1# Copyright 2020 Google LLC
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15apiVersion: apiextensions.k8s.io/v1
16kind: CustomResourceDefinition
17metadata:
18 annotations:
19 cnrm.cloud.google.com/version: 1.106.0
20 creationTimestamp: null
21 labels:
22 cnrm.cloud.google.com/dcl2crd: "true"
23 cnrm.cloud.google.com/managed-by-kcc: "true"
24 cnrm.cloud.google.com/stability-level: stable
25 cnrm.cloud.google.com/system: "true"
26 name: networksecurityclienttlspolicies.networksecurity.cnrm.cloud.google.com
27spec:
28 group: networksecurity.cnrm.cloud.google.com
29 names:
30 categories:
31 - gcp
32 kind: NetworkSecurityClientTLSPolicy
33 plural: networksecurityclienttlspolicies
34 shortNames:
35 - gcpnetworksecurityclienttlspolicy
36 - gcpnetworksecurityclienttlspolicies
37 singular: networksecurityclienttlspolicy
38 scope: Namespaced
39 versions:
40 - additionalPrinterColumns:
41 - jsonPath: .metadata.creationTimestamp
42 name: Age
43 type: date
44 - description: When 'True', the most recent reconcile of the resource succeeded
45 jsonPath: .status.conditions[?(@.type=='Ready')].status
46 name: Ready
47 type: string
48 - description: The reason for the value in 'Ready'
49 jsonPath: .status.conditions[?(@.type=='Ready')].reason
50 name: Status
51 type: string
52 - description: The last transition time for the value in 'Status'
53 jsonPath: .status.conditions[?(@.type=='Ready')].lastTransitionTime
54 name: Status Age
55 type: date
56 name: v1beta1
57 schema:
58 openAPIV3Schema:
59 properties:
60 apiVersion:
61 description: 'apiVersion defines the versioned schema of this representation
62 of an object. Servers should convert recognized schemas to the latest
63 internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources'
64 type: string
65 kind:
66 description: 'kind is a string value representing the REST resource this
67 object represents. Servers may infer this from the endpoint the client
68 submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds'
69 type: string
70 metadata:
71 type: object
72 spec:
73 properties:
74 clientCertificate:
75 description: Optional. Defines a mechanism to provision client identity
76 (public and private keys) for peer to peer authentication. The presence
77 of this dictates mTLS.
78 properties:
79 certificateProviderInstance:
80 description: The certificate provider instance specification that
81 will be passed to the data plane, which will be used to load
82 necessary credential information.
83 properties:
84 pluginInstance:
85 description: Required. Plugin instance name, used to locate
86 and load CertificateProvider instance configuration. Set
87 to "google_cloud_private_spiffe" to use Certificate Authority
88 Service certificate provider instance.
89 type: string
90 required:
91 - pluginInstance
92 type: object
93 grpcEndpoint:
94 description: gRPC specific configuration to access the gRPC server
95 to obtain the cert and private key.
96 properties:
97 targetUri:
98 description: Required. The target URI of the gRPC endpoint.
99 Only UDS path is supported, and should start with “unix:”.
100 type: string
101 required:
102 - targetUri
103 type: object
104 type: object
105 description:
106 description: Optional. Free-text description of the resource.
107 type: string
108 location:
109 description: Immutable. The location for the resource
110 type: string
111 projectRef:
112 description: Immutable. The Project that this resource belongs to.
113 oneOf:
114 - not:
115 required:
116 - external
117 required:
118 - name
119 - not:
120 anyOf:
121 - required:
122 - name
123 - required:
124 - namespace
125 required:
126 - external
127 properties:
128 external:
129 description: |-
130 The project for the resource
131
132 Allowed value: The Google Cloud resource name of a `Project` resource (format: `projects/{{name}}`).
133 type: string
134 name:
135 description: 'Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names'
136 type: string
137 namespace:
138 description: 'Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/'
139 type: string
140 type: object
141 resourceID:
142 description: Immutable. Optional. The name of the resource. Used for
143 creation and acquisition. When unset, the value of `metadata.name`
144 is used as the default.
145 type: string
146 serverValidationCa:
147 description: Required. Defines the mechanism to obtain the Certificate
148 Authority certificate to validate the server certificate.
149 items:
150 properties:
151 certificateProviderInstance:
152 description: The certificate provider instance specification
153 that will be passed to the data plane, which will be used
154 to load necessary credential information.
155 properties:
156 pluginInstance:
157 description: Required. Plugin instance name, used to locate
158 and load CertificateProvider instance configuration. Set
159 to "google_cloud_private_spiffe" to use Certificate Authority
160 Service certificate provider instance.
161 type: string
162 required:
163 - pluginInstance
164 type: object
165 grpcEndpoint:
166 description: gRPC specific configuration to access the gRPC
167 server to obtain the CA certificate.
168 properties:
169 targetUri:
170 description: Required. The target URI of the gRPC endpoint.
171 Only UDS path is supported, and should start with “unix:”.
172 type: string
173 required:
174 - targetUri
175 type: object
176 type: object
177 type: array
178 sni:
179 description: 'Optional. Server Name Indication string to present to
180 the server during TLS handshake. E.g: "secure.example.com".'
181 type: string
182 required:
183 - location
184 type: object
185 status:
186 properties:
187 conditions:
188 description: Conditions represent the latest available observation
189 of the resource's current state.
190 items:
191 properties:
192 lastTransitionTime:
193 description: Last time the condition transitioned from one status
194 to another.
195 type: string
196 message:
197 description: Human-readable message indicating details about
198 last transition.
199 type: string
200 reason:
201 description: Unique, one-word, CamelCase reason for the condition's
202 last transition.
203 type: string
204 status:
205 description: Status is the status of the condition. Can be True,
206 False, Unknown.
207 type: string
208 type:
209 description: Type is the type of the condition.
210 type: string
211 type: object
212 type: array
213 createTime:
214 description: Output only. The timestamp when the resource was created.
215 format: date-time
216 type: string
217 observedGeneration:
218 description: ObservedGeneration is the generation of the resource
219 that was most recently observed by the Config Connector controller.
220 If this is equal to metadata.generation, then that means that the
221 current reported status reflects the most recent desired state of
222 the resource.
223 type: integer
224 updateTime:
225 description: Output only. The timestamp when the resource was updated.
226 format: date-time
227 type: string
228 type: object
229 required:
230 - spec
231 type: object
232 served: true
233 storage: true
234 subresources:
235 status: {}
236status:
237 acceptedNames:
238 kind: ""
239 plural: ""
240 conditions: []
241 storedVersions: []
View as plain text