json:"title"`
}

func (*IAMCustomRoleSpec) DeepCopy

func (in *IAMCustomRoleSpec) DeepCopy() *IAMCustomRoleSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMCustomRoleSpec.

func (*IAMCustomRoleSpec) DeepCopyInto

func (in *IAMCustomRoleSpec) DeepCopyInto(out *IAMCustomRoleSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMCustomRoleStatus

type IAMCustomRoleStatus struct {
	/* Conditions represent the latest available observations of the
	   IAMCustomRole's current state. */
	Conditions []v1alpha1.Condition `json:"conditions,omitempty"`
	/* The current deleted state of the role. */
	// +optional
	Deleted *bool `json:"deleted,omitempty"`

	/* The full name of the role. */
	// +optional
	Name *string `json:"name,omitempty"`

	/* ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. */
	// +optional
	ObservedGeneration *int64 `json:"observedGeneration,omitempty"`
}

func (*IAMCustomRoleStatus) DeepCopy

func (in *IAMCustomRoleStatus) DeepCopy() *IAMCustomRoleStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMCustomRoleStatus.

func (*IAMCustomRoleStatus) DeepCopyInto

func (in *IAMCustomRoleStatus) DeepCopyInto(out *IAMCustomRoleStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPartialPolicy

type IAMPartialPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IAMPartialPolicySpec   `json:"spec,omitempty"`
	Status IAMPartialPolicyStatus `json:"status,omitempty"`
}

IAMPartialPolicy is the Schema for the iam API +k8s:openapi-gen=true

func (*IAMPartialPolicy) DeepCopy

func (in *IAMPartialPolicy) DeepCopy() *IAMPartialPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPartialPolicy.

func (*IAMPartialPolicy) DeepCopyInto

func (in *IAMPartialPolicy) DeepCopyInto(out *IAMPartialPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMPartialPolicy) DeepCopyObject

func (in *IAMPartialPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMPartialPolicyList

type IAMPartialPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IAMPartialPolicy `json:"items"`
}

IAMPartialPolicyList contains a list of IAMPartialPolicy

func (*IAMPartialPolicyList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPartialPolicyList.

func (*IAMPartialPolicyList) DeepCopyInto

func (in *IAMPartialPolicyList) DeepCopyInto(out *IAMPartialPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMPartialPolicyList) DeepCopyObject

func (in *IAMPartialPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMPartialPolicySpec

type IAMPartialPolicySpec struct {
	/* Optional. The list of IAM bindings managed by Config Connector. */
	// +optional
	Bindings []PartialpolicyBindings `json:"bindings,omitempty"`

	/* Immutable. Required. The GCP resource to set the IAM policy on. */
	ResourceRef v1alpha1.IAMResourceRef `json:"resourceRef"`
}

func (*IAMPartialPolicySpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPartialPolicySpec.

func (*IAMPartialPolicySpec) DeepCopyInto

func (in *IAMPartialPolicySpec) DeepCopyInto(out *IAMPartialPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPartialPolicyStatus

type IAMPartialPolicyStatus struct {
	/* Conditions represent the latest available observations of the
	   IAMPartialPolicy's current state. */
	Conditions []v1alpha1.Condition `json:"conditions,omitempty"`
	/* AllBindings surfaces all IAM bindings for the referenced resource. */
	// +optional
	AllBindings []PartialpolicyAllBindingsStatus `json:"allBindings,omitempty"`

	/* LastAppliedBindings is the list of IAM bindings that were most recently applied by Config Connector. */
	// +optional
	LastAppliedBindings []PartialpolicyLastAppliedBindingsStatus `json:"lastAppliedBindings,omitempty"`

	/* ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. */
	// +optional
	ObservedGeneration *int64 `json:"observedGeneration,omitempty"`
}

func (*IAMPartialPolicyStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPartialPolicyStatus.

func (*IAMPartialPolicyStatus) DeepCopyInto

func (in *IAMPartialPolicyStatus) DeepCopyInto(out *IAMPartialPolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPolicy

type IAMPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IAMPolicySpec   `json:"spec,omitempty"`
	Status IAMPolicyStatus `json:"status,omitempty"`
}

IAMPolicy is the Schema for the iam API +k8s:openapi-gen=true

func (*IAMPolicy) DeepCopy

func (in *IAMPolicy) DeepCopy() *IAMPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicy.

func (*IAMPolicy) DeepCopyInto

func (in *IAMPolicy) DeepCopyInto(out *IAMPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMPolicy) DeepCopyObject

func (in *IAMPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMPolicyList

type IAMPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IAMPolicy `json:"items"`
}

IAMPolicyList contains a list of IAMPolicy

func (*IAMPolicyList) DeepCopy

func (in *IAMPolicyList) DeepCopy() *IAMPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyList.

func (*IAMPolicyList) DeepCopyInto

func (in *IAMPolicyList) DeepCopyInto(out *IAMPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMPolicyList) DeepCopyObject

func (in *IAMPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMPolicyMember

type IAMPolicyMember struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IAMPolicyMemberSpec   `json:"spec,omitempty"`
	Status IAMPolicyMemberStatus `json:"status,omitempty"`
}

IAMPolicyMember is the Schema for the iam API +k8s:openapi-gen=true

func (*IAMPolicyMember) DeepCopy

func (in *IAMPolicyMember) DeepCopy() *IAMPolicyMember

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyMember.

func (*IAMPolicyMember) DeepCopyInto

func (in *IAMPolicyMember) DeepCopyInto(out *IAMPolicyMember)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMPolicyMember) DeepCopyObject

func (in *IAMPolicyMember) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMPolicyMemberList

type IAMPolicyMemberList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IAMPolicyMember `json:"items"`
}

IAMPolicyMemberList contains a list of IAMPolicyMember

func (*IAMPolicyMemberList) DeepCopy

func (in *IAMPolicyMemberList) DeepCopy() *IAMPolicyMemberList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyMemberList.

func (*IAMPolicyMemberList) DeepCopyInto

func (in *IAMPolicyMemberList) DeepCopyInto(out *IAMPolicyMemberList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMPolicyMemberList) DeepCopyObject

func (in *IAMPolicyMemberList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMPolicyMemberSpec

type IAMPolicyMemberSpec struct {
	/* Immutable. Optional. The condition under which the binding applies. */
	// +optional
	Condition *PolicymemberCondition `json:"condition,omitempty"`

	/* Immutable. The IAM identity to be bound to the role. Exactly one of 'member' or 'memberFrom' must be used. */
	// +optional
	Member *string `json:"member,omitempty"`

	/* Immutable. The IAM identity to be bound to the role. Exactly one of 'member' or 'memberFrom' must be used, and only one subfield within 'memberFrom' can be used. */
	// +optional
	MemberFrom *PolicymemberMemberFrom `json:"memberFrom,omitempty"`

	/* Immutable. Required. The GCP resource to set the IAM policy on. */
	ResourceRef v1alpha1.IAMResourceRef `json:"resourceRef"`

	/* Immutable. Required. The role for which the Member will be bound. */
	Role string `json:"role"`
}

func (*IAMPolicyMemberSpec) DeepCopy

func (in *IAMPolicyMemberSpec) DeepCopy() *IAMPolicyMemberSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyMemberSpec.

func (*IAMPolicyMemberSpec) DeepCopyInto

func (in *IAMPolicyMemberSpec) DeepCopyInto(out *IAMPolicyMemberSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPolicyMemberStatus

type IAMPolicyMemberStatus struct {
	/* Conditions represent the latest available observations of the
	   IAMPolicyMember's current state. */
	Conditions []v1alpha1.Condition `json:"conditions,omitempty"`
	/* ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. */
	// +optional
	ObservedGeneration *int64 `json:"observedGeneration,omitempty"`
}

func (*IAMPolicyMemberStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyMemberStatus.

func (*IAMPolicyMemberStatus) DeepCopyInto

func (in *IAMPolicyMemberStatus) DeepCopyInto(out *IAMPolicyMemberStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPolicySpec

type IAMPolicySpec struct {
	/* Optional. The list of IAM audit configs. */
	// +optional
	AuditConfigs []PolicyAuditConfigs `json:"auditConfigs,omitempty"`

	/* Optional. The list of IAM bindings. */
	// +optional
	Bindings []PolicyBindings `json:"bindings,omitempty"`

	/* Immutable. Required. The GCP resource to set the IAM policy on. */
	ResourceRef v1alpha1.IAMResourceRef `json:"resourceRef"`
}

func (*IAMPolicySpec) DeepCopy

func (in *IAMPolicySpec) DeepCopy() *IAMPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicySpec.

func (*IAMPolicySpec) DeepCopyInto

func (in *IAMPolicySpec) DeepCopyInto(out *IAMPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMPolicyStatus

type IAMPolicyStatus struct {
	/* Conditions represent the latest available observations of the
	   IAMPolicy's current state. */
	Conditions []v1alpha1.Condition `json:"conditions,omitempty"`
	/* ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. */
	// +optional
	ObservedGeneration *int64 `json:"observedGeneration,omitempty"`
}

func (*IAMPolicyStatus) DeepCopy

func (in *IAMPolicyStatus) DeepCopy() *IAMPolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMPolicyStatus.

func (*IAMPolicyStatus) DeepCopyInto

func (in *IAMPolicyStatus) DeepCopyInto(out *IAMPolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMServiceAccount

type IAMServiceAccount struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IAMServiceAccountSpec   `json:"spec,omitempty"`
	Status IAMServiceAccountStatus `json:"status,omitempty"`
}

IAMServiceAccount is the Schema for the iam API +k8s:openapi-gen=true

func (*IAMServiceAccount) DeepCopy

func (in *IAMServiceAccount) DeepCopy() *IAMServiceAccount

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMServiceAccount.

func (*IAMServiceAccount) DeepCopyInto

func (in *IAMServiceAccount) DeepCopyInto(out *IAMServiceAccount)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMServiceAccount) DeepCopyObject

func (in *IAMServiceAccount) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMServiceAccountKey

type IAMServiceAccountKey struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IAMServiceAccountKeySpec   `json:"spec,omitempty"`
	Status IAMServiceAccountKeyStatus `json:"status,omitempty"`
}

IAMServiceAccountKey is the Schema for the iam API +k8s:openapi-gen=true

func (*IAMServiceAccountKey) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMServiceAccountKey.

func (*IAMServiceAccountKey) DeepCopyInto

func (in *IAMServiceAccountKey) DeepCopyInto(out *IAMServiceAccountKey)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMServiceAccountKey) DeepCopyObject

func (in *IAMServiceAccountKey) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMServiceAccountKeyList

type IAMServiceAccountKeyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IAMServiceAccountKey `json:"items"`
}

IAMServiceAccountKeyList contains a list of IAMServiceAccountKey

func (*IAMServiceAccountKeyList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMServiceAccountKeyList.

func (*IAMServiceAccountKeyList) DeepCopyInto

func (in *IAMServiceAccountKeyList) DeepCopyInto(out *IAMServiceAccountKeyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMServiceAccountKeyList) DeepCopyObject

func (in *IAMServiceAccountKeyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMServiceAccountKeySpec

type IAMServiceAccountKeySpec struct {
	/* Immutable. The algorithm used to generate the key, used only on create. KEY_ALG_RSA_2048 is the default algorithm. Valid values are: "KEY_ALG_RSA_1024", "KEY_ALG_RSA_2048". */
	// +optional
	KeyAlgorithm *string `json:"keyAlgorithm,omitempty"`

	/* Immutable. */
	// +optional
	PrivateKeyType *string `json:"privateKeyType,omitempty"`

	/* Immutable. A field that allows clients to upload their own public key. If set, use this public key data to create a service account key for given service account. Please note, the expected format for this field is a base64 encoded X509_PEM. */
	// +optional
	PublicKeyData *string `json:"publicKeyData,omitempty"`

	/* Immutable. */
	// +optional
	PublicKeyType *string `json:"publicKeyType,omitempty"`

	ServiceAccountRef v1alpha1.ResourceRef `json:"serviceAccountRef"`
}

func (*IAMServiceAccountKeySpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMServiceAccountKeySpec.

func (*IAMServiceAccountKeySpec) DeepCopyInto

func (in *IAMServiceAccountKeySpec) DeepCopyInto(out *IAMServiceAccountKeySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMServiceAccountKeyStatus

type IAMServiceAccountKeyStatus struct {
	/* Conditions represent the latest available observations of the
	   IAMServiceAccountKey's current state. */
	Conditions []v1alpha1.Condition `json:"conditions,omitempty"`
	/* Immutable. The name used for this key pair. */
	// +optional
	Name *string `json:"name,omitempty"`

	/* ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. */
	// +optional
	ObservedGeneration *int64 `json:"observedGeneration,omitempty"`

	/* The private key in JSON format, base64 encoded. This is what you normally get as a file when creating service account keys through the CLI or web console. This is only populated when creating a new key. */
	// +optional
	PrivateKey *string `json:"privateKey,omitempty"`

	/* Immutable. The public key, base64 encoded. */
	// +optional
	PublicKey *string `json:"publicKey,omitempty"`

	/* The key can be used after this timestamp. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z". */
	// +optional
	ValidAfter *string `json:"validAfter,omitempty"`

	/* The key can be used before this timestamp. A timestamp in RFC3339 UTC "Zulu" format, accurate to nanoseconds. Example: "2014-10-02T15:01:23.045123456Z". */
	// +optional
	ValidBefore *string `json:"validBefore,omitempty"`
}

func (*IAMServiceAccountKeyStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMServiceAccountKeyStatus.

func (*IAMServiceAccountKeyStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMServiceAccountList

type IAMServiceAccountList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IAMServiceAccount `json:"items"`
}

IAMServiceAccountList contains a list of IAMServiceAccount

func (*IAMServiceAccountList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMServiceAccountList.

func (*IAMServiceAccountList) DeepCopyInto

func (in *IAMServiceAccountList) DeepCopyInto(out *IAMServiceAccountList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMServiceAccountList) DeepCopyObject

func (in *IAMServiceAccountList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMServiceAccountSpec

type IAMServiceAccountSpec struct {
	/* A text description of the service account. Must be less than or equal to 256 UTF-8 bytes. */
	// +optional
	Description *string `json:"description,omitempty"`

	/* Whether the service account is disabled. Defaults to false. */
	// +optional
	Disabled *bool `json:"disabled,omitempty"`

	/* The display name for the service account. Can be updated without creating a new resource. */
	// +optional
	DisplayName *string `json:"displayName,omitempty"`

	/* Immutable. Optional. The accountId of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. */
	// +optional
	ResourceID *string `json:"resourceID,omitempty"`
}

func (*IAMServiceAccountSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMServiceAccountSpec.

func (*IAMServiceAccountSpec) DeepCopyInto

func (in *IAMServiceAccountSpec) DeepCopyInto(out *IAMServiceAccountSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMServiceAccountStatus

type IAMServiceAccountStatus struct {
	/* Conditions represent the latest available observations of the
	   IAMServiceAccount's current state. */
	Conditions []v1alpha1.Condition `json:"conditions,omitempty"`
	/* The e-mail address of the service account. This value should be referenced from any google_iam_policy data sources that would grant the service account privileges. */
	// +optional
	Email *string `json:"email,omitempty"`

	/* The Identity of the service account in the form 'serviceAccount:{email}'. This value is often used to refer to the service account in order to grant IAM permissions. */
	// +optional
	Member *string `json:"member,omitempty"`

	/* The fully-qualified name of the service account. */
	// +optional
	Name *string `json:"name,omitempty"`

	/* ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. */
	// +optional
	ObservedGeneration *int64 `json:"observedGeneration,omitempty"`

	/* The unique id of the service account. */
	// +optional
	UniqueId *string `json:"uniqueId,omitempty"`
}

func (*IAMServiceAccountStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMServiceAccountStatus.

func (*IAMServiceAccountStatus) DeepCopyInto

func (in *IAMServiceAccountStatus) DeepCopyInto(out *IAMServiceAccountStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMWorkforcePool added in v1.91.0

type IAMWorkforcePool struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IAMWorkforcePoolSpec   `json:"spec,omitempty"`
	Status IAMWorkforcePoolStatus `json:"status,omitempty"`
}

IAMWorkforcePool is the Schema for the iam API +k8s:openapi-gen=true

func (*IAMWorkforcePool) DeepCopy added in v1.91.0

func (in *IAMWorkforcePool) DeepCopy() *IAMWorkforcePool

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMWorkforcePool.

func (*IAMWorkforcePool) DeepCopyInto added in v1.91.0

func (in *IAMWorkforcePool) DeepCopyInto(out *IAMWorkforcePool)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMWorkforcePool) DeepCopyObject added in v1.91.0

func (in *IAMWorkforcePool) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMWorkforcePoolList added in v1.91.0

type IAMWorkforcePoolList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IAMWorkforcePool `json:"items"`
}

IAMWorkforcePoolList contains a list of IAMWorkforcePool

func (*IAMWorkforcePoolList) DeepCopy added in v1.91.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMWorkforcePoolList.

func (*IAMWorkforcePoolList) DeepCopyInto added in v1.91.0

func (in *IAMWorkforcePoolList) DeepCopyInto(out *IAMWorkforcePoolList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMWorkforcePoolList) DeepCopyObject added in v1.91.0

func (in *IAMWorkforcePoolList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMWorkforcePoolProvider added in v1.92.0

type IAMWorkforcePoolProvider struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IAMWorkforcePoolProviderSpec   `json:"spec,omitempty"`
	Status IAMWorkforcePoolProviderStatus `json:"status,omitempty"`
}

IAMWorkforcePoolProvider is the Schema for the iam API +k8s:openapi-gen=true

func (*IAMWorkforcePoolProvider) DeepCopy added in v1.92.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMWorkforcePoolProvider.

func (*IAMWorkforcePoolProvider) DeepCopyInto added in v1.92.0

func (in *IAMWorkforcePoolProvider) DeepCopyInto(out *IAMWorkforcePoolProvider)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMWorkforcePoolProvider) DeepCopyObject added in v1.92.0

func (in *IAMWorkforcePoolProvider) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMWorkforcePoolProviderList added in v1.92.0

type IAMWorkforcePoolProviderList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IAMWorkforcePoolProvider `json:"items"`
}

IAMWorkforcePoolProviderList contains a list of IAMWorkforcePoolProvider

func (*IAMWorkforcePoolProviderList) DeepCopy added in v1.92.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMWorkforcePoolProviderList.

func (*IAMWorkforcePoolProviderList) DeepCopyInto added in v1.92.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMWorkforcePoolProviderList) DeepCopyObject added in v1.92.0

func (in *IAMWorkforcePoolProviderList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMWorkforcePoolProviderSpec added in v1.92.0

type IAMWorkforcePoolProviderSpec struct {
	/* A [Common Expression Language](https://opensource.google/projects/cel) expression, in plain text, to restrict what otherwise valid authentication credentials issued by the provider should not be accepted. The expression must output a boolean representing whether to allow the federation. The following keywords may be referenced in the expressions: * `assertion`: JSON representing the authentication credential issued by the provider. * `google`: The Google attributes mapped from the assertion in the `attribute_mappings`. `google.profile_photo` and `google.display_name` are not supported. * `attribute`: The custom attributes mapped from the assertion in the `attribute_mappings`. The maximum length of the attribute condition expression is 4096 characters. If unspecified, all valid authentication credentials will be accepted. The following example shows how to only allow credentials with a mapped `google.groups` value of `admins`: “` "'admins' in google.groups" “` */
	// +optional
	AttributeCondition *string `json:"attributeCondition,omitempty"`

	/* Required. Maps attributes from the authentication credentials issued by an external identity provider to Google Cloud attributes, such as `subject` and `segment`. Each key must be a string specifying the Google Cloud IAM attribute to map to. The following keys are supported: * `google.subject`: The principal IAM is authenticating. You can reference this value in IAM bindings. This is also the subject that appears in Cloud Logging logs. This is a required field and the mapped subject cannot exceed 127 bytes. * `google.groups`: Groups the authenticating user belongs to. You can grant groups access to resources using an IAM `principalSet` binding; access applies to all members of the group. * `google.display_name`: The name of the authenticated user. This is an optional field and the mapped display name cannot exceed 100 bytes. If not set, `google.subject` will be displayed instead. This attribute cannot be referenced in IAM bindings. * `google.profile_photo`: The URL that specifies the authenticated user's thumbnail photo. This is an optional field. When set, the image will be visible as the user's profile picture. If not set, a generic user icon will be displayed instead. This attribute cannot be referenced in IAM bindings. You can also provide custom attributes by specifying `attribute.{custom_attribute}`, where {custom_attribute} is the name of the custom attribute to be mapped. You can define a maximum of 50 custom attributes. The maximum length of a mapped attribute key is 100 characters, and the key may only contain the characters [a-z0-9_]. You can reference these attributes in IAM policies to define fine-grained access for a workforce pool to Google Cloud resources. For example: */
	AttributeMapping map[string]string `json:"attributeMapping"`

	/* A user-specified description of the provider. Cannot exceed 256 characters. */
	// +optional
	Description *string `json:"description,omitempty"`

	/* Whether the provider is disabled. You cannot use a disabled provider to exchange tokens. However, existing tokens still grant access. */
	// +optional
	Disabled *bool `json:"disabled,omitempty"`

	/* A user-specified display name for the provider. Cannot exceed 32 characters. */
	// +optional
	DisplayName *string `json:"displayName,omitempty"`

	/* Immutable. The location for the resource */
	Location string `json:"location"`

	/* An OpenId Connect 1.0 identity provider configuration. */
	// +optional
	Oidc *WorkforcepoolproviderOidc `json:"oidc,omitempty"`

	/* Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. */
	// +optional
	ResourceID *string `json:"resourceID,omitempty"`

	/* A SAML identity provider configuration. */
	// +optional
	Saml *WorkforcepoolproviderSaml `json:"saml,omitempty"`

	/* Immutable. */
	WorkforcePoolRef v1alpha1.ResourceRef `json:"workforcePoolRef"`
}

func (*IAMWorkforcePoolProviderSpec) DeepCopy added in v1.92.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMWorkforcePoolProviderSpec.

func (*IAMWorkforcePoolProviderSpec) DeepCopyInto added in v1.92.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMWorkforcePoolProviderStatus added in v1.92.0

type IAMWorkforcePoolProviderStatus struct {
	/* Conditions represent the latest available observations of the
	   IAMWorkforcePoolProvider's current state. */
	Conditions []v1alpha1.Condition `json:"conditions,omitempty"`
	/* ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. */
	// +optional
	ObservedGeneration *int64 `json:"observedGeneration,omitempty"`

	// +optional
	Oidc *WorkforcepoolproviderOidcStatus `json:"oidc,omitempty"`

	/* Output only. The state of the provider. Possible values: STATE_UNSPECIFIED, ACTIVE, DELETED */
	// +optional
	State *string `json:"state,omitempty"`
}

func (*IAMWorkforcePoolProviderStatus) DeepCopy added in v1.92.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMWorkforcePoolProviderStatus.

func (*IAMWorkforcePoolProviderStatus) DeepCopyInto added in v1.92.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMWorkforcePoolSpec added in v1.91.0

type IAMWorkforcePoolSpec struct {
	/* A user-specified description of the pool. Cannot exceed 256 characters. */
	// +optional
	Description *string `json:"description,omitempty"`

	/* Whether the pool is disabled. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access again. */
	// +optional
	Disabled *bool `json:"disabled,omitempty"`

	/* A user-specified display name of the pool in Google Cloud Console. Cannot exceed 32 characters. */
	// +optional
	DisplayName *string `json:"displayName,omitempty"`

	/* Immutable. The location for the resource */
	Location string `json:"location"`

	/* Immutable. The Organization that this resource belongs to. Only one of [organizationRef] may be specified. */
	OrganizationRef v1alpha1.ResourceRef `json:"organizationRef"`

	/* Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. */
	// +optional
	ResourceID *string `json:"resourceID,omitempty"`

	/* How long the Google Cloud access tokens, console sign-in sessions, and gcloud sign-in sessions from this pool are valid. Must be greater than 15 minutes (900s) and less than 12 hours (43200s). If `session_duration` is not configured, minted credentials will have a default duration of one hour (3600s). */
	// +optional
	SessionDuration *string `json:"sessionDuration,omitempty"`
}

func (*IAMWorkforcePoolSpec) DeepCopy added in v1.91.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMWorkforcePoolSpec.

func (*IAMWorkforcePoolSpec) DeepCopyInto added in v1.91.0

func (in *IAMWorkforcePoolSpec) DeepCopyInto(out *IAMWorkforcePoolSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMWorkforcePoolStatus added in v1.91.0

type IAMWorkforcePoolStatus struct {
	/* Conditions represent the latest available observations of the
	   IAMWorkforcePool's current state. */
	Conditions []v1alpha1.Condition `json:"conditions,omitempty"`
	/* ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. */
	// +optional
	ObservedGeneration *int64 `json:"observedGeneration,omitempty"`

	/* Output only. The resource name of the pool. Format: `locations/{location}/workforcePools/{workforce_pool_id}` */
	// +optional
	SelfLink *string `json:"selfLink,omitempty"`

	/* Output only. The state of the pool. Possible values: STATE_UNSPECIFIED, ACTIVE, DELETED */
	// +optional
	State *string `json:"state,omitempty"`
}

func (*IAMWorkforcePoolStatus) DeepCopy added in v1.91.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMWorkforcePoolStatus.

func (*IAMWorkforcePoolStatus) DeepCopyInto added in v1.91.0

func (in *IAMWorkforcePoolStatus) DeepCopyInto(out *IAMWorkforcePoolStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMWorkloadIdentityPool

type IAMWorkloadIdentityPool struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IAMWorkloadIdentityPoolSpec   `json:"spec,omitempty"`
	Status IAMWorkloadIdentityPoolStatus `json:"status,omitempty"`
}

IAMWorkloadIdentityPool is the Schema for the iam API +k8s:openapi-gen=true

func (*IAMWorkloadIdentityPool) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMWorkloadIdentityPool.

func (*IAMWorkloadIdentityPool) DeepCopyInto

func (in *IAMWorkloadIdentityPool) DeepCopyInto(out *IAMWorkloadIdentityPool)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMWorkloadIdentityPool) DeepCopyObject

func (in *IAMWorkloadIdentityPool) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMWorkloadIdentityPoolList

type IAMWorkloadIdentityPoolList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IAMWorkloadIdentityPool `json:"items"`
}

IAMWorkloadIdentityPoolList contains a list of IAMWorkloadIdentityPool

func (*IAMWorkloadIdentityPoolList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMWorkloadIdentityPoolList.

func (*IAMWorkloadIdentityPoolList) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMWorkloadIdentityPoolList) DeepCopyObject

func (in *IAMWorkloadIdentityPoolList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMWorkloadIdentityPoolProvider

type IAMWorkloadIdentityPoolProvider struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IAMWorkloadIdentityPoolProviderSpec   `json:"spec,omitempty"`
	Status IAMWorkloadIdentityPoolProviderStatus `json:"status,omitempty"`
}

IAMWorkloadIdentityPoolProvider is the Schema for the iam API +k8s:openapi-gen=true

func (*IAMWorkloadIdentityPoolProvider) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMWorkloadIdentityPoolProvider.

func (*IAMWorkloadIdentityPoolProvider) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMWorkloadIdentityPoolProvider) DeepCopyObject

func (in *IAMWorkloadIdentityPoolProvider) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMWorkloadIdentityPoolProviderList

type IAMWorkloadIdentityPoolProviderList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []IAMWorkloadIdentityPoolProvider `json:"items"`
}

IAMWorkloadIdentityPoolProviderList contains a list of IAMWorkloadIdentityPoolProvider

func (*IAMWorkloadIdentityPoolProviderList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMWorkloadIdentityPoolProviderList.

func (*IAMWorkloadIdentityPoolProviderList) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IAMWorkloadIdentityPoolProviderList) DeepCopyObject

func (in *IAMWorkloadIdentityPoolProviderList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IAMWorkloadIdentityPoolProviderSpec

type IAMWorkloadIdentityPoolProviderSpec struct {
	/* [A Common Expression Language](https://opensource.google/projects/cel) expression, in plain text, to restrict what otherwise valid authentication credentials issued by the provider should not be accepted. The expression must output a boolean representing whether to allow the federation. The following keywords may be referenced in the expressions: * `assertion`: JSON representing the authentication credential issued by the provider. * `google`: The Google attributes mapped from the assertion in the `attribute_mappings`. * `attribute`: The custom attributes mapped from the assertion in the `attribute_mappings`. The maximum length of the attribute condition expression is 4096 characters. If unspecified, all valid authentication credential are accepted. The following example shows how to only allow credentials with a mapped `google.groups` value of `admins`: “` "'admins' in google.groups" “` */
	// +optional
	AttributeCondition *string `json:"attributeCondition,omitempty"`

	/* Maps attributes from authentication credentials issued by an external identity provider to Google Cloud attributes, such as `subject` and `segment`. Each key must be a string specifying the Google Cloud IAM attribute to map to. The following keys are supported: * `google.subject`: The principal IAM is authenticating. You can reference this value in IAM bindings. This is also the subject that appears in Cloud Logging logs. Cannot exceed 127 characters. * `google.groups`: Groups the external identity belongs to. You can grant groups access to resources using an IAM `principalSet` binding; access applies to all members of the group. You can also provide custom attributes by specifying `attribute.{custom_attribute}`, where `{custom_attribute}` is the name of the custom attribute to be mapped. You can define a maximum of 50 custom attributes. The maximum length of a mapped attribute key is 100 characters, and the key may only contain the characters [a-z0-9_]. You can reference these attributes in IAM policies to define fine-grained access for a workload to Google Cloud resources. For example: * `google.subject`: `principal://iam.googleapis.com/projects/{project}/locations/{location}/workloadIdentityPools/{pool}/subject/{value}` * `google.groups`: `principalSet://iam.googleapis.com/projects/{project}/locations/{location}/workloadIdentityPools/{pool}/group/{value}` * `attribute.{custom_attribute}`: `principalSet://iam.googleapis.com/projects/{project}/locations/{location}/workloadIdentityPools/{pool}/attribute.{custom_attribute}/{value}` Each value must be a [Common Expression Language] (https://opensource.google/projects/cel) function that maps an identity provider credential to the normalized attribute specified by the corresponding map key. You can use the `assertion` keyword in the expression to access a JSON representation of the authentication credential issued by the provider. The maximum length of an attribute mapping expression is 2048 characters. When evaluated, the total size of all mapped attributes must not exceed 8KB. For AWS providers, if no attribute mapping is defined, the following default mapping applies: “` { "google.subject":"assertion.arn", "attribute.aws_role": "assertion.arn.contains('assumed-role')" " ? assertion.arn.extract('{account_arn}assumed-role/')" " + 'assumed-role/'" " + assertion.arn.extract('assumed-role/{role_name}/')" " : assertion.arn", } “` If any custom attribute mappings are defined, they must include a mapping to the `google.subject` attribute. For OIDC providers, you must supply a custom mapping, which must include the `google.subject` attribute. For example, the following maps the `sub` claim of the incoming credential to the `subject` attribute on a Google token: “` {"google.subject": "assertion.sub"} “` */
	// +optional
	AttributeMapping map[string]string `json:"attributeMapping,omitempty"`

	/* An Amazon Web Services identity provider. */
	// +optional
	Aws *WorkloadidentitypoolproviderAws `json:"aws,omitempty"`

	/* A description for the provider. Cannot exceed 256 characters. */
	// +optional
	Description *string `json:"description,omitempty"`

	/* Whether the provider is disabled. You cannot use a disabled provider to exchange tokens. However, existing tokens still grant access. */
	// +optional
	Disabled *bool `json:"disabled,omitempty"`

	/* A display name for the provider. Cannot exceed 32 characters. */
	// +optional
	DisplayName *string `json:"displayName,omitempty"`

	/* Immutable. The location for the resource */
	Location string `json:"location"`

	/* An OpenId Connect 1.0 identity provider. */
	// +optional
	Oidc *WorkloadidentitypoolproviderOidc `json:"oidc,omitempty"`

	/* Immutable. The Project that this resource belongs to. */
	ProjectRef v1alpha1.ResourceRef `json:"projectRef"`

	/* Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. */
	// +optional
	ResourceID *string `json:"resourceID,omitempty"`

	/* Immutable. */
	WorkloadIdentityPoolRef v1alpha1.ResourceRef `json:"workloadIdentityPoolRef"`
}

func (*IAMWorkloadIdentityPoolProviderSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMWorkloadIdentityPoolProviderSpec.

func (*IAMWorkloadIdentityPoolProviderSpec) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMWorkloadIdentityPoolProviderStatus

type IAMWorkloadIdentityPoolProviderStatus struct {
	/* Conditions represent the latest available observations of the
	   IAMWorkloadIdentityPoolProvider's current state. */
	Conditions []v1alpha1.Condition `json:"conditions,omitempty"`
	/* ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. */
	// +optional
	ObservedGeneration *int64 `json:"observedGeneration,omitempty"`

	/* Output only. The state of the provider. Possible values: STATE_UNSPECIFIED, ACTIVE, DELETED */
	// +optional
	State *string `json:"state,omitempty"`
}

func (*IAMWorkloadIdentityPoolProviderStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMWorkloadIdentityPoolProviderStatus.

func (*IAMWorkloadIdentityPoolProviderStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMWorkloadIdentityPoolSpec

type IAMWorkloadIdentityPoolSpec struct {
	/* A description of the pool. Cannot exceed 256 characters. */
	// +optional
	Description *string `json:"description,omitempty"`

	/* Whether the pool is disabled. You cannot use a disabled pool to exchange tokens, or use existing tokens to access resources. If the pool is re-enabled, existing tokens grant access again. */
	// +optional
	Disabled *bool `json:"disabled,omitempty"`

	/* A display name for the pool. Cannot exceed 32 characters. */
	// +optional
	DisplayName *string `json:"displayName,omitempty"`

	/* Immutable. The location for the resource */
	Location string `json:"location"`

	/* Immutable. The Project that this resource belongs to. */
	ProjectRef v1alpha1.ResourceRef `json:"projectRef"`

	/* Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. */
	// +optional
	ResourceID *string `json:"resourceID,omitempty"`
}

func (*IAMWorkloadIdentityPoolSpec) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMWorkloadIdentityPoolSpec.

func (*IAMWorkloadIdentityPoolSpec) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMWorkloadIdentityPoolStatus

type IAMWorkloadIdentityPoolStatus struct {
	/* Conditions represent the latest available observations of the
	   IAMWorkloadIdentityPool's current state. */
	Conditions []v1alpha1.Condition `json:"conditions,omitempty"`
	/* ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource. */
	// +optional
	ObservedGeneration *int64 `json:"observedGeneration,omitempty"`

	/* Output only. The state of the pool. Possible values: STATE_UNSPECIFIED, ACTIVE, DELETED */
	// +optional
	State *string `json:"state,omitempty"`
}

func (*IAMWorkloadIdentityPoolStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMWorkloadIdentityPoolStatus.

func (*IAMWorkloadIdentityPoolStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PartialpolicyAllBindingsStatus

type PartialpolicyAllBindingsStatus struct {
	/* Optional. The condition under which the binding applies. */
	// +optional
	Condition *PartialpolicyConditionStatus `json:"condition,omitempty"`

	/* Optional. The list of IAM users to be bound to the role. */
	// +optional
	Members []string `json:"members,omitempty"`

	/* Required. The role to bind the users to. */
	Role string `json:"role"`
}

func (*PartialpolicyAllBindingsStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PartialpolicyAllBindingsStatus.

func (*PartialpolicyAllBindingsStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PartialpolicyBindings

type PartialpolicyBindings struct {
	/* Optional. The condition under which the binding applies. */
	// +optional
	Condition *PartialpolicyCondition `json:"condition,omitempty"`

	/* Optional. The list of IAM users to be bound to the role. */
	// +optional
	Members []PartialpolicyMembers `json:"members,omitempty"`

	/* Required. The role to bind the users to. */
	Role string `json:"role"`
}

func (*PartialpolicyBindings) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PartialpolicyBindings.

func (*PartialpolicyBindings) DeepCopyInto

func (in *PartialpolicyBindings) DeepCopyInto(out *PartialpolicyBindings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PartialpolicyCondition

type PartialpolicyCondition struct {
	// +optional
	Description *string `json:"description,omitempty"`

	Expression string `json:"expression"`

	Title string `json:"title"`
}

func (*PartialpolicyCondition) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PartialpolicyCondition.

func (*PartialpolicyCondition) DeepCopyInto

func (in *PartialpolicyCondition) DeepCopyInto(out *PartialpolicyCondition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PartialpolicyConditionStatus

type PartialpolicyConditionStatus struct {
	// +optional
	Description *string `json:"description,omitempty"`

	Expression string `json:"expression"`

	Title string `json:"title"`
}

func (*PartialpolicyConditionStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PartialpolicyConditionStatus.

func (*PartialpolicyConditionStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PartialpolicyLastAppliedBindingsStatus

type PartialpolicyLastAppliedBindingsStatus struct {
	/* Optional. The condition under which the binding applies. */
	// +optional
	Condition *PartialpolicyConditionStatus `json:"condition,omitempty"`

	/* Optional. The list of IAM users to be bound to the role. */
	// +optional
	Members []string `json:"members,omitempty"`

	/* Required. The role to bind the users to. */
	Role string `json:"role"`
}

func (*PartialpolicyLastAppliedBindingsStatus) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PartialpolicyLastAppliedBindingsStatus.

func (*PartialpolicyLastAppliedBindingsStatus) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PartialpolicyMemberFrom

type PartialpolicyMemberFrom struct {
	/* BigQueryConnectionConnection whose service account is to be bound to the role. Use the Type field to specifie the connection type. For "spark" connetion, the service account is in `status.observedState.spark.serviceAccountID`. For "cloudSQL" connection, the service account is in `status.observedState.cloudSQL.serviceAccountID`. For "cloudResource" connection, the service account is in `status.observedState.cloudResource.serviceAccountID`. */
	// +optional
	BigQueryConnectionConnectionRef *v1alpha1.IAMResourceRef `json:"bigQueryConnectionConnectionRef,omitempty"`

	/* The LoggingLogSink whose writer identity (i.e. its 'status.writerIdentity') is to be bound to the role. */
	// +optional
	LogSinkRef *v1alpha1.IAMResourceRef `json:"logSinkRef,omitempty"`

	/* The IAMServiceAccount to be bound to the role. */
	// +optional
	ServiceAccountRef *v1alpha1.IAMResourceRef `json:"serviceAccountRef,omitempty"`

	/* The ServiceIdentity whose service account (i.e., its 'status.email') is to be bound to the role. */
	// +optional
	ServiceIdentityRef *v1alpha1.IAMResourceRef `json:"serviceIdentityRef,omitempty"`

	/* The SQLInstance whose service account (i.e. its 'status.serviceAccountEmailAddress') is to be bound to the role. */
	// +optional
	SqlInstanceRef *v1alpha1.IAMResourceRef `json:"sqlInstanceRef,omitempty"`
}

func (*PartialpolicyMemberFrom) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PartialpolicyMemberFrom.

func (*PartialpolicyMemberFrom) DeepCopyInto

func (in *PartialpolicyMemberFrom) DeepCopyInto(out *PartialpolicyMemberFrom)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PartialpolicyMembers

type PartialpolicyMembers struct {
	/* The IAM identity to be bound to the role. Exactly one of 'member' or 'memberFrom' must be used. */
	// +optional
	Member *string `json:"member,omitempty"`

	/* The IAM identity to be bound to the role. Exactly one of 'member' or 'memberFrom' must be used, and only one subfield within 'memberFrom' can be used. */
	// +optional
	MemberFrom *PartialpolicyMemberFrom `json:"memberFrom,omitempty"`
}

func (*PartialpolicyMembers) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PartialpolicyMembers.

func (*PartialpolicyMembers) DeepCopyInto

func (in *PartialpolicyMembers) DeepCopyInto(out *PartialpolicyMembers)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyAuditConfigs

type PolicyAuditConfigs struct {
	/* Required. The configuration for logging of each type of permission. */
	AuditLogConfigs []PolicyAuditLogConfigs `json:"auditLogConfigs"`

	/* Required. The service for which to enable Data Access audit logs. The special value 'allServices' covers all services. Note that if there are audit configs covering both 'allServices' and a specific service, then the union of the two audit configs is used for that service: the 'logTypes' specified in each 'auditLogConfig' are enabled, and the 'exemptedMembers' in each 'auditLogConfig' are exempted. */
	Service string `json:"service"`
}

func (*PolicyAuditConfigs) DeepCopy

func (in *PolicyAuditConfigs) DeepCopy() *PolicyAuditConfigs

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyAuditConfigs.

func (*PolicyAuditConfigs) DeepCopyInto

func (in *PolicyAuditConfigs) DeepCopyInto(out *PolicyAuditConfigs)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyAuditLogConfigs

type PolicyAuditLogConfigs struct {
	/* Identities that do not cause logging for this type of permission. The format is the same as that for 'members' in IAMPolicy/IAMPolicyMember. */
	// +optional
	ExemptedMembers []string `json:"exemptedMembers,omitempty"`

	/* Permission type for which logging is to be configured. Must be one of 'DATA_READ', 'DATA_WRITE', or 'ADMIN_READ'. */
	LogType string `json:"logType"`
}

func (*PolicyAuditLogConfigs) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyAuditLogConfigs.

func (*PolicyAuditLogConfigs) DeepCopyInto

func (in *PolicyAuditLogConfigs) DeepCopyInto(out *PolicyAuditLogConfigs)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyBindings

type PolicyBindings struct {
	/* Optional. The condition under which the binding applies. */
	// +optional
	Condition *PolicyCondition `json:"condition,omitempty"`

	/* Optional. The list of IAM users to be bound to the role. */
	// +optional
	Members []string `json:"members,omitempty"`

	/* Required. The role to bind the users to. */
	Role string `json:"role"`
}

func (*PolicyBindings) DeepCopy

func (in *PolicyBindings) DeepCopy() *PolicyBindings

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyBindings.

func (*PolicyBindings) DeepCopyInto

func (in *PolicyBindings) DeepCopyInto(out *PolicyBindings)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyCondition

type PolicyCondition struct {
	// +optional
	Description *string `json:"description,omitempty"`

	Expression string `json:"expression"`

	Title string `json:"title"`
}

func (*PolicyCondition) DeepCopy

func (in *PolicyCondition) DeepCopy() *PolicyCondition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyCondition.

func (*PolicyCondition) DeepCopyInto

func (in *PolicyCondition) DeepCopyInto(out *PolicyCondition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicymemberCondition

type PolicymemberCondition struct {
	// +optional
	Description *string `json:"description,omitempty"`

	Expression string `json:"expression"`

	Title string `json:"title"`
}

func (*PolicymemberCondition) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicymemberCondition.

func (*PolicymemberCondition) DeepCopyInto

func (in *PolicymemberCondition) DeepCopyInto(out *PolicymemberCondition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicymemberMemberFrom

type PolicymemberMemberFrom struct {
	/* BigQueryConnectionConnection whose service account is to be bound to the role. Use the Type field to specifie the connection type. For "spark" connetion, the service account is in `status.observedState.spark.serviceAccountID`. For "cloudSQL" connection, the service account is in `status.observedState.cloudSQL.serviceAccountID`. For "cloudResource" connection, the service account is in `status.observedState.cloudResource.serviceAccountID`. */
	// +optional
	BigQueryConnectionConnectionRef *v1alpha1.IAMResourceRef `json:"bigQueryConnectionConnectionRef,omitempty"`

	/* The LoggingLogSink whose writer identity (i.e. its 'status.writerIdentity') is to be bound to the role. */
	// +optional
	LogSinkRef *v1alpha1.IAMResourceRef `json:"logSinkRef,omitempty"`

	/* The IAMServiceAccount to be bound to the role. */
	// +optional
	ServiceAccountRef *v1alpha1.IAMResourceRef `json:"serviceAccountRef,omitempty"`

	/* The ServiceIdentity whose service account (i.e., its 'status.email') is to be bound to the role. */
	// +optional
	ServiceIdentityRef *v1alpha1.IAMResourceRef `json:"serviceIdentityRef,omitempty"`

	/* The SQLInstance whose service account (i.e. its 'status.serviceAccountEmailAddress') is to be bound to the role. */
	// +optional
	SqlInstanceRef *v1alpha1.IAMResourceRef `json:"sqlInstanceRef,omitempty"`
}

func (*PolicymemberMemberFrom) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicymemberMemberFrom.

func (*PolicymemberMemberFrom) DeepCopyInto

func (in *PolicymemberMemberFrom) DeepCopyInto(out *PolicymemberMemberFrom)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WorkforcepoolproviderClientSecret added in v1.109.0

type WorkforcepoolproviderClientSecret struct {
	/* The value of the client secret. */
	// +optional
	Value *WorkforcepoolproviderValue `json:"value,omitempty"`
}

func (*WorkforcepoolproviderClientSecret) DeepCopy added in v1.109.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkforcepoolproviderClientSecret.

func (*WorkforcepoolproviderClientSecret) DeepCopyInto added in v1.109.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WorkforcepoolproviderClientSecretStatus added in v1.109.0

type WorkforcepoolproviderClientSecretStatus struct {
	// +optional
	Value *WorkforcepoolproviderValueStatus `json:"value,omitempty"`
}

func (*WorkforcepoolproviderClientSecretStatus) DeepCopy added in v1.109.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkforcepoolproviderClientSecretStatus.

func (*WorkforcepoolproviderClientSecretStatus) DeepCopyInto added in v1.109.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WorkforcepoolproviderOidc added in v1.92.0

type WorkforcepoolproviderOidc struct {
	/* Required. The client ID. Must match the audience claim of the JWT issued by the identity provider. */
	ClientId string `json:"clientId"`

	/* The optional client secret. Required to enable Authorization Code flow for web sign-in. */
	// +optional
	ClientSecret *WorkforcepoolproviderClientSecret `json:"clientSecret,omitempty"`

	/* Required. The OIDC issuer URI. Must be a valid URI using the 'https' scheme. */
	IssuerUri string `json:"issuerUri"`

	/* OIDC JWKs in JSON String format. For details on definition of a JWK, see https:tools.ietf.org/html/rfc7517. If not set, then we use the `jwks_uri` from the discovery document fetched from the .well-known path for the `issuer_uri`. Currently, RSA and EC asymmetric keys are supported. The JWK must use following format and include only the following fields: “`{"keys": [{"kty": "RSA/EC", "alg": "<algorithm>", "use": "sig", "kid": "<key-id>", "n": "", "e": "", "x": "", "y": "", "crv": ""}]}“` */
	// +optional
	JwksJson *string `json:"jwksJson,omitempty"`

	/* Required. Configuration for web single sign-on for the OIDC provider. Here, web sign-in refers to console sign-in and gcloud sign-in through the browser. */
	WebSsoConfig WorkforcepoolproviderWebSsoConfig `json:"webSsoConfig"`
}

func (*WorkforcepoolproviderOidc) DeepCopy added in v1.92.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkforcepoolproviderOidc.

func (*WorkforcepoolproviderOidc) DeepCopyInto added in v1.92.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WorkforcepoolproviderOidcStatus added in v1.109.0

type WorkforcepoolproviderOidcStatus struct {
	// +optional
	ClientSecret *WorkforcepoolproviderClientSecretStatus `json:"clientSecret,omitempty"`
}

func (*WorkforcepoolproviderOidcStatus) DeepCopy added in v1.109.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkforcepoolproviderOidcStatus.

func (*WorkforcepoolproviderOidcStatus) DeepCopyInto added in v1.109.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WorkforcepoolproviderPlainText added in v1.109.0

type WorkforcepoolproviderPlainText struct {
	/* Value of the field. Cannot be used if 'valueFrom' is specified. */
	// +optional
	Value *string `json:"value,omitempty"`

	/* Source for the field's value. Cannot be used if 'value' is specified. */
	// +optional
	ValueFrom *WorkforcepoolproviderValueFrom `json:"valueFrom,omitempty"`
}

func (*WorkforcepoolproviderPlainText) DeepCopy added in v1.109.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkforcepoolproviderPlainText.

func (*WorkforcepoolproviderPlainText) DeepCopyInto added in v1.109.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WorkforcepoolproviderSaml added in v1.92.0

type WorkforcepoolproviderSaml struct {
	/* Required. SAML Identity provider configuration metadata xml doc. The xml document should comply with [SAML 2.0 specification](https://docs.oasis-open.org/security/saml/v2.0/saml-metadata-2.0-os.pdf). The max size of the acceptable xml document will be bounded to 128k characters. The metadata xml document should satisfy the following constraints: 1) Must contain an Identity Provider Entity ID. 2) Must contain at least one non-expired signing key certificate. 3) For each signing key: a) Valid from should be no more than 7 days from now. b) Valid to should be no more than 10 years in the future. 4) Up to 3 IdP signing keys are allowed in the metadata xml. When updating the provider's metadata xml, at least one non-expired signing key must overlap with the existing metadata. This requirement is skipped if there are no non-expired signing keys present in the existing metadata. */
	IdpMetadataXml string `json:"idpMetadataXml"`
}

func (*WorkforcepoolproviderSaml) DeepCopy added in v1.92.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkforcepoolproviderSaml.

func (*WorkforcepoolproviderSaml) DeepCopyInto added in v1.92.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WorkforcepoolproviderValue added in v1.109.0

type WorkforcepoolproviderValue struct {
	/* Input only. The plain text of the client secret value. */
	// +optional
	PlainText *WorkforcepoolproviderPlainText `json:"plainText,omitempty"`
}

func (*WorkforcepoolproviderValue) DeepCopy added in v1.109.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkforcepoolproviderValue.

func (*WorkforcepoolproviderValue) DeepCopyInto added in v1.109.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WorkforcepoolproviderValueFrom added in v1.109.0

type WorkforcepoolproviderValueFrom struct {
	/* Reference to a value with the given key in the given Secret in the resource's namespace. */
	// +optional
	SecretKeyRef *v1alpha1.SecretKeyRef `json:"secretKeyRef,omitempty"`
}

func (*WorkforcepoolproviderValueFrom) DeepCopy added in v1.109.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkforcepoolproviderValueFrom.

func (*WorkforcepoolproviderValueFrom) DeepCopyInto added in v1.109.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WorkforcepoolproviderValueStatus added in v1.109.0

type WorkforcepoolproviderValueStatus struct {
	/* Output only. A thumbprint to represent the current client secret value. */
	// +optional
	Thumbprint *string `json:"thumbprint,omitempty"`
}

func (*WorkforcepoolproviderValueStatus) DeepCopy added in v1.109.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkforcepoolproviderValueStatus.

func (*WorkforcepoolproviderValueStatus) DeepCopyInto added in v1.109.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WorkforcepoolproviderWebSsoConfig added in v1.104.0

type WorkforcepoolproviderWebSsoConfig struct {
	/* Additional scopes to request for in the OIDC authentication request on top of scopes requested by default. By default, the `openid`, `profile` and `email` scopes that are supported by the identity provider are requested. Each additional scope may be at most 256 characters. A maximum of 10 additional scopes may be configured. */
	// +optional
	AdditionalScopes []string `json:"additionalScopes,omitempty"`

	/* Required. The behavior for how OIDC Claims are included in the `assertion` object used for attribute mapping and attribute condition. Possible values: ASSERTION_CLAIMS_BEHAVIOR_UNSPECIFIED, MERGE_USER_INFO_OVER_ID_TOKEN_CLAIMS, ONLY_ID_TOKEN_CLAIMS */
	AssertionClaimsBehavior string `json:"assertionClaimsBehavior"`

	/* Required. The Response Type to request for in the OIDC Authorization Request for web sign-in. The `CODE` Response Type is recommended to avoid the Implicit Flow, for security reasons. Possible values: RESPONSE_TYPE_UNSPECIFIED, CODE, ID_TOKEN */
	ResponseType string `json:"responseType"`
}

func (*WorkforcepoolproviderWebSsoConfig) DeepCopy added in v1.104.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkforcepoolproviderWebSsoConfig.

func (*WorkforcepoolproviderWebSsoConfig) DeepCopyInto added in v1.104.0

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WorkloadidentitypoolproviderAws

type WorkloadidentitypoolproviderAws struct {
	/* Required. The AWS account ID. */
	AccountId string `json:"accountId"`

	/* A list of AWS STS URIs that can be used when exchanging credentials. If not provided, any valid AWS STS URI is allowed. URIs must use the form `https://sts.amazonaws.com` or `https://sts.{region}.amazonaws.com`, where {region} is a valid AWS region. You can specify a maximum of 25 URIs. */
	// +optional
	StsUri []string `json:"stsUri,omitempty"`
}

func (*WorkloadidentitypoolproviderAws) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkloadidentitypoolproviderAws.

func (*WorkloadidentitypoolproviderAws) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WorkloadidentitypoolproviderOidc

type WorkloadidentitypoolproviderOidc struct {
	/* Acceptable values for the `aud` field (audience) in the OIDC token. Token exchange requests are rejected if the token audience does not match one of the configured values. Each audience may be at most 256 characters. A maximum of 10 audiences may be configured. If this list is empty, the OIDC token audience must be equal to the full canonical resource name of the WorkloadIdentityPoolProvider, with or without the HTTPS prefix. For example: “` //iam.googleapis.com/projects//locations//workloadIdentityPools//providers/ https://iam.googleapis.com/projects//locations//workloadIdentityPools//providers/ “` */
	// +optional
	AllowedAudiences []string `json:"allowedAudiences,omitempty"`

	/* Required. The OIDC issuer URL. Must be an HTTPS endpoint. */
	IssuerUri string `json:"issuerUri"`
}

func (*WorkloadidentitypoolproviderOidc) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkloadidentitypoolproviderOidc.

func (*WorkloadidentitypoolproviderOidc) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL