1---
2apiVersion: apiextensions.k8s.io/v1
3kind: CustomResourceDefinition
4metadata:
5 name: networkauthentications.policy.linkerd.io
6 annotations:
7 {{ include "partials.annotations.created-by" . }}
8 labels:
9 helm.sh/chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
10 linkerd.io/control-plane-ns: {{.Release.Namespace}}
11spec:
12 group: policy.linkerd.io
13 scope: Namespaced
14 names:
15 kind: NetworkAuthentication
16 plural: networkauthentications
17 singular: networkauthentication
18 shortNames: [netauthn, networkauthn]
19 versions:
20 - name: v1alpha1
21 served: true
22 storage: true
23 schema:
24 openAPIV3Schema:
25 type: object
26 required: [spec]
27 properties:
28 spec:
29 description: >-
30 NetworkAuthentication defines a list of authenticated client
31 networks to be referenced by an `AuthorizationPolicy`. If a
32 client connection originates from ANY of the of the provided
33 networks, the connection is considered authenticated.
34 type: object
35 required: [networks]
36 properties:
37 networks:
38 type: array
39 items:
40 type: object
41 required: [cidr]
42 properties:
43 cidr:
44 description: >-
45 The CIDR of the network to be authorized.
46 type: string
47 except:
48 description: >-
49 A list of IP networks/addresses not to be included in
50 the above `cidr`.
51 type: array
52 items:
53 type: string
View as plain text