1apiVersion: apiextensions.k8s.io/v1
2kind: CustomResourceDefinition
3metadata:
4 annotations:
5 cnrm.cloud.google.com/version: 0.0.0-dev
6 creationTimestamp: null
7 labels:
8 cnrm.cloud.google.com/managed-by-kcc: "true"
9 cnrm.cloud.google.com/stability-level: stable
10 cnrm.cloud.google.com/system: "true"
11 cnrm.cloud.google.com/tf2crd: "true"
12 name: cloudidentitygroups.cloudidentity.cnrm.cloud.google.com
13spec:
14 group: cloudidentity.cnrm.cloud.google.com
15 names:
16 categories:
17 - gcp
18 kind: CloudIdentityGroup
19 plural: cloudidentitygroups
20 shortNames:
21 - gcpcloudidentitygroup
22 - gcpcloudidentitygroups
23 singular: cloudidentitygroup
24 preserveUnknownFields: false
25 scope: Namespaced
26 versions:
27 - additionalPrinterColumns:
28 - jsonPath: .metadata.creationTimestamp
29 name: Age
30 type: date
31 - description: When 'True', the most recent reconcile of the resource succeeded
32 jsonPath: .status.conditions[?(@.type=='Ready')].status
33 name: Ready
34 type: string
35 - description: The reason for the value in 'Ready'
36 jsonPath: .status.conditions[?(@.type=='Ready')].reason
37 name: Status
38 type: string
39 - description: The last transition time for the value in 'Status'
40 jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime
41 name: Status Age
42 type: date
43 name: v1beta1
44 schema:
45 openAPIV3Schema:
46 properties:
47 apiVersion:
48 description: 'apiVersion defines the versioned schema of this representation
49 of an object. Servers should convert recognized schemas to the latest
50 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
51 type: string
52 kind:
53 description: 'kind is a string value representing the REST resource this
54 object represents. Servers may infer this from the endpoint the client
55 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
56 type: string
57 metadata:
58 type: object
59 spec:
60 properties:
61 description:
62 description: |-
63 An extended description to help users determine the purpose of a Group.
64 Must not be longer than 4,096 characters.
65 type: string
66 displayName:
67 description: The display name of the Group.
68 type: string
69 groupKey:
70 description: Immutable. EntityKey of the Group.
71 properties:
72 id:
73 description: |-
74 Immutable. The ID of the entity.
75
76 For Google-managed entities, the id must be the email address of an existing
77 group or user.
78
79 For external-identity-mapped entities, the id must be a string conforming
80 to the Identity Source's requirements.
81
82 Must be unique within a namespace.
83 type: string
84 namespace:
85 description: |-
86 Immutable. The namespace in which the entity exists.
87
88 If not specified, the EntityKey represents a Google-managed entity
89 such as a Google user or a Google Group.
90
91 If specified, the EntityKey represents an external-identity-mapped group.
92 The namespace must correspond to an identity source created in Admin Console
93 and must be in the form of 'identitysources/{identity_source_id}'.
94 type: string
95 required:
96 - id
97 type: object
98 initialGroupConfig:
99 description: |-
100 Immutable. The initial configuration options for creating a Group.
101
102 See the
103 [API reference](https://cloud.google.com/identity/docs/reference/rest/v1beta1/groups/create#initialgroupconfig)
104 for possible values. Default value: "EMPTY" Possible values: ["INITIAL_GROUP_CONFIG_UNSPECIFIED", "WITH_INITIAL_OWNER", "EMPTY"].
105 type: string
106 labels:
107 additionalProperties:
108 type: string
109 description: |-
110 One or more label entries that apply to the Group. Currently supported labels contain a key with an empty value.
111
112 Google Groups are the default type of group and have a label with a key of cloudidentity.googleapis.com/groups.discussion_forum and an empty value.
113
114 Existing Google Groups can have an additional label with a key of cloudidentity.googleapis.com/groups.security and an empty value added to them. This is an immutable change and the security label cannot be removed once added.
115
116 Dynamic groups have a label with a key of cloudidentity.googleapis.com/groups.dynamic.
117
118 Identity-mapped groups for Cloud Search have a label with a key of system/groups/external and an empty value.
119 type: object
120 parent:
121 description: |-
122 Immutable. The resource name of the entity under which this Group resides in the
123 Cloud Identity resource hierarchy.
124
125 Must be of the form identitysources/{identity_source_id} for external-identity-mapped
126 groups or customers/{customer_id} for Google Groups.
127 type: string
128 resourceID:
129 description: Immutable. Optional. The service-generated name of the
130 resource. Used for acquisition only. Leave unset to create a new
131 resource.
132 type: string
133 required:
134 - groupKey
135 - labels
136 - parent
137 type: object
138 status:
139 properties:
140 conditions:
141 description: Conditions represent the latest available observation
142 of the resource's current state.
143 items:
144 properties:
145 lastTransitionTime:
146 description: Last time the condition transitioned from one status
147 to another.
148 type: string
149 message:
150 description: Human-readable message indicating details about
151 last transition.
152 type: string
153 reason:
154 description: Unique, one-word, CamelCase reason for the condition's
155 last transition.
156 type: string
157 status:
158 description: Status is the status of the condition. Can be True,
159 False, Unknown.
160 type: string
161 type:
162 description: Type is the type of the condition.
163 type: string
164 type: object
165 type: array
166 createTime:
167 description: The time when the Group was created.
168 type: string
169 name:
170 description: |-
171 Resource name of the Group in the format: groups/{group_id}, where group_id
172 is the unique ID assigned to the Group.
173 type: string
174 observedGeneration:
175 description: ObservedGeneration is the generation of the resource
176 that was most recently observed by the Config Connector controller.
177 If this is equal to metadata.generation, then that means that the
178 current reported status reflects the most recent desired state of
179 the resource.
180 type: integer
181 updateTime:
182 description: The time when the Group was last updated.
183 type: string
184 type: object
185 required:
186 - spec
187 type: object
188 served: true
189 storage: true
190 subresources:
191 status: {}
192status:
193 acceptedNames:
194 kind: ""
195 plural: ""
196 conditions: []
197 storedVersions: []
View as plain text