1apiVersion: apiextensions.k8s.io/v1
2kind: CustomResourceDefinition
3metadata:
4 annotations:
5 cnrm.cloud.google.com/version: 0.0.0-dev
6 creationTimestamp: null
7 labels:
8 cnrm.cloud.google.com/managed-by-kcc: "true"
9 cnrm.cloud.google.com/stability-level: stable
10 cnrm.cloud.google.com/system: "true"
11 cnrm.cloud.google.com/tf2crd: "true"
12 name: iamaccessboundarypolicies.iam.cnrm.cloud.google.com
13spec:
14 group: iam.cnrm.cloud.google.com
15 names:
16 categories:
17 - gcp
18 kind: IAMAccessBoundaryPolicy
19 plural: iamaccessboundarypolicies
20 shortNames:
21 - gcpiamaccessboundarypolicy
22 - gcpiamaccessboundarypolicies
23 singular: iamaccessboundarypolicy
24 preserveUnknownFields: false
25 scope: Namespaced
26 versions:
27 - additionalPrinterColumns:
28 - jsonPath: .metadata.creationTimestamp
29 name: Age
30 type: date
31 - description: When 'True', the most recent reconcile of the resource succeeded
32 jsonPath: .status.conditions[?(@.type=='Ready')].status
33 name: Ready
34 type: string
35 - description: The reason for the value in 'Ready'
36 jsonPath: .status.conditions[?(@.type=='Ready')].reason
37 name: Status
38 type: string
39 - description: The last transition time for the value in 'Status'
40 jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime
41 name: Status Age
42 type: date
43 name: v1beta1
44 schema:
45 openAPIV3Schema:
46 properties:
47 apiVersion:
48 description: 'apiVersion defines the versioned schema of this representation
49 of an object. Servers should convert recognized schemas to the latest
50 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
51 type: string
52 kind:
53 description: 'kind is a string value representing the REST resource this
54 object represents. Servers may infer this from the endpoint the client
55 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
56 type: string
57 metadata:
58 type: object
59 spec:
60 properties:
61 displayName:
62 description: The display name of the rule.
63 type: string
64 projectRef:
65 oneOf:
66 - not:
67 required:
68 - external
69 required:
70 - name
71 - not:
72 anyOf:
73 - required:
74 - name
75 - required:
76 - namespace
77 required:
78 - external
79 properties:
80 external:
81 description: 'Allowed value: string of the format `cloudresourcemanager.googleapis.com%2Fprojects%2F{{value}}`,
82 where {{value}} is the `name` field of a `Project` resource.'
83 type: string
84 name:
85 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
86 type: string
87 namespace:
88 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
89 type: string
90 type: object
91 resourceID:
92 description: Immutable. Optional. The name of the resource. Used for
93 creation and acquisition. When unset, the value of `metadata.name`
94 is used as the default.
95 type: string
96 rules:
97 description: Rules to be applied.
98 items:
99 properties:
100 accessBoundaryRule:
101 description: An access boundary rule in an IAM policy.
102 properties:
103 availabilityCondition:
104 description: The availability condition further constrains
105 the access allowed by the access boundary rule.
106 properties:
107 description:
108 description: |-
109 Description of the expression. This is a longer text which describes the expression,
110 e.g. when hovered over it in a UI.
111 type: string
112 expression:
113 description: Textual representation of an expression
114 in Common Expression Language syntax.
115 type: string
116 location:
117 description: |-
118 String indicating the location of the expression for error reporting,
119 e.g. a file name and a position in the file.
120 type: string
121 title:
122 description: |-
123 Title for the expression, i.e. a short string describing its purpose.
124 This can be used e.g. in UIs which allow to enter the expression.
125 type: string
126 required:
127 - expression
128 type: object
129 availablePermissions:
130 description: A list of permissions that may be allowed for
131 use on the specified resource.
132 items:
133 type: string
134 type: array
135 availableResource:
136 description: The full resource name of a Google Cloud resource
137 entity.
138 type: string
139 type: object
140 description:
141 description: The description of the rule.
142 type: string
143 type: object
144 type: array
145 required:
146 - projectRef
147 - rules
148 type: object
149 status:
150 properties:
151 conditions:
152 description: Conditions represent the latest available observation
153 of the resource's current state.
154 items:
155 properties:
156 lastTransitionTime:
157 description: Last time the condition transitioned from one status
158 to another.
159 type: string
160 message:
161 description: Human-readable message indicating details about
162 last transition.
163 type: string
164 reason:
165 description: Unique, one-word, CamelCase reason for the condition's
166 last transition.
167 type: string
168 status:
169 description: Status is the status of the condition. Can be True,
170 False, Unknown.
171 type: string
172 type:
173 description: Type is the type of the condition.
174 type: string
175 type: object
176 type: array
177 etag:
178 description: The hash of the resource. Used internally during updates.
179 type: string
180 observedGeneration:
181 description: ObservedGeneration is the generation of the resource
182 that was most recently observed by the Config Connector controller.
183 If this is equal to metadata.generation, then that means that the
184 current reported status reflects the most recent desired state of
185 the resource.
186 type: integer
187 type: object
188 required:
189 - spec
190 type: object
191 served: true
192 storage: true
193 subresources:
194 status: {}
195status:
196 acceptedNames:
197 kind: ""
198 plural: ""
199 conditions: []
200 storedVersions: []
View as plain text