...

Text file src/github.com/GoogleCloudPlatform/k8s-config-connector/config/servicemappings/bigtable.yaml

Documentation: github.com/GoogleCloudPlatform/k8s-config-connector/config/servicemappings 

     1# Copyright 2022 Google LLC
     2#
     3# Licensed under the Apache License, Version 2.0 (the "License");
     4# you may not use this file except in compliance with the License.
     5# You may obtain a copy of the License at
     6#
     7#      http://www.apache.org/licenses/LICENSE-2.0
     8#
     9# Unless required by applicable law or agreed to in writing, software
    10# distributed under the License is distributed on an "AS IS" BASIS,
    11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12# See the License for the specific language governing permissions and
    13# limitations under the License.
    14
    15apiVersion: core.cnrm.cloud.google.com/v1alpha1
    16kind: ServiceMapping
    17metadata:
    18  name: bigtable.cnrm.cloud.google.com
    19  namespace: cnrm-system
    20spec:
    21  name: Bigtable
    22  version: v1beta1
    23  serviceHostName: "bigtableadmin.googleapis.com"
    24  resources:
    25  - name: google_bigtable_app_profile
    26    kind: BigtableAppProfile
    27    idTemplate: "projects/{{project}}/instances/{{instance}}/appProfiles/{{app_profile_id}}"
    28    idTemplateCanBeUsedToMatchResourceName: true
    29    resourceAvailableInAssetInventory: true
    30    directives:
    31      - ignore_warnings
    32    metadataMapping:
    33      name: app_profile_id
    34    resourceID:
    35      targetField: app_profile_id
    36    containers:
    37      - type: project
    38        tfField: project
    39    resourceReferences:
    40      - tfField: instance
    41        description: |-
    42          The instance to create the app profile within.
    43        key: instanceRef
    44        gvk:
    45          kind: BigtableInstance
    46          version: v1beta1
    47          group: bigtable.cnrm.cloud.google.com
    48        parent: true
    49  - name: google_bigtable_gc_policy
    50    kind: BigtableGCPolicy
    51    skipImport: true
    52    idTemplate: "{{column_family}}"
    53    # import not implemented
    54    idTemplateCanBeUsedToMatchResourceName: false
    55    resourceAvailableInAssetInventory: false
    56    resourceReferences:
    57      - tfField: table
    58        description: |-
    59          The name of the table.
    60        key: tableRef
    61        gvk:
    62          kind: BigtableTable
    63          version: v1beta1
    64          group: bigtable.cnrm.cloud.google.com
    65      - tfField: instance_name
    66        description: |-
    67          The name of the Bigtable instance.
    68        key: instanceRef
    69        gvk:
    70          kind: BigtableInstance
    71          version: v1beta1
    72          group: bigtable.cnrm.cloud.google.com
    73    containers:
    74      - type: project
    75        tfField: project
    76  - name: google_bigtable_instance
    77    kind: BigtableInstance
    78    iamConfig:
    79      policyName: google_bigtable_instance_iam_policy
    80      policyMemberName: google_bigtable_instance_iam_member
    81      referenceField:
    82        name: instance
    83        type: name
    84      supportsConditions: true
    85    idTemplate: "projects/{{project}}/instances/{{name}}"
    86    idTemplateCanBeUsedToMatchResourceName: true
    87    resourceAvailableInAssetInventory: true
    88    reconciliationIntervalInSeconds: 3600
    89    metadataMapping:
    90      name: name
    91      labels: labels
    92    resourceID:
    93      targetField: name
    94    mutableButUnreadableFields:
    95      - instance_type
    96    containers:
    97      - type: project
    98        tfField: project
    99    resourceReferences:
   100    - tfField: cluster.kms_key_name
   101      description: |-
   102        Describes the Cloud KMS encryption key that will be used to protect the destination Bigtable
   103        cluster. The requirements for this key are: 1) The Cloud Bigtable service account associated with the project that contains
   104        this cluster must be granted the cloudkms.cryptoKeyEncrypterDecrypter role on the CMEK key.
   105        2) Only regional keys can be used and the region of the CMEK key must match the region of the cluster.
   106        3) All clusters within an instance must use the same CMEK key access to this encryption key.
   107      key: kmsKeyRef
   108      gvk:
   109        kind: KMSCryptoKey
   110        version: v1beta1
   111        group: kms.cnrm.cloud.google.com
   112      targetField: self_link
   113  - name: google_bigtable_table
   114    kind: BigtableTable
   115    idTemplate: "projects/{{project}}/instances/{{instance_name}}/tables/{{name}}"
   116    idTemplateCanBeUsedToMatchResourceName: true
   117    resourceAvailableInAssetInventory: true
   118    reconciliationIntervalInSeconds: 3600
   119    metadataMapping:
   120      name: name
   121    resourceID:
   122      targetField: name
   123    containers:
   124      - type: project
   125        tfField: project
   126    resourceReferences:
   127      - tfField: instance_name
   128        description: |-
   129          The name of the Bigtable instance.
   130        key: instanceRef
   131        gvk:
   132          kind: BigtableInstance
   133          version: v1beta1
   134          group: bigtable.cnrm.cloud.google.com
   135        parent: true
   136    iamConfig:
   137      policyName: google_bigtable_table_iam_policy
   138      policyMemberName: google_bigtable_table_iam_member
   139      referenceField:
   140        name: table
   141        type: name
   142      supportsConditions: true

View as plain text