1apiVersion: apiextensions.k8s.io/v1
2kind: CustomResourceDefinition
3metadata:
4 annotations:
5 cnrm.cloud.google.com/version: 0.0.0-dev
6 creationTimestamp: null
7 labels:
8 cnrm.cloud.google.com/managed-by-kcc: "true"
9 cnrm.cloud.google.com/stability-level: stable
10 cnrm.cloud.google.com/system: "true"
11 cnrm.cloud.google.com/tf2crd: "true"
12 name: computedisks.compute.cnrm.cloud.google.com
13spec:
14 group: compute.cnrm.cloud.google.com
15 names:
16 categories:
17 - gcp
18 kind: ComputeDisk
19 plural: computedisks
20 shortNames:
21 - gcpcomputedisk
22 - gcpcomputedisks
23 singular: computedisk
24 preserveUnknownFields: false
25 scope: Namespaced
26 versions:
27 - additionalPrinterColumns:
28 - jsonPath: .metadata.creationTimestamp
29 name: Age
30 type: date
31 - description: When 'True', the most recent reconcile of the resource succeeded
32 jsonPath: .status.conditions[?(@.type=='Ready')].status
33 name: Ready
34 type: string
35 - description: The reason for the value in 'Ready'
36 jsonPath: .status.conditions[?(@.type=='Ready')].reason
37 name: Status
38 type: string
39 - description: The last transition time for the value in 'Status'
40 jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime
41 name: Status Age
42 type: date
43 name: v1beta1
44 schema:
45 openAPIV3Schema:
46 properties:
47 apiVersion:
48 description: 'apiVersion defines the versioned schema of this representation
49 of an object. Servers should convert recognized schemas to the latest
50 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
51 type: string
52 kind:
53 description: 'kind is a string value representing the REST resource this
54 object represents. Servers may infer this from the endpoint the client
55 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
56 type: string
57 metadata:
58 type: object
59 spec:
60 properties:
61 asyncPrimaryDisk:
62 description: Immutable. A nested object resource.
63 properties:
64 diskRef:
65 description: Immutable. Primary disk for asynchronous disk replication.
66 oneOf:
67 - not:
68 required:
69 - external
70 required:
71 - name
72 - not:
73 anyOf:
74 - required:
75 - name
76 - required:
77 - namespace
78 required:
79 - external
80 properties:
81 external:
82 description: 'Allowed value: The `selfLink` field of a `ComputeDisk`
83 resource.'
84 type: string
85 name:
86 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
87 type: string
88 namespace:
89 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
90 type: string
91 type: object
92 required:
93 - diskRef
94 type: object
95 description:
96 description: |-
97 Immutable. An optional description of this resource. Provide this property when
98 you create the resource.
99 type: string
100 diskEncryptionKey:
101 description: |-
102 Immutable. Encrypts the disk using a customer-supplied encryption key.
103
104 After you encrypt a disk with a customer-supplied key, you must
105 provide the same key if you use the disk later (e.g. to create a disk
106 snapshot or an image, or to attach the disk to a virtual machine).
107
108 Customer-supplied encryption keys do not protect access to metadata of
109 the disk.
110
111 If you do not provide an encryption key when creating the disk, then
112 the disk will be encrypted using an automatically generated key and
113 you do not need to provide a key to use the disk later.
114 properties:
115 kmsKeyRef:
116 description: |-
117 The encryption key used to encrypt the disk. Your project's Compute
118 Engine System service account
119 ('service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com')
120 must have 'roles/cloudkms.cryptoKeyEncrypterDecrypter' to use this
121 feature. See
122 https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys
123 oneOf:
124 - not:
125 required:
126 - external
127 required:
128 - name
129 - not:
130 anyOf:
131 - required:
132 - name
133 - required:
134 - namespace
135 required:
136 - external
137 properties:
138 external:
139 description: 'Allowed value: The `selfLink` field of a `KMSCryptoKey`
140 resource.'
141 type: string
142 name:
143 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
144 type: string
145 namespace:
146 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
147 type: string
148 type: object
149 kmsKeyServiceAccountRef:
150 description: |-
151 The service account used for the encryption request for the given KMS key.
152 If absent, the Compute Engine Service Agent service account is used.
153 oneOf:
154 - not:
155 required:
156 - external
157 required:
158 - name
159 - not:
160 anyOf:
161 - required:
162 - name
163 - required:
164 - namespace
165 required:
166 - external
167 properties:
168 external:
169 description: 'Allowed value: The `email` field of an `IAMServiceAccount`
170 resource.'
171 type: string
172 name:
173 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
174 type: string
175 namespace:
176 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
177 type: string
178 type: object
179 rawKey:
180 description: |-
181 Immutable. Specifies a 256-bit customer-supplied encryption key, encoded in
182 RFC 4648 base64 to either encrypt or decrypt this resource.
183 oneOf:
184 - not:
185 required:
186 - valueFrom
187 required:
188 - value
189 - not:
190 required:
191 - value
192 required:
193 - valueFrom
194 properties:
195 value:
196 description: Value of the field. Cannot be used if 'valueFrom'
197 is specified.
198 type: string
199 valueFrom:
200 description: Source for the field's value. Cannot be used
201 if 'value' is specified.
202 properties:
203 secretKeyRef:
204 description: Reference to a value with the given key in
205 the given Secret in the resource's namespace.
206 properties:
207 key:
208 description: Key that identifies the value to be extracted.
209 type: string
210 name:
211 description: Name of the Secret to extract a value
212 from.
213 type: string
214 required:
215 - key
216 - name
217 type: object
218 type: object
219 type: object
220 rsaEncryptedKey:
221 description: |-
222 Immutable. Specifies an RFC 4648 base64 encoded, RSA-wrapped 2048-bit
223 customer-supplied encryption key to either encrypt or decrypt
224 this resource. You can provide either the rawKey or the rsaEncryptedKey.
225 oneOf:
226 - not:
227 required:
228 - valueFrom
229 required:
230 - value
231 - not:
232 required:
233 - value
234 required:
235 - valueFrom
236 properties:
237 value:
238 description: Value of the field. Cannot be used if 'valueFrom'
239 is specified.
240 type: string
241 valueFrom:
242 description: Source for the field's value. Cannot be used
243 if 'value' is specified.
244 properties:
245 secretKeyRef:
246 description: Reference to a value with the given key in
247 the given Secret in the resource's namespace.
248 properties:
249 key:
250 description: Key that identifies the value to be extracted.
251 type: string
252 name:
253 description: Name of the Secret to extract a value
254 from.
255 type: string
256 required:
257 - name
258 - key
259 type: object
260 type: object
261 type: object
262 sha256:
263 description: |-
264 The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
265 encryption key that protects this resource.
266 type: string
267 type: object
268 guestOsFeatures:
269 description: |-
270 Immutable. A list of features to enable on the guest operating system.
271 Applicable only for bootable disks.
272 items:
273 properties:
274 type:
275 description: 'Immutable. The type of supported feature. Read
276 [Enabling guest operating system features](https://cloud.google.com/compute/docs/images/create-delete-deprecate-private-images#guest-os-features)
277 to see a list of available options. Possible values: ["MULTI_IP_SUBNET",
278 "SECURE_BOOT", "SEV_CAPABLE", "UEFI_COMPATIBLE", "VIRTIO_SCSI_MULTIQUEUE",
279 "WINDOWS", "GVNIC", "SEV_LIVE_MIGRATABLE", "SEV_SNP_CAPABLE",
280 "SUSPEND_RESUME_COMPATIBLE", "TDX_CAPABLE"].'
281 type: string
282 required:
283 - type
284 type: object
285 type: array
286 imageRef:
287 description: The image from which to initialize this disk.
288 oneOf:
289 - not:
290 required:
291 - external
292 required:
293 - name
294 - not:
295 anyOf:
296 - required:
297 - name
298 - required:
299 - namespace
300 required:
301 - external
302 properties:
303 external:
304 description: 'Allowed value: The `selfLink` field of a `ComputeImage`
305 resource.'
306 type: string
307 name:
308 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
309 type: string
310 namespace:
311 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
312 type: string
313 type: object
314 interface:
315 description: DEPRECATED. This field is no longer in use, disk interfaces
316 will be automatically determined on attachment. To resolve this
317 issue, remove this field from your config. Immutable. Specifies
318 the disk interface to use for attaching this disk, which is either
319 SCSI or NVME. The default is SCSI.
320 type: string
321 licenses:
322 description: Immutable. Any applicable license URI.
323 items:
324 type: string
325 type: array
326 location:
327 description: 'Location represents the geographical location of the
328 ComputeDisk. Specify a region name or a zone name. Reference: GCP
329 definition of regions/zones (https://cloud.google.com/compute/docs/regions-zones/)'
330 type: string
331 multiWriter:
332 description: Immutable. Indicates whether or not the disk can be read/write
333 attached to more than one instance.
334 type: boolean
335 physicalBlockSizeBytes:
336 description: |-
337 Immutable. Physical block size of the persistent disk, in bytes. If not present
338 in a request, a default value is used. Currently supported sizes
339 are 4096 and 16384, other sizes may be added in the future.
340 If an unsupported value is requested, the error message will list
341 the supported values for the caller's project.
342 type: integer
343 projectRef:
344 description: The project that this resource belongs to.
345 oneOf:
346 - not:
347 required:
348 - external
349 required:
350 - name
351 - not:
352 anyOf:
353 - required:
354 - name
355 - required:
356 - namespace
357 required:
358 - external
359 properties:
360 external:
361 description: 'Allowed value: The `name` field of a `Project` resource.'
362 type: string
363 name:
364 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
365 type: string
366 namespace:
367 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
368 type: string
369 type: object
370 provisionedIops:
371 description: Immutable. Indicates how many IOPS must be provisioned
372 for the disk.
373 type: integer
374 replicaZones:
375 description: Immutable. URLs of the zones where the disk should be
376 replicated to.
377 items:
378 type: string
379 type: array
380 resourceID:
381 description: Immutable. Optional. The name of the resource. Used for
382 creation and acquisition. When unset, the value of `metadata.name`
383 is used as the default.
384 type: string
385 resourcePolicies:
386 items:
387 description: Resource policies applied to this disk for automatic
388 snapshot creations.
389 oneOf:
390 - not:
391 required:
392 - external
393 required:
394 - name
395 - not:
396 anyOf:
397 - required:
398 - name
399 - required:
400 - namespace
401 required:
402 - external
403 properties:
404 external:
405 description: 'Allowed value: The `selfLink` field of a `ComputeResourcePolicy`
406 resource.'
407 type: string
408 name:
409 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
410 type: string
411 namespace:
412 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
413 type: string
414 type: object
415 type: array
416 size:
417 description: |-
418 Size of the persistent disk, specified in GB. You can specify this
419 field when creating a persistent disk using the 'image' or
420 'snapshot' parameter, or specify it alone to create an empty
421 persistent disk.
422
423 If you specify this field along with 'image' or 'snapshot',
424 the value must not be less than the size of the image
425 or the size of the snapshot.
426
427 Upsizing the disk is mutable, but downsizing the disk
428 requires re-creating the resource.
429 type: integer
430 snapshotRef:
431 description: The source snapshot used to create this disk.
432 oneOf:
433 - not:
434 required:
435 - external
436 required:
437 - name
438 - not:
439 anyOf:
440 - required:
441 - name
442 - required:
443 - namespace
444 required:
445 - external
446 properties:
447 external:
448 description: 'Allowed value: The `selfLink` field of a `ComputeSnapshot`
449 resource.'
450 type: string
451 name:
452 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
453 type: string
454 namespace:
455 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
456 type: string
457 type: object
458 sourceDiskRef:
459 description: The source disk used to create this disk.
460 oneOf:
461 - not:
462 required:
463 - external
464 required:
465 - name
466 - not:
467 anyOf:
468 - required:
469 - name
470 - required:
471 - namespace
472 required:
473 - external
474 properties:
475 external:
476 description: 'Allowed value: The `selfLink` field of a `ComputeDisk`
477 resource.'
478 type: string
479 name:
480 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
481 type: string
482 namespace:
483 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
484 type: string
485 type: object
486 sourceImageEncryptionKey:
487 description: |-
488 Immutable. The customer-supplied encryption key of the source image. Required if
489 the source image is protected by a customer-supplied encryption key.
490 properties:
491 kmsKeyRef:
492 description: |-
493 The encryption key used to encrypt the disk. Your project's Compute
494 Engine System service account
495 ('service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com')
496 must have 'roles/cloudkms.cryptoKeyEncrypterDecrypter' to use this
497 feature. See
498 https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys
499 oneOf:
500 - not:
501 required:
502 - external
503 required:
504 - name
505 - not:
506 anyOf:
507 - required:
508 - name
509 - required:
510 - namespace
511 required:
512 - external
513 properties:
514 external:
515 description: 'Allowed value: The `selfLink` field of a `KMSCryptoKey`
516 resource.'
517 type: string
518 name:
519 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
520 type: string
521 namespace:
522 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
523 type: string
524 type: object
525 kmsKeyServiceAccountRef:
526 description: |-
527 The service account used for the encryption request for the given KMS key.
528 If absent, the Compute Engine Service Agent service account is used.
529 oneOf:
530 - not:
531 required:
532 - external
533 required:
534 - name
535 - not:
536 anyOf:
537 - required:
538 - name
539 - required:
540 - namespace
541 required:
542 - external
543 properties:
544 external:
545 description: 'Allowed value: The `email` field of an `IAMServiceAccount`
546 resource.'
547 type: string
548 name:
549 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
550 type: string
551 namespace:
552 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
553 type: string
554 type: object
555 rawKey:
556 description: |-
557 Immutable. Specifies a 256-bit customer-supplied encryption key, encoded in
558 RFC 4648 base64 to either encrypt or decrypt this resource.
559 type: string
560 sha256:
561 description: |-
562 The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
563 encryption key that protects this resource.
564 type: string
565 type: object
566 sourceSnapshotEncryptionKey:
567 description: |-
568 Immutable. The customer-supplied encryption key of the source snapshot. Required
569 if the source snapshot is protected by a customer-supplied encryption
570 key.
571 properties:
572 kmsKeyRef:
573 description: |-
574 The encryption key used to encrypt the disk. Your project's Compute
575 Engine System service account
576 ('service-{{PROJECT_NUMBER}}@compute-system.iam.gserviceaccount.com')
577 must have 'roles/cloudkms.cryptoKeyEncrypterDecrypter' to use this
578 feature. See
579 https://cloud.google.com/compute/docs/disks/customer-managed-encryption#encrypt_a_new_persistent_disk_with_your_own_keys
580 oneOf:
581 - not:
582 required:
583 - external
584 required:
585 - name
586 - not:
587 anyOf:
588 - required:
589 - name
590 - required:
591 - namespace
592 required:
593 - external
594 properties:
595 external:
596 description: 'Allowed value: The `selfLink` field of a `KMSCryptoKey`
597 resource.'
598 type: string
599 name:
600 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
601 type: string
602 namespace:
603 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
604 type: string
605 type: object
606 kmsKeyServiceAccountRef:
607 description: |-
608 The service account used for the encryption request for the given KMS key.
609 If absent, the Compute Engine Service Agent service account is used.
610 oneOf:
611 - not:
612 required:
613 - external
614 required:
615 - name
616 - not:
617 anyOf:
618 - required:
619 - name
620 - required:
621 - namespace
622 required:
623 - external
624 properties:
625 external:
626 description: 'Allowed value: The `email` field of an `IAMServiceAccount`
627 resource.'
628 type: string
629 name:
630 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
631 type: string
632 namespace:
633 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
634 type: string
635 type: object
636 rawKey:
637 description: |-
638 Immutable. Specifies a 256-bit customer-supplied encryption key, encoded in
639 RFC 4648 base64 to either encrypt or decrypt this resource.
640 type: string
641 sha256:
642 description: |-
643 The RFC 4648 base64 encoded SHA-256 hash of the customer-supplied
644 encryption key that protects this resource.
645 type: string
646 type: object
647 type:
648 description: |-
649 Immutable. URL of the disk type resource describing which disk type to use to
650 create the disk. Provide this when creating the disk.
651 type: string
652 required:
653 - location
654 type: object
655 status:
656 properties:
657 conditions:
658 description: Conditions represent the latest available observation
659 of the resource's current state.
660 items:
661 properties:
662 lastTransitionTime:
663 description: Last time the condition transitioned from one status
664 to another.
665 type: string
666 message:
667 description: Human-readable message indicating details about
668 last transition.
669 type: string
670 reason:
671 description: Unique, one-word, CamelCase reason for the condition's
672 last transition.
673 type: string
674 status:
675 description: Status is the status of the condition. Can be True,
676 False, Unknown.
677 type: string
678 type:
679 description: Type is the type of the condition.
680 type: string
681 type: object
682 type: array
683 creationTimestamp:
684 description: Creation timestamp in RFC3339 text format.
685 type: string
686 labelFingerprint:
687 description: |-
688 The fingerprint used for optimistic locking of this resource. Used
689 internally during updates.
690 type: string
691 lastAttachTimestamp:
692 description: Last attach timestamp in RFC3339 text format.
693 type: string
694 lastDetachTimestamp:
695 description: Last detach timestamp in RFC3339 text format.
696 type: string
697 observedGeneration:
698 description: ObservedGeneration is the generation of the resource
699 that was most recently observed by the Config Connector controller.
700 If this is equal to metadata.generation, then that means that the
701 current reported status reflects the most recent desired state of
702 the resource.
703 type: integer
704 selfLink:
705 type: string
706 sourceDiskId:
707 description: |-
708 The ID value of the disk used to create this image. This value may
709 be used to determine whether the image was taken from the current
710 or a previous instance of a given disk name.
711 type: string
712 sourceImageId:
713 description: |-
714 The ID value of the image used to create this disk. This value
715 identifies the exact image that was used to create this persistent
716 disk. For example, if you created the persistent disk from an image
717 that was later deleted and recreated under the same name, the source
718 image ID would identify the exact version of the image that was used.
719 type: string
720 sourceSnapshotId:
721 description: |-
722 The unique ID of the snapshot used to create this disk. This value
723 identifies the exact snapshot that was used to create this persistent
724 disk. For example, if you created the persistent disk from a snapshot
725 that was later deleted and recreated under the same name, the source
726 snapshot ID would identify the exact version of the snapshot that was
727 used.
728 type: string
729 users:
730 description: |-
731 Links to the users of the disk (attached instances) in form:
732 project/zones/zone/instances/instance.
733 items:
734 type: string
735 type: array
736 type: object
737 required:
738 - spec
739 type: object
740 served: true
741 storage: true
742 subresources:
743 status: {}
744status:
745 acceptedNames:
746 kind: ""
747 plural: ""
748 conditions: []
749 storedVersions: []
View as plain text