security

package
v1.98.5 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 25, 2024 License: Apache-2.0 Imports: 5 Imported by: 5

Documentation

Overview

Package security is the internal version of the API. +groupName=security.gardener.cloud

Index

Constants

View Source
const GroupName = "security.gardener.cloud"

GroupName is the name of the security API group.

Variables

View Source
var (
	// SchemeBuilder is a new Scheme Builder which registers our API.
	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
	// AddToScheme is a reference to the Scheme Builder's AddToScheme function.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source
var SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: runtime.APIVersionInternal}

SchemeGroupVersion is group version used to register these objects.

Functions

func Kind

func Kind(kind string) schema.GroupKind

Kind takes an unqualified kind and returns back a Group qualified GroupKind.

func Resource

func Resource(resource string) schema.GroupResource

Resource takes an unqualified resource and returns back a Group qualified GroupResource.

Types

type ContextObject added in v1.97.0

type ContextObject struct {
	// Kind of the object the token is requested for. Valid kinds are 'Shoot', 'Seed', etc.
	Kind string
	// API version of the object the token is requested for.
	APIVersion string
	// Name of the object the token is requested for.
	Name string
	// Namespace of the object the token is requested for.
	Namespace *string
	// UID of the object the token is requested for.
	UID types.UID
}

ContextObject identifies the object the token is requested for.

func (*ContextObject) DeepCopy added in v1.97.0

func (in *ContextObject) DeepCopy() *ContextObject

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ContextObject.

func (*ContextObject) DeepCopyInto added in v1.97.0

func (in *ContextObject) DeepCopyInto(out *ContextObject)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CredentialsBinding

type CredentialsBinding struct {
	metav1.TypeMeta
	// Standard object metadata.
	metav1.ObjectMeta
	// Provider defines the provider type of the CredentialsBinding.
	// This field is immutable.
	Provider CredentialsBindingProvider
	// CredentialsRef is a reference to a resource holding the credentials.
	// Accepted resources are core/v1.Secret and security.gardener.cloud/v1alpha1.WorkloadIdentity
	CredentialsRef corev1.ObjectReference
	// Quotas is a list of references to Quota objects in the same or another namespace.
	// This field is immutable.
	Quotas []corev1.ObjectReference
}

CredentialsBinding represents a binding to credentials in the same or another namespace.

func (*CredentialsBinding) DeepCopy

func (in *CredentialsBinding) DeepCopy() *CredentialsBinding

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialsBinding.

func (*CredentialsBinding) DeepCopyInto

func (in *CredentialsBinding) DeepCopyInto(out *CredentialsBinding)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CredentialsBinding) DeepCopyObject

func (in *CredentialsBinding) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*CredentialsBinding) GetProviderType

func (cb *CredentialsBinding) GetProviderType() string

GetProviderType gets the type of the provider.

type CredentialsBindingList

type CredentialsBindingList struct {
	metav1.TypeMeta
	// Standard list object metadata.
	metav1.ListMeta
	// Items is the list of CredentialsBindings.
	Items []CredentialsBinding
}

CredentialsBindingList is a collection of CredentialsBindings.

func (*CredentialsBindingList) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialsBindingList.

func (*CredentialsBindingList) DeepCopyInto

func (in *CredentialsBindingList) DeepCopyInto(out *CredentialsBindingList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CredentialsBindingList) DeepCopyObject

func (in *CredentialsBindingList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type CredentialsBindingProvider

type CredentialsBindingProvider struct {
	// Type is the type of the provider.
	Type string
}

CredentialsBindingProvider defines the provider type of the CredentialsBinding.

func (*CredentialsBindingProvider) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CredentialsBindingProvider.

func (*CredentialsBindingProvider) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TargetSystem added in v1.97.0

type TargetSystem struct {
	// Type is the type of the target system.
	Type string
	// ProviderConfig is the configuration passed to extension resource.
	ProviderConfig runtime.Object
}

TargetSystem represents specific configurations for the system that will accept the JWTs.

func (*TargetSystem) DeepCopy added in v1.97.0

func (in *TargetSystem) DeepCopy() *TargetSystem

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TargetSystem.

func (*TargetSystem) DeepCopyInto added in v1.97.0

func (in *TargetSystem) DeepCopyInto(out *TargetSystem)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TokenRequest added in v1.97.0

type TokenRequest struct {
	metav1.TypeMeta
	// Standard object metadata.
	metav1.ObjectMeta
	// Spec holds configuration settings for the requested token.
	Spec TokenRequestSpec
	// Status bears the issued token with additional information back to the client.
	Status TokenRequestStatus
}

TokenRequest is a resource that is used to request WorkloadIdentity tokens.

func (*TokenRequest) DeepCopy added in v1.97.0

func (in *TokenRequest) DeepCopy() *TokenRequest

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequest.

func (*TokenRequest) DeepCopyInto added in v1.97.0

func (in *TokenRequest) DeepCopyInto(out *TokenRequest)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*TokenRequest) DeepCopyObject added in v1.97.0

func (in *TokenRequest) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type TokenRequestSpec added in v1.97.0

type TokenRequestSpec struct {
	// ContextObject identifies the object the token is requested for.
	ContextObject *ContextObject
	// ExpirationSeconds specifies for how long the requested token should be valid.
	ExpirationSeconds int64
}

TokenRequestSpec holds configuration settings for the requested token.

func (*TokenRequestSpec) DeepCopy added in v1.97.0

func (in *TokenRequestSpec) DeepCopy() *TokenRequestSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequestSpec.

func (*TokenRequestSpec) DeepCopyInto added in v1.97.0

func (in *TokenRequestSpec) DeepCopyInto(out *TokenRequestSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TokenRequestStatus added in v1.97.0

type TokenRequestStatus struct {
	// Token is the issued token.
	Token string
	// ExpirationTimeStamp is the time of expiration of the returned token.
	ExpirationTimeStamp metav1.Time
}

TokenRequestStatus bears the issued token with additional information back to the client.

func (*TokenRequestStatus) DeepCopy added in v1.97.0

func (in *TokenRequestStatus) DeepCopy() *TokenRequestStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TokenRequestStatus.

func (*TokenRequestStatus) DeepCopyInto added in v1.97.0

func (in *TokenRequestStatus) DeepCopyInto(out *TokenRequestStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WorkloadIdentity added in v1.97.0

type WorkloadIdentity struct {
	metav1.TypeMeta
	// Standard object metadata.
	metav1.ObjectMeta
	// Spec configures the JSON Web Token issued by the Gardener API server.
	Spec WorkloadIdentitySpec
	// Status contain the latest observed status of the WorkloadIdentity.
	Status WorkloadIdentityStatus
}

WorkloadIdentity is resource that allows workloads to be presented before external systems by giving them identities managed by the Gardener API server. The identity of such workload is represented by JSON Web Token issued by the Gardener API server. Workload identities are designed to be used by components running in the Gardener environment, seed or runtime cluster, that make use of identity federation inspired by the OIDC protocol.

func (*WorkloadIdentity) DeepCopy added in v1.97.0

func (in *WorkloadIdentity) DeepCopy() *WorkloadIdentity

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkloadIdentity.

func (*WorkloadIdentity) DeepCopyInto added in v1.97.0

func (in *WorkloadIdentity) DeepCopyInto(out *WorkloadIdentity)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*WorkloadIdentity) DeepCopyObject added in v1.97.0

func (in *WorkloadIdentity) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type WorkloadIdentityList added in v1.97.0

type WorkloadIdentityList struct {
	metav1.TypeMeta
	// Standard list object metadata.
	metav1.ListMeta
	// Items is the list of WorkloadIdentities.
	Items []WorkloadIdentity
}

WorkloadIdentityList is a collection of WorkloadIdentities.

func (*WorkloadIdentityList) DeepCopy added in v1.97.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkloadIdentityList.

func (*WorkloadIdentityList) DeepCopyInto added in v1.97.0

func (in *WorkloadIdentityList) DeepCopyInto(out *WorkloadIdentityList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*WorkloadIdentityList) DeepCopyObject added in v1.97.0

func (in *WorkloadIdentityList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type WorkloadIdentitySpec added in v1.97.0

type WorkloadIdentitySpec struct {
	// Audiences specify the list of recipients that the JWT is intended for.
	// The values of this field will be set in the 'aud' claim.
	Audiences []string
	// TargetSystem represents specific configurations for the system that will accept the JWTs.
	TargetSystem TargetSystem
}

WorkloadIdentitySpec configures the JSON Web Token issued by the Gardener API server.

func (*WorkloadIdentitySpec) DeepCopy added in v1.97.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkloadIdentitySpec.

func (*WorkloadIdentitySpec) DeepCopyInto added in v1.97.0

func (in *WorkloadIdentitySpec) DeepCopyInto(out *WorkloadIdentitySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WorkloadIdentityStatus added in v1.97.0

type WorkloadIdentityStatus struct {
	// Sub contains the computed value of the subject that is going to be set in JWTs 'sub' claim.
	Sub string
}

WorkloadIdentityStatus contain the latest observed status of the WorkloadIdentity.

func (*WorkloadIdentityStatus) DeepCopy added in v1.97.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new WorkloadIdentityStatus.

func (*WorkloadIdentityStatus) DeepCopyInto added in v1.97.0

func (in *WorkloadIdentityStatus) DeepCopyInto(out *WorkloadIdentityStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Directories

Path Synopsis
Package v1alpha1 is a version of the API.
Package v1alpha1 is a version of the API.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL