1# Copyright 2020 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15apiVersion: apiextensions.k8s.io/v1
16kind: CustomResourceDefinition
17metadata:
18 annotations:
19 cnrm.cloud.google.com/version: 1.106.0
20 creationTimestamp: null
21 labels:
22 cnrm.cloud.google.com/managed-by-kcc: "true"
23 cnrm.cloud.google.com/stability-level: alpha
24 cnrm.cloud.google.com/system: "true"
25 cnrm.cloud.google.com/tf2crd: "true"
26 name: bigquerydatasetaccesses.bigquery.cnrm.cloud.google.com
27spec:
28 group: bigquery.cnrm.cloud.google.com
29 names:
30 categories:
31 - gcp
32 kind: BigQueryDatasetAccess
33 plural: bigquerydatasetaccesses
34 shortNames:
35 - gcpbigquerydatasetaccess
36 - gcpbigquerydatasetaccesses
37 singular: bigquerydatasetaccess
38 scope: Namespaced
39 versions:
40 - additionalPrinterColumns:
41 - jsonPath: .metadata.creationTimestamp
42 name: Age
43 type: date
44 - description: When 'True', the most recent reconcile of the resource succeeded
45 jsonPath: .status.conditions[?(@.type=='Ready')].status
46 name: Ready
47 type: string
48 - description: The reason for the value in 'Ready'
49 jsonPath: .status.conditions[?(@.type=='Ready')].reason
50 name: Status
51 type: string
52 - description: The last transition time for the value in 'Status'
53 jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime
54 name: Status Age
55 type: date
56 name: v1alpha1
57 schema:
58 openAPIV3Schema:
59 properties:
60 apiVersion:
61 description: 'apiVersion defines the versioned schema of this representation
62 of an object. Servers should convert recognized schemas to the latest
63 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
64 type: string
65 kind:
66 description: 'kind is a string value representing the REST resource this
67 object represents. Servers may infer this from the endpoint the client
68 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
69 type: string
70 metadata:
71 type: object
72 spec:
73 properties:
74 dataset:
75 description: Immutable. Grants all resources of particular types in
76 a particular dataset read access to the current dataset.
77 properties:
78 dataset:
79 description: Immutable. The dataset this entry applies to.
80 properties:
81 datasetId:
82 description: Immutable. The ID of the dataset containing this
83 table.
84 type: string
85 projectId:
86 description: Immutable. The ID of the project containing this
87 table.
88 type: string
89 required:
90 - datasetId
91 - projectId
92 type: object
93 targetTypes:
94 description: |-
95 Immutable. Which resources in the dataset this entry applies to. Currently, only views are supported,
96 but additional target types may be added in the future. Possible values: VIEWS.
97 items:
98 type: string
99 type: array
100 required:
101 - dataset
102 - targetTypes
103 type: object
104 datasetId:
105 description: |-
106 Immutable. A unique ID for this dataset, without the project name. The ID
107 must contain only letters (a-z, A-Z), numbers (0-9), or
108 underscores (_). The maximum length is 1,024 characters.
109 type: string
110 domain:
111 description: |-
112 Immutable. A domain to grant access to. Any users signed in with the
113 domain specified will be granted the specified access.
114 type: string
115 groupByEmail:
116 description: Immutable. An email address of a Google Group to grant
117 access to.
118 type: string
119 iamMember:
120 description: |-
121 Immutable. Some other type of member that appears in the IAM Policy but isn't a user,
122 group, domain, or special group. For example: 'allUsers'.
123 type: string
124 projectRef:
125 description: The project that this resource belongs to.
126 oneOf:
127 - not:
128 required:
129 - external
130 required:
131 - name
132 - not:
133 anyOf:
134 - required:
135 - name
136 - required:
137 - namespace
138 required:
139 - external
140 properties:
141 external:
142 description: 'Allowed value: The `name` field of a `Project` resource.'
143 type: string
144 name:
145 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
146 type: string
147 namespace:
148 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
149 type: string
150 type: object
151 resourceID:
152 description: Immutable. Optional. The routine of the resource. Used
153 for creation and acquisition. When unset, the value of `metadata.name`
154 is used as the default.
155 type: string
156 role:
157 description: |-
158 Immutable. Describes the rights granted to the user specified by the other
159 member of the access object. Basic, predefined, and custom roles are
160 supported. Predefined roles that have equivalent basic roles are
161 swapped by the API to their basic counterparts, and will show a diff
162 post-create. See
163 [official docs](https://cloud.google.com/bigquery/docs/access-control).
164 type: string
165 specialGroup:
166 description: |-
167 Immutable. A special group to grant access to. Possible values include:
168
169
170 * 'projectOwners': Owners of the enclosing project.
171
172
173 * 'projectReaders': Readers of the enclosing project.
174
175
176 * 'projectWriters': Writers of the enclosing project.
177
178
179 * 'allAuthenticatedUsers': All authenticated BigQuery users.
180 type: string
181 userByEmail:
182 description: |-
183 Immutable. An email address of a user to grant access to. For example:
184 fred@example.com.
185 type: string
186 view:
187 description: |-
188 Immutable. A view from a different dataset to grant access to. Queries
189 executed against that view will have read access to tables in
190 this dataset. The role field is not required when this field is
191 set. If that view is updated by any user, access to the view
192 needs to be granted again via an update operation.
193 properties:
194 datasetId:
195 description: Immutable. The ID of the dataset containing this
196 table.
197 type: string
198 projectId:
199 description: Immutable. The ID of the project containing this
200 table.
201 type: string
202 tableId:
203 description: |-
204 Immutable. The ID of the table. The ID must contain only letters (a-z,
205 A-Z), numbers (0-9), or underscores (_). The maximum length
206 is 1,024 characters.
207 type: string
208 required:
209 - datasetId
210 - projectId
211 - tableId
212 type: object
213 required:
214 - datasetId
215 - projectRef
216 type: object
217 status:
218 properties:
219 apiUpdatedMember:
220 description: If true, represents that that the iam_member in the config
221 was translated to a different member type by the API, and is stored
222 in state as a different member type.
223 type: boolean
224 conditions:
225 description: Conditions represent the latest available observation
226 of the resource's current state.
227 items:
228 properties:
229 lastTransitionTime:
230 description: Last time the condition transitioned from one status
231 to another.
232 type: string
233 message:
234 description: Human-readable message indicating details about
235 last transition.
236 type: string
237 reason:
238 description: Unique, one-word, CamelCase reason for the condition's
239 last transition.
240 type: string
241 status:
242 description: Status is the status of the condition. Can be True,
243 False, Unknown.
244 type: string
245 type:
246 description: Type is the type of the condition.
247 type: string
248 type: object
249 type: array
250 observedGeneration:
251 description: ObservedGeneration is the generation of the resource
252 that was most recently observed by the Config Connector controller.
253 If this is equal to metadata.generation, then that means that the
254 current reported status reflects the most recent desired state of
255 the resource.
256 type: integer
257 type: object
258 required:
259 - spec
260 type: object
261 served: true
262 storage: true
263 subresources:
264 status: {}
265status:
266 acceptedNames:
267 kind: ""
268 plural: ""
269 conditions: []
270 storedVersions: []
View as plain text