1---
2apiVersion: apiextensions.k8s.io/v1
3kind: CustomResourceDefinition
4metadata:
5 annotations:
6 controller-gen.kubebuilder.io/version: (unknown)
7 name: dnsmanagedzones.dns.cnrm.cloud.google.com
8spec:
9 group: dns.cnrm.cloud.google.com
10 names:
11 kind: DNSManagedZone
12 listKind: DNSManagedZoneList
13 plural: dnsmanagedzones
14 singular: dnsmanagedzone
15 scope: Namespaced
16 versions:
17 - name: v1beta1
18 schema:
19 openAPIV3Schema:
20 description: DNSManagedZone is the Schema for the dns API
21 properties:
22 apiVersion:
23 description: |-
24 APIVersion defines the versioned schema of this representation of an object.
25 Servers should convert recognized schemas to the latest internal value, and
26 may reject unrecognized values.
27 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
28 type: string
29 kind:
30 description: |-
31 Kind is a string value representing the REST resource this object represents.
32 Servers may infer this from the endpoint the client submits requests to.
33 Cannot be updated.
34 In CamelCase.
35 More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
36 type: string
37 metadata:
38 type: object
39 spec:
40 properties:
41 cloudLoggingConfig:
42 description: Cloud logging configuration.
43 properties:
44 enableLogging:
45 description: If set, enable query logging for this ManagedZone.
46 False by default, making logging opt-in.
47 type: boolean
48 required:
49 - enableLogging
50 type: object
51 description:
52 description: A textual description field. Defaults to 'Managed by
53 Config Connector'.
54 type: string
55 dnsName:
56 description: Immutable. The DNS name of this managed zone, for instance
57 "example.com.".
58 type: string
59 dnssecConfig:
60 description: DNSSEC configuration.
61 properties:
62 defaultKeySpecs:
63 description: |-
64 Specifies parameters that will be used for generating initial DnsKeys
65 for this ManagedZone. If you provide a spec for keySigning or zoneSigning,
66 you must also provide one for the other.
67 default_key_specs can only be updated when the state is 'off'.
68 items:
69 properties:
70 algorithm:
71 description: 'String mnemonic specifying the DNSSEC algorithm
72 of this key Possible values: ["ecdsap256sha256", "ecdsap384sha384",
73 "rsasha1", "rsasha256", "rsasha512"].'
74 type: string
75 keyLength:
76 description: Length of the keys in bits.
77 type: integer
78 keyType:
79 description: |-
80 Specifies whether this is a key signing key (KSK) or a zone
81 signing key (ZSK). Key signing keys have the Secure Entry
82 Point flag set and, when active, will only be used to sign
83 resource record sets of type DNSKEY. Zone signing keys do
84 not have the Secure Entry Point flag set and will be used
85 to sign all other types of resource record sets. Possible values: ["keySigning", "zoneSigning"].
86 type: string
87 kind:
88 description: Identifies what kind of resource this is.
89 type: string
90 type: object
91 type: array
92 kind:
93 description: Identifies what kind of resource this is.
94 type: string
95 nonExistence:
96 description: |-
97 Specifies the mechanism used to provide authenticated denial-of-existence responses.
98 non_existence can only be updated when the state is 'off'. Possible values: ["nsec", "nsec3"].
99 type: string
100 state:
101 description: 'Specifies whether DNSSEC is enabled, and what mode
102 it is in Possible values: ["off", "on", "transfer"].'
103 type: string
104 type: object
105 forwardingConfig:
106 description: |-
107 The presence for this field indicates that outbound forwarding is enabled
108 for this zone. The value of this field contains the set of destinations
109 to forward to.
110 properties:
111 targetNameServers:
112 description: |-
113 List of target name servers to forward to. Cloud DNS will
114 select the best available name server if more than
115 one target is given.
116 items:
117 properties:
118 forwardingPath:
119 description: |-
120 Forwarding path for this TargetNameServer. If unset or 'default' Cloud DNS will make forwarding
121 decision based on address ranges, i.e. RFC1918 addresses go to the VPC, Non-RFC1918 addresses go
122 to the Internet. When set to 'private', Cloud DNS will always send queries through VPC for this target Possible values: ["default", "private"].
123 type: string
124 ipv4Address:
125 description: IPv4 address of a target name server.
126 type: string
127 required:
128 - ipv4Address
129 type: object
130 type: array
131 required:
132 - targetNameServers
133 type: object
134 peeringConfig:
135 description: |-
136 The presence of this field indicates that DNS Peering is enabled for this
137 zone. The value of this field contains the network to peer with.
138 properties:
139 targetNetwork:
140 description: The network with which to peer.
141 properties:
142 networkRef:
143 description: VPC network to forward queries to.
144 properties:
145 external:
146 description: The external name of the referenced resource
147 type: string
148 kind:
149 description: Kind of the referent.
150 type: string
151 name:
152 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
153 type: string
154 namespace:
155 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
156 type: string
157 type: object
158 required:
159 - networkRef
160 type: object
161 required:
162 - targetNetwork
163 type: object
164 privateVisibilityConfig:
165 description: |-
166 For privately visible zones, the set of Virtual Private Cloud
167 resources that the zone is visible from.
168 properties:
169 gkeClusters:
170 description: The list of Google Kubernetes Engine clusters that
171 can see this zone.
172 items:
173 properties:
174 gkeClusterNameRef:
175 description: |-
176 The resource name of the cluster to bind this ManagedZone to.
177 This should be specified in the format like
178 'projects/* /locations/* /clusters/*'.
179 properties:
180 external:
181 description: The external name of the referenced resource
182 type: string
183 kind:
184 description: Kind of the referent.
185 type: string
186 name:
187 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
188 type: string
189 namespace:
190 description: 'Namespace of the referent. More info:
191 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
192 type: string
193 type: object
194 required:
195 - gkeClusterNameRef
196 type: object
197 type: array
198 networks:
199 items:
200 properties:
201 networkRef:
202 description: VPC network to bind to.
203 properties:
204 external:
205 description: The external name of the referenced resource
206 type: string
207 kind:
208 description: Kind of the referent.
209 type: string
210 name:
211 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
212 type: string
213 namespace:
214 description: 'Namespace of the referent. More info:
215 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
216 type: string
217 type: object
218 required:
219 - networkRef
220 type: object
221 type: array
222 required:
223 - networks
224 type: object
225 resourceID:
226 description: Immutable. Optional. The name of the resource. Used for
227 creation and acquisition. When unset, the value of `metadata.name`
228 is used as the default.
229 type: string
230 reverseLookup:
231 description: |-
232 Immutable. Specifies if this is a managed reverse lookup zone. If true, Cloud DNS will resolve reverse
233 lookup queries using automatically configured records for VPC resources. This only applies
234 to networks listed under 'private_visibility_config'.
235 type: boolean
236 serviceDirectoryConfig:
237 description: Immutable. The presence of this field indicates that
238 this zone is backed by Service Directory. The value of this field
239 contains information related to the namespace associated with the
240 zone.
241 properties:
242 namespace:
243 description: The namespace associated with the zone.
244 properties:
245 namespaceUrl:
246 description: |-
247 The fully qualified or partial URL of the service directory namespace that should be
248 associated with the zone. This should be formatted like
249 'https://servicedirectory.googleapis.com/v1/projects/{project}/locations/{location}/namespaces/{namespace_id}'
250 or simply 'projects/{project}/locations/{location}/namespaces/{namespace_id}'
251 Ignored for 'public' visibility zones.
252 type: string
253 required:
254 - namespaceUrl
255 type: object
256 required:
257 - namespace
258 type: object
259 visibility:
260 description: |-
261 Immutable. The zone's visibility: public zones are exposed to the Internet,
262 while private zones are visible only to Virtual Private Cloud resources. Default value: "public" Possible values: ["private", "public"].
263 type: string
264 required:
265 - dnsName
266 type: object
267 status:
268 properties:
269 conditions:
270 description: |-
271 Conditions represent the latest available observations of the
272 DNSManagedZone's current state.
273 items:
274 properties:
275 lastTransitionTime:
276 description: Last time the condition transitioned from one status
277 to another.
278 type: string
279 message:
280 description: Human-readable message indicating details about
281 last transition.
282 type: string
283 reason:
284 description: |-
285 Unique, one-word, CamelCase reason for the condition's last
286 transition.
287 type: string
288 status:
289 description: Status is the status of the condition. Can be True,
290 False, Unknown.
291 type: string
292 type:
293 description: Type is the type of the condition.
294 type: string
295 type: object
296 type: array
297 creationTime:
298 description: |-
299 The time that this resource was created on the server.
300 This is in RFC3339 text format.
301 type: string
302 managedZoneId:
303 description: Unique identifier for the resource; defined by the server.
304 type: integer
305 nameServers:
306 description: |-
307 Delegate your managed_zone to these virtual name servers;
308 defined by the server.
309 items:
310 type: string
311 type: array
312 observedGeneration:
313 description: ObservedGeneration is the generation of the resource
314 that was most recently observed by the Config Connector controller.
315 If this is equal to metadata.generation, then that means that the
316 current reported status reflects the most recent desired state of
317 the resource.
318 type: integer
319 type: object
320 type: object
321 served: true
322 storage: true
View as plain text