1# Copyright 2020 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15apiVersion: apiextensions.k8s.io/v1
16kind: CustomResourceDefinition
17metadata:
18 annotations:
19 cnrm.cloud.google.com/version: 1.106.0
20 creationTimestamp: null
21 labels:
22 cnrm.cloud.google.com/managed-by-kcc: "true"
23 cnrm.cloud.google.com/stability-level: alpha
24 cnrm.cloud.google.com/system: "true"
25 cnrm.cloud.google.com/tf2crd: "true"
26 name: identityplatformtenantinboundsamlconfigs.identityplatform.cnrm.cloud.google.com
27spec:
28 group: identityplatform.cnrm.cloud.google.com
29 names:
30 categories:
31 - gcp
32 kind: IdentityPlatformTenantInboundSAMLConfig
33 plural: identityplatformtenantinboundsamlconfigs
34 shortNames:
35 - gcpidentityplatformtenantinboundsamlconfig
36 - gcpidentityplatformtenantinboundsamlconfigs
37 singular: identityplatformtenantinboundsamlconfig
38 scope: Namespaced
39 versions:
40 - additionalPrinterColumns:
41 - jsonPath: .metadata.creationTimestamp
42 name: Age
43 type: date
44 - description: When 'True', the most recent reconcile of the resource succeeded
45 jsonPath: .status.conditions[?(@.type=='Ready')].status
46 name: Ready
47 type: string
48 - description: The reason for the value in 'Ready'
49 jsonPath: .status.conditions[?(@.type=='Ready')].reason
50 name: Status
51 type: string
52 - description: The last transition time for the value in 'Status'
53 jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime
54 name: Status Age
55 type: date
56 name: v1alpha1
57 schema:
58 openAPIV3Schema:
59 properties:
60 apiVersion:
61 description: 'apiVersion defines the versioned schema of this representation
62 of an object. Servers should convert recognized schemas to the latest
63 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
64 type: string
65 kind:
66 description: 'kind is a string value representing the REST resource this
67 object represents. Servers may infer this from the endpoint the client
68 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
69 type: string
70 metadata:
71 type: object
72 spec:
73 properties:
74 displayName:
75 description: Human friendly display name.
76 type: string
77 enabled:
78 description: If this config allows users to sign in with the provider.
79 type: boolean
80 idpConfig:
81 description: SAML IdP configuration when the project acts as the relying
82 party.
83 properties:
84 idpCertificates:
85 description: The IDP's certificate data to verify the signature
86 in the SAMLResponse issued by the IDP.
87 items:
88 properties:
89 x509Certificate:
90 description: The x509 certificate.
91 type: string
92 type: object
93 type: array
94 idpEntityId:
95 description: Unique identifier for all SAML entities.
96 type: string
97 signRequest:
98 description: Indicates if outbounding SAMLRequest should be signed.
99 type: boolean
100 ssoUrl:
101 description: URL to send Authentication request to.
102 type: string
103 required:
104 - idpCertificates
105 - idpEntityId
106 - ssoUrl
107 type: object
108 projectRef:
109 description: The project that this resource belongs to.
110 oneOf:
111 - not:
112 required:
113 - external
114 required:
115 - name
116 - not:
117 anyOf:
118 - required:
119 - name
120 - required:
121 - namespace
122 required:
123 - external
124 properties:
125 external:
126 description: 'Allowed value: The `name` field of a `Project` resource.'
127 type: string
128 name:
129 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
130 type: string
131 namespace:
132 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
133 type: string
134 type: object
135 resourceID:
136 description: Immutable. Optional. The name of the resource. Used for
137 creation and acquisition. When unset, the value of `metadata.name`
138 is used as the default.
139 type: string
140 spConfig:
141 description: |-
142 SAML SP (Service Provider) configuration when the project acts as the relying party to receive
143 and accept an authentication assertion issued by a SAML identity provider.
144 properties:
145 callbackUri:
146 description: Callback URI where responses from IDP are handled.
147 Must start with 'https://'.
148 type: string
149 spCertificates:
150 description: The IDP's certificate data to verify the signature
151 in the SAMLResponse issued by the IDP.
152 items:
153 properties:
154 x509Certificate:
155 description: The x509 certificate.
156 type: string
157 type: object
158 type: array
159 spEntityId:
160 description: Unique identifier for all SAML entities.
161 type: string
162 required:
163 - callbackUri
164 - spEntityId
165 type: object
166 tenant:
167 description: Immutable. The name of the tenant where this inbound
168 SAML config resource exists.
169 type: string
170 required:
171 - displayName
172 - idpConfig
173 - projectRef
174 - spConfig
175 - tenant
176 type: object
177 status:
178 properties:
179 conditions:
180 description: Conditions represent the latest available observation
181 of the resource's current state.
182 items:
183 properties:
184 lastTransitionTime:
185 description: Last time the condition transitioned from one status
186 to another.
187 type: string
188 message:
189 description: Human-readable message indicating details about
190 last transition.
191 type: string
192 reason:
193 description: Unique, one-word, CamelCase reason for the condition's
194 last transition.
195 type: string
196 status:
197 description: Status is the status of the condition. Can be True,
198 False, Unknown.
199 type: string
200 type:
201 description: Type is the type of the condition.
202 type: string
203 type: object
204 type: array
205 observedGeneration:
206 description: ObservedGeneration is the generation of the resource
207 that was most recently observed by the Config Connector controller.
208 If this is equal to metadata.generation, then that means that the
209 current reported status reflects the most recent desired state of
210 the resource.
211 type: integer
212 type: object
213 required:
214 - spec
215 type: object
216 served: true
217 storage: true
218 subresources:
219 status: {}
220status:
221 acceptedNames:
222 kind: ""
223 plural: ""
224 conditions: []
225 storedVersions: []
View as plain text