1apiVersion: apiextensions.k8s.io/v1
2kind: CustomResourceDefinition
3metadata:
4 annotations:
5 cnrm.cloud.google.com/version: 0.0.0-dev
6 creationTimestamp: null
7 labels:
8 cnrm.cloud.google.com/managed-by-kcc: "true"
9 cnrm.cloud.google.com/stability-level: stable
10 cnrm.cloud.google.com/system: "true"
11 cnrm.cloud.google.com/tf2crd: "true"
12 name: dnsmanagedzones.dns.cnrm.cloud.google.com
13spec:
14 group: dns.cnrm.cloud.google.com
15 names:
16 categories:
17 - gcp
18 kind: DNSManagedZone
19 plural: dnsmanagedzones
20 shortNames:
21 - gcpdnsmanagedzone
22 - gcpdnsmanagedzones
23 singular: dnsmanagedzone
24 preserveUnknownFields: false
25 scope: Namespaced
26 versions:
27 - additionalPrinterColumns:
28 - jsonPath: .metadata.creationTimestamp
29 name: Age
30 type: date
31 - description: When 'True', the most recent reconcile of the resource succeeded
32 jsonPath: .status.conditions[?(@.type=='Ready')].status
33 name: Ready
34 type: string
35 - description: The reason for the value in 'Ready'
36 jsonPath: .status.conditions[?(@.type=='Ready')].reason
37 name: Status
38 type: string
39 - description: The last transition time for the value in 'Status'
40 jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime
41 name: Status Age
42 type: date
43 name: v1beta1
44 schema:
45 openAPIV3Schema:
46 properties:
47 apiVersion:
48 description: 'apiVersion defines the versioned schema of this representation
49 of an object. Servers should convert recognized schemas to the latest
50 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
51 type: string
52 kind:
53 description: 'kind is a string value representing the REST resource this
54 object represents. Servers may infer this from the endpoint the client
55 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
56 type: string
57 metadata:
58 type: object
59 spec:
60 properties:
61 cloudLoggingConfig:
62 description: Cloud logging configuration.
63 properties:
64 enableLogging:
65 description: If set, enable query logging for this ManagedZone.
66 False by default, making logging opt-in.
67 type: boolean
68 required:
69 - enableLogging
70 type: object
71 description:
72 description: A textual description field. Defaults to 'Managed by
73 Config Connector'.
74 type: string
75 dnsName:
76 description: Immutable. The DNS name of this managed zone, for instance
77 "example.com.".
78 type: string
79 dnssecConfig:
80 description: DNSSEC configuration.
81 properties:
82 defaultKeySpecs:
83 description: |-
84 Specifies parameters that will be used for generating initial DnsKeys
85 for this ManagedZone. If you provide a spec for keySigning or zoneSigning,
86 you must also provide one for the other.
87 default_key_specs can only be updated when the state is 'off'.
88 items:
89 properties:
90 algorithm:
91 description: 'String mnemonic specifying the DNSSEC algorithm
92 of this key Possible values: ["ecdsap256sha256", "ecdsap384sha384",
93 "rsasha1", "rsasha256", "rsasha512"].'
94 type: string
95 keyLength:
96 description: Length of the keys in bits.
97 type: integer
98 keyType:
99 description: |-
100 Specifies whether this is a key signing key (KSK) or a zone
101 signing key (ZSK). Key signing keys have the Secure Entry
102 Point flag set and, when active, will only be used to sign
103 resource record sets of type DNSKEY. Zone signing keys do
104 not have the Secure Entry Point flag set and will be used
105 to sign all other types of resource record sets. Possible values: ["keySigning", "zoneSigning"].
106 type: string
107 kind:
108 description: Identifies what kind of resource this is.
109 type: string
110 type: object
111 type: array
112 kind:
113 description: Identifies what kind of resource this is.
114 type: string
115 nonExistence:
116 description: |-
117 Specifies the mechanism used to provide authenticated denial-of-existence responses.
118 non_existence can only be updated when the state is 'off'. Possible values: ["nsec", "nsec3"].
119 type: string
120 state:
121 description: 'Specifies whether DNSSEC is enabled, and what mode
122 it is in Possible values: ["off", "on", "transfer"].'
123 type: string
124 type: object
125 forwardingConfig:
126 description: |-
127 The presence for this field indicates that outbound forwarding is enabled
128 for this zone. The value of this field contains the set of destinations
129 to forward to.
130 properties:
131 targetNameServers:
132 description: |-
133 List of target name servers to forward to. Cloud DNS will
134 select the best available name server if more than
135 one target is given.
136 items:
137 properties:
138 forwardingPath:
139 description: |-
140 Forwarding path for this TargetNameServer. If unset or 'default' Cloud DNS will make forwarding
141 decision based on address ranges, i.e. RFC1918 addresses go to the VPC, Non-RFC1918 addresses go
142 to the Internet. When set to 'private', Cloud DNS will always send queries through VPC for this target Possible values: ["default", "private"].
143 type: string
144 ipv4Address:
145 description: IPv4 address of a target name server.
146 type: string
147 required:
148 - ipv4Address
149 type: object
150 type: array
151 required:
152 - targetNameServers
153 type: object
154 peeringConfig:
155 description: |-
156 The presence of this field indicates that DNS Peering is enabled for this
157 zone. The value of this field contains the network to peer with.
158 properties:
159 targetNetwork:
160 description: The network with which to peer.
161 properties:
162 networkRef:
163 description: VPC network to forward queries to.
164 oneOf:
165 - not:
166 required:
167 - external
168 required:
169 - name
170 - not:
171 anyOf:
172 - required:
173 - name
174 - required:
175 - namespace
176 required:
177 - external
178 properties:
179 external:
180 description: 'Allowed value: The `selfLink` field of a
181 `ComputeNetwork` resource.'
182 type: string
183 name:
184 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
185 type: string
186 namespace:
187 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
188 type: string
189 type: object
190 required:
191 - networkRef
192 type: object
193 required:
194 - targetNetwork
195 type: object
196 privateVisibilityConfig:
197 description: |-
198 For privately visible zones, the set of Virtual Private Cloud
199 resources that the zone is visible from.
200 properties:
201 gkeClusters:
202 description: The list of Google Kubernetes Engine clusters that
203 can see this zone.
204 items:
205 properties:
206 gkeClusterNameRef:
207 description: |-
208 The resource name of the cluster to bind this ManagedZone to.
209 This should be specified in the format like
210 'projects/*/locations/*/clusters/*'.
211 oneOf:
212 - not:
213 required:
214 - external
215 required:
216 - name
217 - not:
218 anyOf:
219 - required:
220 - name
221 - required:
222 - namespace
223 required:
224 - external
225 properties:
226 external:
227 description: 'Allowed value: The `selfLink` field of
228 a `ContainerCluster` resource.'
229 type: string
230 name:
231 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
232 type: string
233 namespace:
234 description: 'Namespace of the referent. More info:
235 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
236 type: string
237 type: object
238 required:
239 - gkeClusterNameRef
240 type: object
241 type: array
242 networks:
243 items:
244 properties:
245 networkRef:
246 description: VPC network to bind to.
247 oneOf:
248 - not:
249 required:
250 - external
251 required:
252 - name
253 - not:
254 anyOf:
255 - required:
256 - name
257 - required:
258 - namespace
259 required:
260 - external
261 properties:
262 external:
263 description: 'Allowed value: The `selfLink` field of
264 a `ComputeNetwork` resource.'
265 type: string
266 name:
267 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
268 type: string
269 namespace:
270 description: 'Namespace of the referent. More info:
271 https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
272 type: string
273 type: object
274 required:
275 - networkRef
276 type: object
277 type: array
278 required:
279 - networks
280 type: object
281 resourceID:
282 description: Immutable. Optional. The name of the resource. Used for
283 creation and acquisition. When unset, the value of `metadata.name`
284 is used as the default.
285 type: string
286 reverseLookup:
287 description: |-
288 Immutable. Specifies if this is a managed reverse lookup zone. If true, Cloud DNS will resolve reverse
289 lookup queries using automatically configured records for VPC resources. This only applies
290 to networks listed under 'private_visibility_config'.
291 type: boolean
292 serviceDirectoryConfig:
293 description: Immutable. The presence of this field indicates that
294 this zone is backed by Service Directory. The value of this field
295 contains information related to the namespace associated with the
296 zone.
297 properties:
298 namespace:
299 description: The namespace associated with the zone.
300 properties:
301 namespaceUrl:
302 description: |-
303 The fully qualified or partial URL of the service directory namespace that should be
304 associated with the zone. This should be formatted like
305 'https://servicedirectory.googleapis.com/v1/projects/{project}/locations/{location}/namespaces/{namespace_id}'
306 or simply 'projects/{project}/locations/{location}/namespaces/{namespace_id}'
307 Ignored for 'public' visibility zones.
308 type: string
309 required:
310 - namespaceUrl
311 type: object
312 required:
313 - namespace
314 type: object
315 visibility:
316 description: |-
317 Immutable. The zone's visibility: public zones are exposed to the Internet,
318 while private zones are visible only to Virtual Private Cloud resources. Default value: "public" Possible values: ["private", "public"].
319 type: string
320 required:
321 - dnsName
322 type: object
323 status:
324 properties:
325 conditions:
326 description: Conditions represent the latest available observation
327 of the resource's current state.
328 items:
329 properties:
330 lastTransitionTime:
331 description: Last time the condition transitioned from one status
332 to another.
333 type: string
334 message:
335 description: Human-readable message indicating details about
336 last transition.
337 type: string
338 reason:
339 description: Unique, one-word, CamelCase reason for the condition's
340 last transition.
341 type: string
342 status:
343 description: Status is the status of the condition. Can be True,
344 False, Unknown.
345 type: string
346 type:
347 description: Type is the type of the condition.
348 type: string
349 type: object
350 type: array
351 creationTime:
352 description: |-
353 The time that this resource was created on the server.
354 This is in RFC3339 text format.
355 type: string
356 managedZoneId:
357 description: Unique identifier for the resource; defined by the server.
358 type: integer
359 nameServers:
360 description: |-
361 Delegate your managed_zone to these virtual name servers;
362 defined by the server.
363 items:
364 type: string
365 type: array
366 observedGeneration:
367 description: ObservedGeneration is the generation of the resource
368 that was most recently observed by the Config Connector controller.
369 If this is equal to metadata.generation, then that means that the
370 current reported status reflects the most recent desired state of
371 the resource.
372 type: integer
373 type: object
374 required:
375 - spec
376 type: object
377 served: true
378 storage: true
379 subresources:
380 status: {}
381status:
382 acceptedNames:
383 kind: ""
384 plural: ""
385 conditions: []
386 storedVersions: []
View as plain text