v1alpha1

package
v3.28.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 24, 2023 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

This section is empty.

Types

type ClusterTrustBundle

type ClusterTrustBundle struct {
	pulumi.CustomResourceState

	// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
	ApiVersion pulumi.StringPtrOutput `pulumi:"apiVersion"`
	// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
	Kind pulumi.StringPtrOutput `pulumi:"kind"`
	// metadata contains the object metadata.
	Metadata metav1.ObjectMetaPtrOutput `pulumi:"metadata"`
	// spec contains the signer (if any) and trust anchors.
	Spec ClusterTrustBundleSpecOutput `pulumi:"spec"`
}

ClusterTrustBundle is a cluster-scoped container for X.509 trust anchors (root certificates).

ClusterTrustBundle objects are considered to be readable by any authenticated user in the cluster, because they can be mounted by pods using the `clusterTrustBundle` projection. All service accounts have read access to ClusterTrustBundles by default. Users who only have namespace-level access to a cluster can read ClusterTrustBundles by impersonating a serviceaccount that they have access to.

It can be optionally associated with a particular assigner, in which case it contains one valid set of trust anchors for that signer. Signers may have multiple associated ClusterTrustBundles; each is an independent set of trust anchors for that signer. Admission control is used to enforce that only users with permissions on the signer can create or modify the corresponding bundle.

func GetClusterTrustBundle

func GetClusterTrustBundle(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ClusterTrustBundleState, opts ...pulumi.ResourceOption) (*ClusterTrustBundle, error)

GetClusterTrustBundle gets an existing ClusterTrustBundle resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewClusterTrustBundle

func NewClusterTrustBundle(ctx *pulumi.Context,
	name string, args *ClusterTrustBundleArgs, opts ...pulumi.ResourceOption) (*ClusterTrustBundle, error)

NewClusterTrustBundle registers a new resource with the given unique name, arguments, and options.

func (*ClusterTrustBundle) ElementType

func (*ClusterTrustBundle) ElementType() reflect.Type

func (*ClusterTrustBundle) ToClusterTrustBundleOutput

func (i *ClusterTrustBundle) ToClusterTrustBundleOutput() ClusterTrustBundleOutput

func (*ClusterTrustBundle) ToClusterTrustBundleOutputWithContext

func (i *ClusterTrustBundle) ToClusterTrustBundleOutputWithContext(ctx context.Context) ClusterTrustBundleOutput

type ClusterTrustBundleArgs

type ClusterTrustBundleArgs struct {
	// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
	ApiVersion pulumi.StringPtrInput
	// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
	Kind pulumi.StringPtrInput
	// metadata contains the object metadata.
	Metadata metav1.ObjectMetaPtrInput
	// spec contains the signer (if any) and trust anchors.
	Spec ClusterTrustBundleSpecInput
}

The set of arguments for constructing a ClusterTrustBundle resource.

func (ClusterTrustBundleArgs) ElementType

func (ClusterTrustBundleArgs) ElementType() reflect.Type

type ClusterTrustBundleArray

type ClusterTrustBundleArray []ClusterTrustBundleInput

func (ClusterTrustBundleArray) ElementType

func (ClusterTrustBundleArray) ElementType() reflect.Type

func (ClusterTrustBundleArray) ToClusterTrustBundleArrayOutput

func (i ClusterTrustBundleArray) ToClusterTrustBundleArrayOutput() ClusterTrustBundleArrayOutput

func (ClusterTrustBundleArray) ToClusterTrustBundleArrayOutputWithContext

func (i ClusterTrustBundleArray) ToClusterTrustBundleArrayOutputWithContext(ctx context.Context) ClusterTrustBundleArrayOutput

type ClusterTrustBundleArrayInput

type ClusterTrustBundleArrayInput interface {
	pulumi.Input

	ToClusterTrustBundleArrayOutput() ClusterTrustBundleArrayOutput
	ToClusterTrustBundleArrayOutputWithContext(context.Context) ClusterTrustBundleArrayOutput
}

ClusterTrustBundleArrayInput is an input type that accepts ClusterTrustBundleArray and ClusterTrustBundleArrayOutput values. You can construct a concrete instance of `ClusterTrustBundleArrayInput` via:

ClusterTrustBundleArray{ ClusterTrustBundleArgs{...} }

type ClusterTrustBundleArrayOutput

type ClusterTrustBundleArrayOutput struct{ *pulumi.OutputState }

func (ClusterTrustBundleArrayOutput) ElementType

func (ClusterTrustBundleArrayOutput) Index

func (ClusterTrustBundleArrayOutput) ToClusterTrustBundleArrayOutput

func (o ClusterTrustBundleArrayOutput) ToClusterTrustBundleArrayOutput() ClusterTrustBundleArrayOutput

func (ClusterTrustBundleArrayOutput) ToClusterTrustBundleArrayOutputWithContext

func (o ClusterTrustBundleArrayOutput) ToClusterTrustBundleArrayOutputWithContext(ctx context.Context) ClusterTrustBundleArrayOutput

type ClusterTrustBundleInput

type ClusterTrustBundleInput interface {
	pulumi.Input

	ToClusterTrustBundleOutput() ClusterTrustBundleOutput
	ToClusterTrustBundleOutputWithContext(ctx context.Context) ClusterTrustBundleOutput
}

type ClusterTrustBundleList

type ClusterTrustBundleList struct {
	pulumi.CustomResourceState

	// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
	ApiVersion pulumi.StringPtrOutput `pulumi:"apiVersion"`
	// items is a collection of ClusterTrustBundle objects
	Items ClusterTrustBundleTypeArrayOutput `pulumi:"items"`
	// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
	Kind pulumi.StringPtrOutput `pulumi:"kind"`
	// metadata contains the list metadata.
	Metadata metav1.ListMetaPtrOutput `pulumi:"metadata"`
}

ClusterTrustBundleList is a collection of ClusterTrustBundle objects

func GetClusterTrustBundleList

func GetClusterTrustBundleList(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ClusterTrustBundleListState, opts ...pulumi.ResourceOption) (*ClusterTrustBundleList, error)

GetClusterTrustBundleList gets an existing ClusterTrustBundleList resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewClusterTrustBundleList

func NewClusterTrustBundleList(ctx *pulumi.Context,
	name string, args *ClusterTrustBundleListArgs, opts ...pulumi.ResourceOption) (*ClusterTrustBundleList, error)

NewClusterTrustBundleList registers a new resource with the given unique name, arguments, and options.

func (*ClusterTrustBundleList) ElementType

func (*ClusterTrustBundleList) ElementType() reflect.Type

func (*ClusterTrustBundleList) ToClusterTrustBundleListOutput

func (i *ClusterTrustBundleList) ToClusterTrustBundleListOutput() ClusterTrustBundleListOutput

func (*ClusterTrustBundleList) ToClusterTrustBundleListOutputWithContext

func (i *ClusterTrustBundleList) ToClusterTrustBundleListOutputWithContext(ctx context.Context) ClusterTrustBundleListOutput

type ClusterTrustBundleListArgs

type ClusterTrustBundleListArgs struct {
	// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
	ApiVersion pulumi.StringPtrInput
	// items is a collection of ClusterTrustBundle objects
	Items ClusterTrustBundleTypeArrayInput
	// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
	Kind pulumi.StringPtrInput
	// metadata contains the list metadata.
	Metadata metav1.ListMetaPtrInput
}

The set of arguments for constructing a ClusterTrustBundleList resource.

func (ClusterTrustBundleListArgs) ElementType

func (ClusterTrustBundleListArgs) ElementType() reflect.Type

type ClusterTrustBundleListArray

type ClusterTrustBundleListArray []ClusterTrustBundleListInput

func (ClusterTrustBundleListArray) ElementType

func (ClusterTrustBundleListArray) ToClusterTrustBundleListArrayOutput

func (i ClusterTrustBundleListArray) ToClusterTrustBundleListArrayOutput() ClusterTrustBundleListArrayOutput

func (ClusterTrustBundleListArray) ToClusterTrustBundleListArrayOutputWithContext

func (i ClusterTrustBundleListArray) ToClusterTrustBundleListArrayOutputWithContext(ctx context.Context) ClusterTrustBundleListArrayOutput

type ClusterTrustBundleListArrayInput

type ClusterTrustBundleListArrayInput interface {
	pulumi.Input

	ToClusterTrustBundleListArrayOutput() ClusterTrustBundleListArrayOutput
	ToClusterTrustBundleListArrayOutputWithContext(context.Context) ClusterTrustBundleListArrayOutput
}

ClusterTrustBundleListArrayInput is an input type that accepts ClusterTrustBundleListArray and ClusterTrustBundleListArrayOutput values. You can construct a concrete instance of `ClusterTrustBundleListArrayInput` via:

ClusterTrustBundleListArray{ ClusterTrustBundleListArgs{...} }

type ClusterTrustBundleListArrayOutput

type ClusterTrustBundleListArrayOutput struct{ *pulumi.OutputState }

func (ClusterTrustBundleListArrayOutput) ElementType

func (ClusterTrustBundleListArrayOutput) Index

func (ClusterTrustBundleListArrayOutput) ToClusterTrustBundleListArrayOutput

func (o ClusterTrustBundleListArrayOutput) ToClusterTrustBundleListArrayOutput() ClusterTrustBundleListArrayOutput

func (ClusterTrustBundleListArrayOutput) ToClusterTrustBundleListArrayOutputWithContext

func (o ClusterTrustBundleListArrayOutput) ToClusterTrustBundleListArrayOutputWithContext(ctx context.Context) ClusterTrustBundleListArrayOutput

type ClusterTrustBundleListInput

type ClusterTrustBundleListInput interface {
	pulumi.Input

	ToClusterTrustBundleListOutput() ClusterTrustBundleListOutput
	ToClusterTrustBundleListOutputWithContext(ctx context.Context) ClusterTrustBundleListOutput
}

type ClusterTrustBundleListMap

type ClusterTrustBundleListMap map[string]ClusterTrustBundleListInput

func (ClusterTrustBundleListMap) ElementType

func (ClusterTrustBundleListMap) ElementType() reflect.Type

func (ClusterTrustBundleListMap) ToClusterTrustBundleListMapOutput

func (i ClusterTrustBundleListMap) ToClusterTrustBundleListMapOutput() ClusterTrustBundleListMapOutput

func (ClusterTrustBundleListMap) ToClusterTrustBundleListMapOutputWithContext

func (i ClusterTrustBundleListMap) ToClusterTrustBundleListMapOutputWithContext(ctx context.Context) ClusterTrustBundleListMapOutput

type ClusterTrustBundleListMapInput

type ClusterTrustBundleListMapInput interface {
	pulumi.Input

	ToClusterTrustBundleListMapOutput() ClusterTrustBundleListMapOutput
	ToClusterTrustBundleListMapOutputWithContext(context.Context) ClusterTrustBundleListMapOutput
}

ClusterTrustBundleListMapInput is an input type that accepts ClusterTrustBundleListMap and ClusterTrustBundleListMapOutput values. You can construct a concrete instance of `ClusterTrustBundleListMapInput` via:

ClusterTrustBundleListMap{ "key": ClusterTrustBundleListArgs{...} }

type ClusterTrustBundleListMapOutput

type ClusterTrustBundleListMapOutput struct{ *pulumi.OutputState }

func (ClusterTrustBundleListMapOutput) ElementType

func (ClusterTrustBundleListMapOutput) MapIndex

func (ClusterTrustBundleListMapOutput) ToClusterTrustBundleListMapOutput

func (o ClusterTrustBundleListMapOutput) ToClusterTrustBundleListMapOutput() ClusterTrustBundleListMapOutput

func (ClusterTrustBundleListMapOutput) ToClusterTrustBundleListMapOutputWithContext

func (o ClusterTrustBundleListMapOutput) ToClusterTrustBundleListMapOutputWithContext(ctx context.Context) ClusterTrustBundleListMapOutput

type ClusterTrustBundleListOutput

type ClusterTrustBundleListOutput struct{ *pulumi.OutputState }

func (ClusterTrustBundleListOutput) ApiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

func (ClusterTrustBundleListOutput) ElementType

func (ClusterTrustBundleListOutput) Items

items is a collection of ClusterTrustBundle objects

func (ClusterTrustBundleListOutput) Kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

func (ClusterTrustBundleListOutput) Metadata

metadata contains the list metadata.

func (ClusterTrustBundleListOutput) ToClusterTrustBundleListOutput

func (o ClusterTrustBundleListOutput) ToClusterTrustBundleListOutput() ClusterTrustBundleListOutput

func (ClusterTrustBundleListOutput) ToClusterTrustBundleListOutputWithContext

func (o ClusterTrustBundleListOutput) ToClusterTrustBundleListOutputWithContext(ctx context.Context) ClusterTrustBundleListOutput

type ClusterTrustBundleListState

type ClusterTrustBundleListState struct {
}

func (ClusterTrustBundleListState) ElementType

type ClusterTrustBundleListType

type ClusterTrustBundleListType struct {
	// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
	ApiVersion *string `pulumi:"apiVersion"`
	// items is a collection of ClusterTrustBundle objects
	Items []ClusterTrustBundleType `pulumi:"items"`
	// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
	Kind *string `pulumi:"kind"`
	// metadata contains the list metadata.
	Metadata *metav1.ListMeta `pulumi:"metadata"`
}

ClusterTrustBundleList is a collection of ClusterTrustBundle objects

type ClusterTrustBundleListTypeArgs

type ClusterTrustBundleListTypeArgs struct {
	// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
	ApiVersion pulumi.StringPtrInput `pulumi:"apiVersion"`
	// items is a collection of ClusterTrustBundle objects
	Items ClusterTrustBundleTypeArrayInput `pulumi:"items"`
	// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
	Kind pulumi.StringPtrInput `pulumi:"kind"`
	// metadata contains the list metadata.
	Metadata metav1.ListMetaPtrInput `pulumi:"metadata"`
}

ClusterTrustBundleList is a collection of ClusterTrustBundle objects

func (ClusterTrustBundleListTypeArgs) ElementType

func (ClusterTrustBundleListTypeArgs) ToClusterTrustBundleListTypeOutput

func (i ClusterTrustBundleListTypeArgs) ToClusterTrustBundleListTypeOutput() ClusterTrustBundleListTypeOutput

func (ClusterTrustBundleListTypeArgs) ToClusterTrustBundleListTypeOutputWithContext

func (i ClusterTrustBundleListTypeArgs) ToClusterTrustBundleListTypeOutputWithContext(ctx context.Context) ClusterTrustBundleListTypeOutput

type ClusterTrustBundleListTypeInput

type ClusterTrustBundleListTypeInput interface {
	pulumi.Input

	ToClusterTrustBundleListTypeOutput() ClusterTrustBundleListTypeOutput
	ToClusterTrustBundleListTypeOutputWithContext(context.Context) ClusterTrustBundleListTypeOutput
}

ClusterTrustBundleListTypeInput is an input type that accepts ClusterTrustBundleListTypeArgs and ClusterTrustBundleListTypeOutput values. You can construct a concrete instance of `ClusterTrustBundleListTypeInput` via:

ClusterTrustBundleListTypeArgs{...}

type ClusterTrustBundleListTypeOutput

type ClusterTrustBundleListTypeOutput struct{ *pulumi.OutputState }

ClusterTrustBundleList is a collection of ClusterTrustBundle objects

func (ClusterTrustBundleListTypeOutput) ApiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

func (ClusterTrustBundleListTypeOutput) ElementType

func (ClusterTrustBundleListTypeOutput) Items

items is a collection of ClusterTrustBundle objects

func (ClusterTrustBundleListTypeOutput) Kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

func (ClusterTrustBundleListTypeOutput) Metadata

metadata contains the list metadata.

func (ClusterTrustBundleListTypeOutput) ToClusterTrustBundleListTypeOutput

func (o ClusterTrustBundleListTypeOutput) ToClusterTrustBundleListTypeOutput() ClusterTrustBundleListTypeOutput

func (ClusterTrustBundleListTypeOutput) ToClusterTrustBundleListTypeOutputWithContext

func (o ClusterTrustBundleListTypeOutput) ToClusterTrustBundleListTypeOutputWithContext(ctx context.Context) ClusterTrustBundleListTypeOutput

type ClusterTrustBundleMap

type ClusterTrustBundleMap map[string]ClusterTrustBundleInput

func (ClusterTrustBundleMap) ElementType

func (ClusterTrustBundleMap) ElementType() reflect.Type

func (ClusterTrustBundleMap) ToClusterTrustBundleMapOutput

func (i ClusterTrustBundleMap) ToClusterTrustBundleMapOutput() ClusterTrustBundleMapOutput

func (ClusterTrustBundleMap) ToClusterTrustBundleMapOutputWithContext

func (i ClusterTrustBundleMap) ToClusterTrustBundleMapOutputWithContext(ctx context.Context) ClusterTrustBundleMapOutput

type ClusterTrustBundleMapInput

type ClusterTrustBundleMapInput interface {
	pulumi.Input

	ToClusterTrustBundleMapOutput() ClusterTrustBundleMapOutput
	ToClusterTrustBundleMapOutputWithContext(context.Context) ClusterTrustBundleMapOutput
}

ClusterTrustBundleMapInput is an input type that accepts ClusterTrustBundleMap and ClusterTrustBundleMapOutput values. You can construct a concrete instance of `ClusterTrustBundleMapInput` via:

ClusterTrustBundleMap{ "key": ClusterTrustBundleArgs{...} }

type ClusterTrustBundleMapOutput

type ClusterTrustBundleMapOutput struct{ *pulumi.OutputState }

func (ClusterTrustBundleMapOutput) ElementType

func (ClusterTrustBundleMapOutput) MapIndex

func (ClusterTrustBundleMapOutput) ToClusterTrustBundleMapOutput

func (o ClusterTrustBundleMapOutput) ToClusterTrustBundleMapOutput() ClusterTrustBundleMapOutput

func (ClusterTrustBundleMapOutput) ToClusterTrustBundleMapOutputWithContext

func (o ClusterTrustBundleMapOutput) ToClusterTrustBundleMapOutputWithContext(ctx context.Context) ClusterTrustBundleMapOutput

type ClusterTrustBundleOutput

type ClusterTrustBundleOutput struct{ *pulumi.OutputState }

func (ClusterTrustBundleOutput) ApiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

func (ClusterTrustBundleOutput) ElementType

func (ClusterTrustBundleOutput) ElementType() reflect.Type

func (ClusterTrustBundleOutput) Kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

func (ClusterTrustBundleOutput) Metadata

metadata contains the object metadata.

func (ClusterTrustBundleOutput) Spec

spec contains the signer (if any) and trust anchors.

func (ClusterTrustBundleOutput) ToClusterTrustBundleOutput

func (o ClusterTrustBundleOutput) ToClusterTrustBundleOutput() ClusterTrustBundleOutput

func (ClusterTrustBundleOutput) ToClusterTrustBundleOutputWithContext

func (o ClusterTrustBundleOutput) ToClusterTrustBundleOutputWithContext(ctx context.Context) ClusterTrustBundleOutput

type ClusterTrustBundlePatch

type ClusterTrustBundlePatch struct {
	pulumi.CustomResourceState

	// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
	ApiVersion pulumi.StringPtrOutput `pulumi:"apiVersion"`
	// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
	Kind pulumi.StringPtrOutput `pulumi:"kind"`
	// metadata contains the object metadata.
	Metadata metav1.ObjectMetaPatchPtrOutput `pulumi:"metadata"`
	// spec contains the signer (if any) and trust anchors.
	Spec ClusterTrustBundleSpecPatchPtrOutput `pulumi:"spec"`
}

Patch resources are used to modify existing Kubernetes resources by using Server-Side Apply updates. The name of the resource must be specified, but all other properties are optional. More than one patch may be applied to the same resource, and a random FieldManager name will be used for each Patch resource. Conflicts will result in an error by default, but can be forced using the "pulumi.com/patchForce" annotation. See the [Server-Side Apply Docs](https://www.pulumi.com/registry/packages/kubernetes/how-to-guides/managing-resources-with-server-side-apply/) for additional information about using Server-Side Apply to manage Kubernetes resources with Pulumi. ClusterTrustBundle is a cluster-scoped container for X.509 trust anchors (root certificates).

ClusterTrustBundle objects are considered to be readable by any authenticated user in the cluster, because they can be mounted by pods using the `clusterTrustBundle` projection. All service accounts have read access to ClusterTrustBundles by default. Users who only have namespace-level access to a cluster can read ClusterTrustBundles by impersonating a serviceaccount that they have access to.

It can be optionally associated with a particular assigner, in which case it contains one valid set of trust anchors for that signer. Signers may have multiple associated ClusterTrustBundles; each is an independent set of trust anchors for that signer. Admission control is used to enforce that only users with permissions on the signer can create or modify the corresponding bundle.

func GetClusterTrustBundlePatch

func GetClusterTrustBundlePatch(ctx *pulumi.Context,
	name string, id pulumi.IDInput, state *ClusterTrustBundlePatchState, opts ...pulumi.ResourceOption) (*ClusterTrustBundlePatch, error)

GetClusterTrustBundlePatch gets an existing ClusterTrustBundlePatch resource's state with the given name, ID, and optional state properties that are used to uniquely qualify the lookup (nil if not required).

func NewClusterTrustBundlePatch

func NewClusterTrustBundlePatch(ctx *pulumi.Context,
	name string, args *ClusterTrustBundlePatchArgs, opts ...pulumi.ResourceOption) (*ClusterTrustBundlePatch, error)

NewClusterTrustBundlePatch registers a new resource with the given unique name, arguments, and options.

func (*ClusterTrustBundlePatch) ElementType

func (*ClusterTrustBundlePatch) ElementType() reflect.Type

func (*ClusterTrustBundlePatch) ToClusterTrustBundlePatchOutput

func (i *ClusterTrustBundlePatch) ToClusterTrustBundlePatchOutput() ClusterTrustBundlePatchOutput

func (*ClusterTrustBundlePatch) ToClusterTrustBundlePatchOutputWithContext

func (i *ClusterTrustBundlePatch) ToClusterTrustBundlePatchOutputWithContext(ctx context.Context) ClusterTrustBundlePatchOutput

type ClusterTrustBundlePatchArgs

type ClusterTrustBundlePatchArgs struct {
	// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
	ApiVersion pulumi.StringPtrInput
	// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
	Kind pulumi.StringPtrInput
	// metadata contains the object metadata.
	Metadata metav1.ObjectMetaPatchPtrInput
	// spec contains the signer (if any) and trust anchors.
	Spec ClusterTrustBundleSpecPatchPtrInput
}

The set of arguments for constructing a ClusterTrustBundlePatch resource.

func (ClusterTrustBundlePatchArgs) ElementType

type ClusterTrustBundlePatchArray

type ClusterTrustBundlePatchArray []ClusterTrustBundlePatchInput

func (ClusterTrustBundlePatchArray) ElementType

func (ClusterTrustBundlePatchArray) ToClusterTrustBundlePatchArrayOutput

func (i ClusterTrustBundlePatchArray) ToClusterTrustBundlePatchArrayOutput() ClusterTrustBundlePatchArrayOutput

func (ClusterTrustBundlePatchArray) ToClusterTrustBundlePatchArrayOutputWithContext

func (i ClusterTrustBundlePatchArray) ToClusterTrustBundlePatchArrayOutputWithContext(ctx context.Context) ClusterTrustBundlePatchArrayOutput

type ClusterTrustBundlePatchArrayInput

type ClusterTrustBundlePatchArrayInput interface {
	pulumi.Input

	ToClusterTrustBundlePatchArrayOutput() ClusterTrustBundlePatchArrayOutput
	ToClusterTrustBundlePatchArrayOutputWithContext(context.Context) ClusterTrustBundlePatchArrayOutput
}

ClusterTrustBundlePatchArrayInput is an input type that accepts ClusterTrustBundlePatchArray and ClusterTrustBundlePatchArrayOutput values. You can construct a concrete instance of `ClusterTrustBundlePatchArrayInput` via:

ClusterTrustBundlePatchArray{ ClusterTrustBundlePatchArgs{...} }

type ClusterTrustBundlePatchArrayOutput

type ClusterTrustBundlePatchArrayOutput struct{ *pulumi.OutputState }

func (ClusterTrustBundlePatchArrayOutput) ElementType

func (ClusterTrustBundlePatchArrayOutput) Index

func (ClusterTrustBundlePatchArrayOutput) ToClusterTrustBundlePatchArrayOutput

func (o ClusterTrustBundlePatchArrayOutput) ToClusterTrustBundlePatchArrayOutput() ClusterTrustBundlePatchArrayOutput

func (ClusterTrustBundlePatchArrayOutput) ToClusterTrustBundlePatchArrayOutputWithContext

func (o ClusterTrustBundlePatchArrayOutput) ToClusterTrustBundlePatchArrayOutputWithContext(ctx context.Context) ClusterTrustBundlePatchArrayOutput

type ClusterTrustBundlePatchInput

type ClusterTrustBundlePatchInput interface {
	pulumi.Input

	ToClusterTrustBundlePatchOutput() ClusterTrustBundlePatchOutput
	ToClusterTrustBundlePatchOutputWithContext(ctx context.Context) ClusterTrustBundlePatchOutput
}

type ClusterTrustBundlePatchMap

type ClusterTrustBundlePatchMap map[string]ClusterTrustBundlePatchInput

func (ClusterTrustBundlePatchMap) ElementType

func (ClusterTrustBundlePatchMap) ElementType() reflect.Type

func (ClusterTrustBundlePatchMap) ToClusterTrustBundlePatchMapOutput

func (i ClusterTrustBundlePatchMap) ToClusterTrustBundlePatchMapOutput() ClusterTrustBundlePatchMapOutput

func (ClusterTrustBundlePatchMap) ToClusterTrustBundlePatchMapOutputWithContext

func (i ClusterTrustBundlePatchMap) ToClusterTrustBundlePatchMapOutputWithContext(ctx context.Context) ClusterTrustBundlePatchMapOutput

type ClusterTrustBundlePatchMapInput

type ClusterTrustBundlePatchMapInput interface {
	pulumi.Input

	ToClusterTrustBundlePatchMapOutput() ClusterTrustBundlePatchMapOutput
	ToClusterTrustBundlePatchMapOutputWithContext(context.Context) ClusterTrustBundlePatchMapOutput
}

ClusterTrustBundlePatchMapInput is an input type that accepts ClusterTrustBundlePatchMap and ClusterTrustBundlePatchMapOutput values. You can construct a concrete instance of `ClusterTrustBundlePatchMapInput` via:

ClusterTrustBundlePatchMap{ "key": ClusterTrustBundlePatchArgs{...} }

type ClusterTrustBundlePatchMapOutput

type ClusterTrustBundlePatchMapOutput struct{ *pulumi.OutputState }

func (ClusterTrustBundlePatchMapOutput) ElementType

func (ClusterTrustBundlePatchMapOutput) MapIndex

func (ClusterTrustBundlePatchMapOutput) ToClusterTrustBundlePatchMapOutput

func (o ClusterTrustBundlePatchMapOutput) ToClusterTrustBundlePatchMapOutput() ClusterTrustBundlePatchMapOutput

func (ClusterTrustBundlePatchMapOutput) ToClusterTrustBundlePatchMapOutputWithContext

func (o ClusterTrustBundlePatchMapOutput) ToClusterTrustBundlePatchMapOutputWithContext(ctx context.Context) ClusterTrustBundlePatchMapOutput

type ClusterTrustBundlePatchOutput

type ClusterTrustBundlePatchOutput struct{ *pulumi.OutputState }

func (ClusterTrustBundlePatchOutput) ApiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

func (ClusterTrustBundlePatchOutput) ElementType

func (ClusterTrustBundlePatchOutput) Kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

func (ClusterTrustBundlePatchOutput) Metadata

metadata contains the object metadata.

func (ClusterTrustBundlePatchOutput) Spec

spec contains the signer (if any) and trust anchors.

func (ClusterTrustBundlePatchOutput) ToClusterTrustBundlePatchOutput

func (o ClusterTrustBundlePatchOutput) ToClusterTrustBundlePatchOutput() ClusterTrustBundlePatchOutput

func (ClusterTrustBundlePatchOutput) ToClusterTrustBundlePatchOutputWithContext

func (o ClusterTrustBundlePatchOutput) ToClusterTrustBundlePatchOutputWithContext(ctx context.Context) ClusterTrustBundlePatchOutput

type ClusterTrustBundlePatchState

type ClusterTrustBundlePatchState struct {
}

func (ClusterTrustBundlePatchState) ElementType

type ClusterTrustBundlePatchType

type ClusterTrustBundlePatchType struct {
	// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
	ApiVersion *string `pulumi:"apiVersion"`
	// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
	Kind *string `pulumi:"kind"`
	// metadata contains the object metadata.
	Metadata *metav1.ObjectMetaPatch `pulumi:"metadata"`
	// spec contains the signer (if any) and trust anchors.
	Spec *ClusterTrustBundleSpecPatch `pulumi:"spec"`
}

ClusterTrustBundle is a cluster-scoped container for X.509 trust anchors (root certificates).

ClusterTrustBundle objects are considered to be readable by any authenticated user in the cluster, because they can be mounted by pods using the `clusterTrustBundle` projection. All service accounts have read access to ClusterTrustBundles by default. Users who only have namespace-level access to a cluster can read ClusterTrustBundles by impersonating a serviceaccount that they have access to.

It can be optionally associated with a particular assigner, in which case it contains one valid set of trust anchors for that signer. Signers may have multiple associated ClusterTrustBundles; each is an independent set of trust anchors for that signer. Admission control is used to enforce that only users with permissions on the signer can create or modify the corresponding bundle.

type ClusterTrustBundlePatchTypeArgs

type ClusterTrustBundlePatchTypeArgs struct {
	// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
	ApiVersion pulumi.StringPtrInput `pulumi:"apiVersion"`
	// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
	Kind pulumi.StringPtrInput `pulumi:"kind"`
	// metadata contains the object metadata.
	Metadata metav1.ObjectMetaPatchPtrInput `pulumi:"metadata"`
	// spec contains the signer (if any) and trust anchors.
	Spec ClusterTrustBundleSpecPatchPtrInput `pulumi:"spec"`
}

ClusterTrustBundle is a cluster-scoped container for X.509 trust anchors (root certificates).

ClusterTrustBundle objects are considered to be readable by any authenticated user in the cluster, because they can be mounted by pods using the `clusterTrustBundle` projection. All service accounts have read access to ClusterTrustBundles by default. Users who only have namespace-level access to a cluster can read ClusterTrustBundles by impersonating a serviceaccount that they have access to.

It can be optionally associated with a particular assigner, in which case it contains one valid set of trust anchors for that signer. Signers may have multiple associated ClusterTrustBundles; each is an independent set of trust anchors for that signer. Admission control is used to enforce that only users with permissions on the signer can create or modify the corresponding bundle.

func (ClusterTrustBundlePatchTypeArgs) ElementType

func (ClusterTrustBundlePatchTypeArgs) ToClusterTrustBundlePatchTypeOutput

func (i ClusterTrustBundlePatchTypeArgs) ToClusterTrustBundlePatchTypeOutput() ClusterTrustBundlePatchTypeOutput

func (ClusterTrustBundlePatchTypeArgs) ToClusterTrustBundlePatchTypeOutputWithContext

func (i ClusterTrustBundlePatchTypeArgs) ToClusterTrustBundlePatchTypeOutputWithContext(ctx context.Context) ClusterTrustBundlePatchTypeOutput

type ClusterTrustBundlePatchTypeInput

type ClusterTrustBundlePatchTypeInput interface {
	pulumi.Input

	ToClusterTrustBundlePatchTypeOutput() ClusterTrustBundlePatchTypeOutput
	ToClusterTrustBundlePatchTypeOutputWithContext(context.Context) ClusterTrustBundlePatchTypeOutput
}

ClusterTrustBundlePatchTypeInput is an input type that accepts ClusterTrustBundlePatchTypeArgs and ClusterTrustBundlePatchTypeOutput values. You can construct a concrete instance of `ClusterTrustBundlePatchTypeInput` via:

ClusterTrustBundlePatchTypeArgs{...}

type ClusterTrustBundlePatchTypeOutput

type ClusterTrustBundlePatchTypeOutput struct{ *pulumi.OutputState }

ClusterTrustBundle is a cluster-scoped container for X.509 trust anchors (root certificates).

ClusterTrustBundle objects are considered to be readable by any authenticated user in the cluster, because they can be mounted by pods using the `clusterTrustBundle` projection. All service accounts have read access to ClusterTrustBundles by default. Users who only have namespace-level access to a cluster can read ClusterTrustBundles by impersonating a serviceaccount that they have access to.

It can be optionally associated with a particular assigner, in which case it contains one valid set of trust anchors for that signer. Signers may have multiple associated ClusterTrustBundles; each is an independent set of trust anchors for that signer. Admission control is used to enforce that only users with permissions on the signer can create or modify the corresponding bundle.

func (ClusterTrustBundlePatchTypeOutput) ApiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

func (ClusterTrustBundlePatchTypeOutput) ElementType

func (ClusterTrustBundlePatchTypeOutput) Kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

func (ClusterTrustBundlePatchTypeOutput) Metadata

metadata contains the object metadata.

func (ClusterTrustBundlePatchTypeOutput) Spec

spec contains the signer (if any) and trust anchors.

func (ClusterTrustBundlePatchTypeOutput) ToClusterTrustBundlePatchTypeOutput

func (o ClusterTrustBundlePatchTypeOutput) ToClusterTrustBundlePatchTypeOutput() ClusterTrustBundlePatchTypeOutput

func (ClusterTrustBundlePatchTypeOutput) ToClusterTrustBundlePatchTypeOutputWithContext

func (o ClusterTrustBundlePatchTypeOutput) ToClusterTrustBundlePatchTypeOutputWithContext(ctx context.Context) ClusterTrustBundlePatchTypeOutput

type ClusterTrustBundleSpec

type ClusterTrustBundleSpec struct {
	// signerName indicates the associated signer, if any.
	//
	// In order to create or update a ClusterTrustBundle that sets signerName, you must have the following cluster-scoped permission: group=certificates.k8s.io resource=signers resourceName=<the signer name> verb=attest.
	//
	// If signerName is not empty, then the ClusterTrustBundle object must be named with the signer name as a prefix (translating slashes to colons). For example, for the signer name `example.com/foo`, valid ClusterTrustBundle object names include `example.com:foo:abc` and `example.com:foo:v1`.
	//
	// If signerName is empty, then the ClusterTrustBundle object's name must not have such a prefix.
	//
	// List/watch requests for ClusterTrustBundles can filter on this field using a `spec.signerName=NAME` field selector.
	SignerName *string `pulumi:"signerName"`
	// trustBundle contains the individual X.509 trust anchors for this bundle, as PEM bundle of PEM-wrapped, DER-formatted X.509 certificates.
	//
	// The data must consist only of PEM certificate blocks that parse as valid X.509 certificates.  Each certificate must include a basic constraints extension with the CA bit set.  The API server will reject objects that contain duplicate certificates, or that use PEM block headers.
	//
	// Users of ClusterTrustBundles, including Kubelet, are free to reorder and deduplicate certificate blocks in this file according to their own logic, as well as to drop PEM block headers and inter-block data.
	TrustBundle string `pulumi:"trustBundle"`
}

ClusterTrustBundleSpec contains the signer and trust anchors.

type ClusterTrustBundleSpecArgs

type ClusterTrustBundleSpecArgs struct {
	// signerName indicates the associated signer, if any.
	//
	// In order to create or update a ClusterTrustBundle that sets signerName, you must have the following cluster-scoped permission: group=certificates.k8s.io resource=signers resourceName=<the signer name> verb=attest.
	//
	// If signerName is not empty, then the ClusterTrustBundle object must be named with the signer name as a prefix (translating slashes to colons). For example, for the signer name `example.com/foo`, valid ClusterTrustBundle object names include `example.com:foo:abc` and `example.com:foo:v1`.
	//
	// If signerName is empty, then the ClusterTrustBundle object's name must not have such a prefix.
	//
	// List/watch requests for ClusterTrustBundles can filter on this field using a `spec.signerName=NAME` field selector.
	SignerName pulumi.StringPtrInput `pulumi:"signerName"`
	// trustBundle contains the individual X.509 trust anchors for this bundle, as PEM bundle of PEM-wrapped, DER-formatted X.509 certificates.
	//
	// The data must consist only of PEM certificate blocks that parse as valid X.509 certificates.  Each certificate must include a basic constraints extension with the CA bit set.  The API server will reject objects that contain duplicate certificates, or that use PEM block headers.
	//
	// Users of ClusterTrustBundles, including Kubelet, are free to reorder and deduplicate certificate blocks in this file according to their own logic, as well as to drop PEM block headers and inter-block data.
	TrustBundle pulumi.StringInput `pulumi:"trustBundle"`
}

ClusterTrustBundleSpec contains the signer and trust anchors.

func (ClusterTrustBundleSpecArgs) ElementType

func (ClusterTrustBundleSpecArgs) ElementType() reflect.Type

func (ClusterTrustBundleSpecArgs) ToClusterTrustBundleSpecOutput

func (i ClusterTrustBundleSpecArgs) ToClusterTrustBundleSpecOutput() ClusterTrustBundleSpecOutput

func (ClusterTrustBundleSpecArgs) ToClusterTrustBundleSpecOutputWithContext

func (i ClusterTrustBundleSpecArgs) ToClusterTrustBundleSpecOutputWithContext(ctx context.Context) ClusterTrustBundleSpecOutput

type ClusterTrustBundleSpecInput

type ClusterTrustBundleSpecInput interface {
	pulumi.Input

	ToClusterTrustBundleSpecOutput() ClusterTrustBundleSpecOutput
	ToClusterTrustBundleSpecOutputWithContext(context.Context) ClusterTrustBundleSpecOutput
}

ClusterTrustBundleSpecInput is an input type that accepts ClusterTrustBundleSpecArgs and ClusterTrustBundleSpecOutput values. You can construct a concrete instance of `ClusterTrustBundleSpecInput` via:

ClusterTrustBundleSpecArgs{...}

type ClusterTrustBundleSpecOutput

type ClusterTrustBundleSpecOutput struct{ *pulumi.OutputState }

ClusterTrustBundleSpec contains the signer and trust anchors.

func (ClusterTrustBundleSpecOutput) ElementType

func (ClusterTrustBundleSpecOutput) SignerName

signerName indicates the associated signer, if any.

In order to create or update a ClusterTrustBundle that sets signerName, you must have the following cluster-scoped permission: group=certificates.k8s.io resource=signers resourceName=<the signer name> verb=attest.

If signerName is not empty, then the ClusterTrustBundle object must be named with the signer name as a prefix (translating slashes to colons). For example, for the signer name `example.com/foo`, valid ClusterTrustBundle object names include `example.com:foo:abc` and `example.com:foo:v1`.

If signerName is empty, then the ClusterTrustBundle object's name must not have such a prefix.

List/watch requests for ClusterTrustBundles can filter on this field using a `spec.signerName=NAME` field selector.

func (ClusterTrustBundleSpecOutput) ToClusterTrustBundleSpecOutput

func (o ClusterTrustBundleSpecOutput) ToClusterTrustBundleSpecOutput() ClusterTrustBundleSpecOutput

func (ClusterTrustBundleSpecOutput) ToClusterTrustBundleSpecOutputWithContext

func (o ClusterTrustBundleSpecOutput) ToClusterTrustBundleSpecOutputWithContext(ctx context.Context) ClusterTrustBundleSpecOutput

func (ClusterTrustBundleSpecOutput) TrustBundle

trustBundle contains the individual X.509 trust anchors for this bundle, as PEM bundle of PEM-wrapped, DER-formatted X.509 certificates.

The data must consist only of PEM certificate blocks that parse as valid X.509 certificates. Each certificate must include a basic constraints extension with the CA bit set. The API server will reject objects that contain duplicate certificates, or that use PEM block headers.

Users of ClusterTrustBundles, including Kubelet, are free to reorder and deduplicate certificate blocks in this file according to their own logic, as well as to drop PEM block headers and inter-block data.

type ClusterTrustBundleSpecPatch

type ClusterTrustBundleSpecPatch struct {
	// signerName indicates the associated signer, if any.
	//
	// In order to create or update a ClusterTrustBundle that sets signerName, you must have the following cluster-scoped permission: group=certificates.k8s.io resource=signers resourceName=<the signer name> verb=attest.
	//
	// If signerName is not empty, then the ClusterTrustBundle object must be named with the signer name as a prefix (translating slashes to colons). For example, for the signer name `example.com/foo`, valid ClusterTrustBundle object names include `example.com:foo:abc` and `example.com:foo:v1`.
	//
	// If signerName is empty, then the ClusterTrustBundle object's name must not have such a prefix.
	//
	// List/watch requests for ClusterTrustBundles can filter on this field using a `spec.signerName=NAME` field selector.
	SignerName *string `pulumi:"signerName"`
	// trustBundle contains the individual X.509 trust anchors for this bundle, as PEM bundle of PEM-wrapped, DER-formatted X.509 certificates.
	//
	// The data must consist only of PEM certificate blocks that parse as valid X.509 certificates.  Each certificate must include a basic constraints extension with the CA bit set.  The API server will reject objects that contain duplicate certificates, or that use PEM block headers.
	//
	// Users of ClusterTrustBundles, including Kubelet, are free to reorder and deduplicate certificate blocks in this file according to their own logic, as well as to drop PEM block headers and inter-block data.
	TrustBundle *string `pulumi:"trustBundle"`
}

ClusterTrustBundleSpec contains the signer and trust anchors.

type ClusterTrustBundleSpecPatchArgs

type ClusterTrustBundleSpecPatchArgs struct {
	// signerName indicates the associated signer, if any.
	//
	// In order to create or update a ClusterTrustBundle that sets signerName, you must have the following cluster-scoped permission: group=certificates.k8s.io resource=signers resourceName=<the signer name> verb=attest.
	//
	// If signerName is not empty, then the ClusterTrustBundle object must be named with the signer name as a prefix (translating slashes to colons). For example, for the signer name `example.com/foo`, valid ClusterTrustBundle object names include `example.com:foo:abc` and `example.com:foo:v1`.
	//
	// If signerName is empty, then the ClusterTrustBundle object's name must not have such a prefix.
	//
	// List/watch requests for ClusterTrustBundles can filter on this field using a `spec.signerName=NAME` field selector.
	SignerName pulumi.StringPtrInput `pulumi:"signerName"`
	// trustBundle contains the individual X.509 trust anchors for this bundle, as PEM bundle of PEM-wrapped, DER-formatted X.509 certificates.
	//
	// The data must consist only of PEM certificate blocks that parse as valid X.509 certificates.  Each certificate must include a basic constraints extension with the CA bit set.  The API server will reject objects that contain duplicate certificates, or that use PEM block headers.
	//
	// Users of ClusterTrustBundles, including Kubelet, are free to reorder and deduplicate certificate blocks in this file according to their own logic, as well as to drop PEM block headers and inter-block data.
	TrustBundle pulumi.StringPtrInput `pulumi:"trustBundle"`
}

ClusterTrustBundleSpec contains the signer and trust anchors.

func (ClusterTrustBundleSpecPatchArgs) ElementType

func (ClusterTrustBundleSpecPatchArgs) ToClusterTrustBundleSpecPatchOutput

func (i ClusterTrustBundleSpecPatchArgs) ToClusterTrustBundleSpecPatchOutput() ClusterTrustBundleSpecPatchOutput

func (ClusterTrustBundleSpecPatchArgs) ToClusterTrustBundleSpecPatchOutputWithContext

func (i ClusterTrustBundleSpecPatchArgs) ToClusterTrustBundleSpecPatchOutputWithContext(ctx context.Context) ClusterTrustBundleSpecPatchOutput

func (ClusterTrustBundleSpecPatchArgs) ToClusterTrustBundleSpecPatchPtrOutput

func (i ClusterTrustBundleSpecPatchArgs) ToClusterTrustBundleSpecPatchPtrOutput() ClusterTrustBundleSpecPatchPtrOutput

func (ClusterTrustBundleSpecPatchArgs) ToClusterTrustBundleSpecPatchPtrOutputWithContext

func (i ClusterTrustBundleSpecPatchArgs) ToClusterTrustBundleSpecPatchPtrOutputWithContext(ctx context.Context) ClusterTrustBundleSpecPatchPtrOutput

type ClusterTrustBundleSpecPatchInput

type ClusterTrustBundleSpecPatchInput interface {
	pulumi.Input

	ToClusterTrustBundleSpecPatchOutput() ClusterTrustBundleSpecPatchOutput
	ToClusterTrustBundleSpecPatchOutputWithContext(context.Context) ClusterTrustBundleSpecPatchOutput
}

ClusterTrustBundleSpecPatchInput is an input type that accepts ClusterTrustBundleSpecPatchArgs and ClusterTrustBundleSpecPatchOutput values. You can construct a concrete instance of `ClusterTrustBundleSpecPatchInput` via:

ClusterTrustBundleSpecPatchArgs{...}

type ClusterTrustBundleSpecPatchOutput

type ClusterTrustBundleSpecPatchOutput struct{ *pulumi.OutputState }

ClusterTrustBundleSpec contains the signer and trust anchors.

func (ClusterTrustBundleSpecPatchOutput) ElementType

func (ClusterTrustBundleSpecPatchOutput) SignerName

signerName indicates the associated signer, if any.

In order to create or update a ClusterTrustBundle that sets signerName, you must have the following cluster-scoped permission: group=certificates.k8s.io resource=signers resourceName=<the signer name> verb=attest.

If signerName is not empty, then the ClusterTrustBundle object must be named with the signer name as a prefix (translating slashes to colons). For example, for the signer name `example.com/foo`, valid ClusterTrustBundle object names include `example.com:foo:abc` and `example.com:foo:v1`.

If signerName is empty, then the ClusterTrustBundle object's name must not have such a prefix.

List/watch requests for ClusterTrustBundles can filter on this field using a `spec.signerName=NAME` field selector.

func (ClusterTrustBundleSpecPatchOutput) ToClusterTrustBundleSpecPatchOutput

func (o ClusterTrustBundleSpecPatchOutput) ToClusterTrustBundleSpecPatchOutput() ClusterTrustBundleSpecPatchOutput

func (ClusterTrustBundleSpecPatchOutput) ToClusterTrustBundleSpecPatchOutputWithContext

func (o ClusterTrustBundleSpecPatchOutput) ToClusterTrustBundleSpecPatchOutputWithContext(ctx context.Context) ClusterTrustBundleSpecPatchOutput

func (ClusterTrustBundleSpecPatchOutput) ToClusterTrustBundleSpecPatchPtrOutput

func (o ClusterTrustBundleSpecPatchOutput) ToClusterTrustBundleSpecPatchPtrOutput() ClusterTrustBundleSpecPatchPtrOutput

func (ClusterTrustBundleSpecPatchOutput) ToClusterTrustBundleSpecPatchPtrOutputWithContext

func (o ClusterTrustBundleSpecPatchOutput) ToClusterTrustBundleSpecPatchPtrOutputWithContext(ctx context.Context) ClusterTrustBundleSpecPatchPtrOutput

func (ClusterTrustBundleSpecPatchOutput) TrustBundle

trustBundle contains the individual X.509 trust anchors for this bundle, as PEM bundle of PEM-wrapped, DER-formatted X.509 certificates.

The data must consist only of PEM certificate blocks that parse as valid X.509 certificates. Each certificate must include a basic constraints extension with the CA bit set. The API server will reject objects that contain duplicate certificates, or that use PEM block headers.

Users of ClusterTrustBundles, including Kubelet, are free to reorder and deduplicate certificate blocks in this file according to their own logic, as well as to drop PEM block headers and inter-block data.

type ClusterTrustBundleSpecPatchPtrInput

type ClusterTrustBundleSpecPatchPtrInput interface {
	pulumi.Input

	ToClusterTrustBundleSpecPatchPtrOutput() ClusterTrustBundleSpecPatchPtrOutput
	ToClusterTrustBundleSpecPatchPtrOutputWithContext(context.Context) ClusterTrustBundleSpecPatchPtrOutput
}

ClusterTrustBundleSpecPatchPtrInput is an input type that accepts ClusterTrustBundleSpecPatchArgs, ClusterTrustBundleSpecPatchPtr and ClusterTrustBundleSpecPatchPtrOutput values. You can construct a concrete instance of `ClusterTrustBundleSpecPatchPtrInput` via:

        ClusterTrustBundleSpecPatchArgs{...}

or:

        nil

type ClusterTrustBundleSpecPatchPtrOutput

type ClusterTrustBundleSpecPatchPtrOutput struct{ *pulumi.OutputState }

func (ClusterTrustBundleSpecPatchPtrOutput) Elem

func (ClusterTrustBundleSpecPatchPtrOutput) ElementType

func (ClusterTrustBundleSpecPatchPtrOutput) SignerName

signerName indicates the associated signer, if any.

In order to create or update a ClusterTrustBundle that sets signerName, you must have the following cluster-scoped permission: group=certificates.k8s.io resource=signers resourceName=<the signer name> verb=attest.

If signerName is not empty, then the ClusterTrustBundle object must be named with the signer name as a prefix (translating slashes to colons). For example, for the signer name `example.com/foo`, valid ClusterTrustBundle object names include `example.com:foo:abc` and `example.com:foo:v1`.

If signerName is empty, then the ClusterTrustBundle object's name must not have such a prefix.

List/watch requests for ClusterTrustBundles can filter on this field using a `spec.signerName=NAME` field selector.

func (ClusterTrustBundleSpecPatchPtrOutput) ToClusterTrustBundleSpecPatchPtrOutput

func (o ClusterTrustBundleSpecPatchPtrOutput) ToClusterTrustBundleSpecPatchPtrOutput() ClusterTrustBundleSpecPatchPtrOutput

func (ClusterTrustBundleSpecPatchPtrOutput) ToClusterTrustBundleSpecPatchPtrOutputWithContext

func (o ClusterTrustBundleSpecPatchPtrOutput) ToClusterTrustBundleSpecPatchPtrOutputWithContext(ctx context.Context) ClusterTrustBundleSpecPatchPtrOutput

func (ClusterTrustBundleSpecPatchPtrOutput) TrustBundle

trustBundle contains the individual X.509 trust anchors for this bundle, as PEM bundle of PEM-wrapped, DER-formatted X.509 certificates.

The data must consist only of PEM certificate blocks that parse as valid X.509 certificates. Each certificate must include a basic constraints extension with the CA bit set. The API server will reject objects that contain duplicate certificates, or that use PEM block headers.

Users of ClusterTrustBundles, including Kubelet, are free to reorder and deduplicate certificate blocks in this file according to their own logic, as well as to drop PEM block headers and inter-block data.

type ClusterTrustBundleState

type ClusterTrustBundleState struct {
}

func (ClusterTrustBundleState) ElementType

func (ClusterTrustBundleState) ElementType() reflect.Type

type ClusterTrustBundleType

type ClusterTrustBundleType struct {
	// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
	ApiVersion *string `pulumi:"apiVersion"`
	// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
	Kind *string `pulumi:"kind"`
	// metadata contains the object metadata.
	Metadata *metav1.ObjectMeta `pulumi:"metadata"`
	// spec contains the signer (if any) and trust anchors.
	Spec ClusterTrustBundleSpec `pulumi:"spec"`
}

ClusterTrustBundle is a cluster-scoped container for X.509 trust anchors (root certificates).

ClusterTrustBundle objects are considered to be readable by any authenticated user in the cluster, because they can be mounted by pods using the `clusterTrustBundle` projection. All service accounts have read access to ClusterTrustBundles by default. Users who only have namespace-level access to a cluster can read ClusterTrustBundles by impersonating a serviceaccount that they have access to.

It can be optionally associated with a particular assigner, in which case it contains one valid set of trust anchors for that signer. Signers may have multiple associated ClusterTrustBundles; each is an independent set of trust anchors for that signer. Admission control is used to enforce that only users with permissions on the signer can create or modify the corresponding bundle.

type ClusterTrustBundleTypeArgs

type ClusterTrustBundleTypeArgs struct {
	// APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
	ApiVersion pulumi.StringPtrInput `pulumi:"apiVersion"`
	// Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
	Kind pulumi.StringPtrInput `pulumi:"kind"`
	// metadata contains the object metadata.
	Metadata metav1.ObjectMetaPtrInput `pulumi:"metadata"`
	// spec contains the signer (if any) and trust anchors.
	Spec ClusterTrustBundleSpecInput `pulumi:"spec"`
}

ClusterTrustBundle is a cluster-scoped container for X.509 trust anchors (root certificates).

ClusterTrustBundle objects are considered to be readable by any authenticated user in the cluster, because they can be mounted by pods using the `clusterTrustBundle` projection. All service accounts have read access to ClusterTrustBundles by default. Users who only have namespace-level access to a cluster can read ClusterTrustBundles by impersonating a serviceaccount that they have access to.

It can be optionally associated with a particular assigner, in which case it contains one valid set of trust anchors for that signer. Signers may have multiple associated ClusterTrustBundles; each is an independent set of trust anchors for that signer. Admission control is used to enforce that only users with permissions on the signer can create or modify the corresponding bundle.

func (ClusterTrustBundleTypeArgs) ElementType

func (ClusterTrustBundleTypeArgs) ElementType() reflect.Type

func (ClusterTrustBundleTypeArgs) ToClusterTrustBundleTypeOutput

func (i ClusterTrustBundleTypeArgs) ToClusterTrustBundleTypeOutput() ClusterTrustBundleTypeOutput

func (ClusterTrustBundleTypeArgs) ToClusterTrustBundleTypeOutputWithContext

func (i ClusterTrustBundleTypeArgs) ToClusterTrustBundleTypeOutputWithContext(ctx context.Context) ClusterTrustBundleTypeOutput

type ClusterTrustBundleTypeArray

type ClusterTrustBundleTypeArray []ClusterTrustBundleTypeInput

func (ClusterTrustBundleTypeArray) ElementType

func (ClusterTrustBundleTypeArray) ToClusterTrustBundleTypeArrayOutput

func (i ClusterTrustBundleTypeArray) ToClusterTrustBundleTypeArrayOutput() ClusterTrustBundleTypeArrayOutput

func (ClusterTrustBundleTypeArray) ToClusterTrustBundleTypeArrayOutputWithContext

func (i ClusterTrustBundleTypeArray) ToClusterTrustBundleTypeArrayOutputWithContext(ctx context.Context) ClusterTrustBundleTypeArrayOutput

type ClusterTrustBundleTypeArrayInput

type ClusterTrustBundleTypeArrayInput interface {
	pulumi.Input

	ToClusterTrustBundleTypeArrayOutput() ClusterTrustBundleTypeArrayOutput
	ToClusterTrustBundleTypeArrayOutputWithContext(context.Context) ClusterTrustBundleTypeArrayOutput
}

ClusterTrustBundleTypeArrayInput is an input type that accepts ClusterTrustBundleTypeArray and ClusterTrustBundleTypeArrayOutput values. You can construct a concrete instance of `ClusterTrustBundleTypeArrayInput` via:

ClusterTrustBundleTypeArray{ ClusterTrustBundleTypeArgs{...} }

type ClusterTrustBundleTypeArrayOutput

type ClusterTrustBundleTypeArrayOutput struct{ *pulumi.OutputState }

func (ClusterTrustBundleTypeArrayOutput) ElementType

func (ClusterTrustBundleTypeArrayOutput) Index

func (ClusterTrustBundleTypeArrayOutput) ToClusterTrustBundleTypeArrayOutput

func (o ClusterTrustBundleTypeArrayOutput) ToClusterTrustBundleTypeArrayOutput() ClusterTrustBundleTypeArrayOutput

func (ClusterTrustBundleTypeArrayOutput) ToClusterTrustBundleTypeArrayOutputWithContext

func (o ClusterTrustBundleTypeArrayOutput) ToClusterTrustBundleTypeArrayOutputWithContext(ctx context.Context) ClusterTrustBundleTypeArrayOutput

type ClusterTrustBundleTypeInput

type ClusterTrustBundleTypeInput interface {
	pulumi.Input

	ToClusterTrustBundleTypeOutput() ClusterTrustBundleTypeOutput
	ToClusterTrustBundleTypeOutputWithContext(context.Context) ClusterTrustBundleTypeOutput
}

ClusterTrustBundleTypeInput is an input type that accepts ClusterTrustBundleTypeArgs and ClusterTrustBundleTypeOutput values. You can construct a concrete instance of `ClusterTrustBundleTypeInput` via:

ClusterTrustBundleTypeArgs{...}

type ClusterTrustBundleTypeOutput

type ClusterTrustBundleTypeOutput struct{ *pulumi.OutputState }

ClusterTrustBundle is a cluster-scoped container for X.509 trust anchors (root certificates).

ClusterTrustBundle objects are considered to be readable by any authenticated user in the cluster, because they can be mounted by pods using the `clusterTrustBundle` projection. All service accounts have read access to ClusterTrustBundles by default. Users who only have namespace-level access to a cluster can read ClusterTrustBundles by impersonating a serviceaccount that they have access to.

It can be optionally associated with a particular assigner, in which case it contains one valid set of trust anchors for that signer. Signers may have multiple associated ClusterTrustBundles; each is an independent set of trust anchors for that signer. Admission control is used to enforce that only users with permissions on the signer can create or modify the corresponding bundle.

func (ClusterTrustBundleTypeOutput) ApiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

func (ClusterTrustBundleTypeOutput) ElementType

func (ClusterTrustBundleTypeOutput) Kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

func (ClusterTrustBundleTypeOutput) Metadata

metadata contains the object metadata.

func (ClusterTrustBundleTypeOutput) Spec

spec contains the signer (if any) and trust anchors.

func (ClusterTrustBundleTypeOutput) ToClusterTrustBundleTypeOutput

func (o ClusterTrustBundleTypeOutput) ToClusterTrustBundleTypeOutput() ClusterTrustBundleTypeOutput

func (ClusterTrustBundleTypeOutput) ToClusterTrustBundleTypeOutputWithContext

func (o ClusterTrustBundleTypeOutput) ToClusterTrustBundleTypeOutputWithContext(ctx context.Context) ClusterTrustBundleTypeOutput

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL