1# Copyright 2020 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15apiVersion: apiextensions.k8s.io/v1
16kind: CustomResourceDefinition
17metadata:
18 annotations:
19 cnrm.cloud.google.com/version: 1.106.0
20 creationTimestamp: null
21 labels:
22 cnrm.cloud.google.com/managed-by-kcc: "true"
23 cnrm.cloud.google.com/stability-level: alpha
24 cnrm.cloud.google.com/system: "true"
25 cnrm.cloud.google.com/tf2crd: "true"
26 name: kmskeyringimportjobs.kms.cnrm.cloud.google.com
27spec:
28 group: kms.cnrm.cloud.google.com
29 names:
30 categories:
31 - gcp
32 kind: KMSKeyRingImportJob
33 plural: kmskeyringimportjobs
34 shortNames:
35 - gcpkmskeyringimportjob
36 - gcpkmskeyringimportjobs
37 singular: kmskeyringimportjob
38 scope: Namespaced
39 versions:
40 - additionalPrinterColumns:
41 - jsonPath: .metadata.creationTimestamp
42 name: Age
43 type: date
44 - description: When 'True', the most recent reconcile of the resource succeeded
45 jsonPath: .status.conditions[?(@.type=='Ready')].status
46 name: Ready
47 type: string
48 - description: The reason for the value in 'Ready'
49 jsonPath: .status.conditions[?(@.type=='Ready')].reason
50 name: Status
51 type: string
52 - description: The last transition time for the value in 'Status'
53 jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime
54 name: Status Age
55 type: date
56 name: v1alpha1
57 schema:
58 openAPIV3Schema:
59 properties:
60 apiVersion:
61 description: 'apiVersion defines the versioned schema of this representation
62 of an object. Servers should convert recognized schemas to the latest
63 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
64 type: string
65 kind:
66 description: 'kind is a string value representing the REST resource this
67 object represents. Servers may infer this from the endpoint the client
68 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
69 type: string
70 metadata:
71 type: object
72 spec:
73 properties:
74 importJobId:
75 description: Immutable. It must be unique within a KeyRing and match
76 the regular expression [a-zA-Z0-9_-]{1,63}.
77 type: string
78 importMethod:
79 description: 'Immutable. The wrapping method to be used for incoming
80 key material. Possible values: ["RSA_OAEP_3072_SHA1_AES_256", "RSA_OAEP_4096_SHA1_AES_256"].'
81 type: string
82 keyRing:
83 description: |-
84 Immutable. The KeyRing that this import job belongs to.
85 Format: ''projects/{{project}}/locations/{{location}}/keyRings/{{keyRing}}''.
86 type: string
87 protectionLevel:
88 description: |-
89 Immutable. The protection level of the ImportJob. This must match the protectionLevel of the
90 versionTemplate on the CryptoKey you attempt to import into. Possible values: ["SOFTWARE", "HSM", "EXTERNAL"].
91 type: string
92 resourceID:
93 description: Immutable. Optional. The service-generated name of the
94 resource. Used for acquisition only. Leave unset to create a new
95 resource.
96 type: string
97 required:
98 - importJobId
99 - importMethod
100 - keyRing
101 - protectionLevel
102 type: object
103 status:
104 properties:
105 attestation:
106 description: |-
107 Statement that was generated and signed by the key creator (for example, an HSM) at key creation time.
108 Use this statement to verify attributes of the key as stored on the HSM, independently of Google.
109 Only present if the chosen ImportMethod is one with a protection level of HSM.
110 items:
111 properties:
112 content:
113 description: |-
114 The attestation data provided by the HSM when the key operation was performed.
115 A base64-encoded string.
116 type: string
117 format:
118 description: The format of the attestation data.
119 type: string
120 type: object
121 type: array
122 conditions:
123 description: Conditions represent the latest available observation
124 of the resource's current state.
125 items:
126 properties:
127 lastTransitionTime:
128 description: Last time the condition transitioned from one status
129 to another.
130 type: string
131 message:
132 description: Human-readable message indicating details about
133 last transition.
134 type: string
135 reason:
136 description: Unique, one-word, CamelCase reason for the condition's
137 last transition.
138 type: string
139 status:
140 description: Status is the status of the condition. Can be True,
141 False, Unknown.
142 type: string
143 type:
144 description: Type is the type of the condition.
145 type: string
146 type: object
147 type: array
148 expireTime:
149 description: |-
150 The time at which this resource is scheduled for expiration and can no longer be used.
151 This is in RFC3339 text format.
152 type: string
153 name:
154 description: The resource name for this ImportJob in the format projects/*/locations/*/keyRings/*/importJobs/*.
155 type: string
156 observedGeneration:
157 description: ObservedGeneration is the generation of the resource
158 that was most recently observed by the Config Connector controller.
159 If this is equal to metadata.generation, then that means that the
160 current reported status reflects the most recent desired state of
161 the resource.
162 type: integer
163 publicKey:
164 description: The public key with which to wrap key material prior
165 to import. Only returned if state is 'ACTIVE'.
166 items:
167 properties:
168 pem:
169 description: |-
170 The public key, encoded in PEM format. For more information, see the RFC 7468 sections
171 for General Considerations and Textual Encoding of Subject Public Key Info.
172 type: string
173 type: object
174 type: array
175 state:
176 description: The current state of the ImportJob, indicating if it
177 can be used.
178 type: string
179 type: object
180 required:
181 - spec
182 type: object
183 served: true
184 storage: true
185 subresources:
186 status: {}
187status:
188 acceptedNames:
189 kind: ""
190 plural: ""
191 conditions: []
192 storedVersions: []
View as plain text