1apiVersion: apiextensions.k8s.io/v1
2kind: CustomResourceDefinition
3metadata:
4 name: authorizationpolicies.policy.linkerd.io
5 annotations:
6 linkerd.io/created-by: linkerd/cli stable-2.11.4
7 labels:
8 helm.sh/chart: linkerd2-0.1.0
9 linkerd.io/control-plane-ns: linkerd
10spec:
11 group: policy.linkerd.io
12 scope: Namespaced
13 names:
14 kind: AuthorizationPolicy
15 plural: authorizationpolicies
16 singular: authorizationpolicy
17 shortNames: [authzpolicy]
18 versions:
19 - name: v1alpha1
20 served: true
21 storage: true
22 schema:
23 openAPIV3Schema:
24 type: object
25 required: [spec]
26 properties:
27 spec:
28 description: >-
29 Authorizes clients to communicate with Linkerd-proxied server
30 resources.
31 type: object
32 required: [targetRef, requiredAuthenticationRefs]
33 properties:
34 targetRef:
35 description: >-
36 TargetRef references a resource to which the authorization
37 policy applies.
38 type: object
39 required: [kind, name]
40 # Modified from the gateway API.
41 # Copyright 2020 The Kubernetes Authors
42 properties:
43 group:
44 description: >-
45 Group is the group of the referent. When empty, the
46 Kubernetes core API group is inferred.
47 maxLength: 253
48 pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
49 type: string
50 kind:
51 description: >-
52 Kind is the kind of the referent.
53 maxLength: 63
54 minLength: 1
55 pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
56 type: string
57 name:
58 description: Name is the name of the referent.
59 maxLength: 253
60 minLength: 1
61 type: string
62 requiredAuthenticationRefs:
63 description: >-
64 RequiredAuthenticationRefs enumerates a set of required
65 authentications. ALL authentications must be satisfied for
66 the authorization to apply. If any of the referred objects
67 cannot be found, the authorization will be ignored.
68 type: array
69 items:
70 type: object
71 required: [kind, name]
72 properties:
73 group:
74 description: >-
75 Group is the group of the referent. When empty, the
76 Kubernetes core API group is inferred."
77 maxLength: 253
78 pattern: ^$|^[a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*$
79 type: string
80 kind:
81 description: >-
82 Kind is the kind of the referent.
83 maxLength: 63
84 minLength: 1
85 pattern: ^[a-zA-Z]([-a-zA-Z0-9]*[a-zA-Z0-9])?$
86 type: string
87 name:
88 description: >-
89 Name is the name of the referent.
90 maxLength: 253
91 minLength: 1
92 type: string
93 namespace:
94 description: >-
95 Name is the name of the referent. When unspecified,
96 this authentication refers to the local namespace.
97 maxLength: 253
98 type: string
View as plain text