WorkloadIdentity

Packages:

identity-manager.io/v1alpha1

Package v1alpha1 contains resources for identity-manager

Resource Types:

    AwsRoleSpecPod

    AwsRoleSpecPod defines the AWS’s role spec pod

    Field Description
    LabelSelector
    Kubernetes meta/v1.LabelSelector

    (Members of LabelSelector are embedded into this type.)

    namespace
    string     		(Optional)

    Namespace of the Pod

    AzureIdentity

    (Appears on: WorkloadIdentityAzure)

    AzureIdentity is the definition of Azure’s Identity

    Field Description
    apiVersion
    string     		(Optional)

    APIVersion of the identity
    kind
    string     		(Optional)

    Kind of the identity
    metadata
    Metadata     		(Optional)

    Metadata of the identity
    spec
    AzureIdentitySpec     		(Optional)

    Spec of the identity

    AzureIdentityBinding

    (Appears on: WorkloadIdentityAzure)

    AzureIdentityBinding is the definition of Azure Identity Binding

    Field Description
    apiVersion
    string     		(Optional)

    APIVersion of the IdentityBinding
    kind
    string     		(Optional)

    Kind of the IdentityBinding
    metadata
    Metadata     		(Optional)

    Metadata of the IdentityBinding
    spec
    AzureIdentityBindingSpec     		(Optional)

    Spec of the IdentityBinding

    AzureIdentityBindingSpec

    (Appears on: AzureIdentityBinding)

    AzureIdentityBindingSpec defines the spec of the Identity Binding

    Field Description
    selector
    string     		(Optional)

    Selector of the IdentityBinding

    AzureIdentitySpec

    (Appears on: AzureIdentity)

    AzureIdentitySpec defines the spec of the Identity

    Field Description
    type
    int     		(Optional)

    Type of the identity

    Condition

    (Appears on: ConditionedStatus)

    A Condition that may apply to a resource.

    Field Description
    type
    ConditionType

    Type of this condition. At most one of each condition type may apply to a resource at any point in time.
    status
    Kubernetes core/v1.ConditionStatus

    Status of this condition; is it currently True, False, or Unknown?
    lastTransitionTime
    Kubernetes meta/v1.Time

    LastTransitionTime is the last time this condition transitioned from one status to another.
    reason
    ConditionReason

    A Reason for this condition’s last transition from one status to another.
    message
    string     		(Optional)

    A Message containing details about this condition’s last transition from one status to another, if any.

    ConditionReason (string alias)

    (Appears on: Condition)

    A ConditionReason represents the reason a resource is in a condition.

    Value Description

    "Available"

    "Creating"

    "Deleting"

    "ReconcileError"

    "ReconcileSuccess"

    "Unavailable"

    ConditionType (string alias)

    (Appears on: Condition)

    A ConditionType represents a condition a resource could be in.

    Value Description

    "Ready"

    TypeReady resources are believed to be ready to handle work.

    "Synced"

    TypeSynced resources are believed to be in sync with the Kubernetes resources that manage their lifecycle.

    ConditionedStatus

    (Appears on: WorkloadIdentityStatus)

    A ConditionedStatus reflects the observed status of a resource. Only one condition of each type may exist.

    Field Description
    conditions
    []Condition     		(Optional)

    Conditions of the resource.

    Credentials

    (Appears on: WorkloadIdentitySpec)

    Credentials defines the credentials of the cloud provider

    Field Description
    source
    CredentialsSource     		(Optional)

    Source of the credentials
    secretRef
    SecretRef     		(Optional)

    SecretRef to fetch the credentials
    properties
    map[string]string     		(Optional)

    Properties indicates extra properties of credentials

    CredentialsSource (string alias)

    (Appears on: Credentials)

    A CredentialsSource is a source from which provider credentials may be acquired.

    Value Description

    "Secret"

    CredentialsSourceSecret indicates that a provider should acquire credentials from a secret.

    ExternalResource

    (Appears on: WorkloadIdentityStatus)

    ExternalResource is the external resource’s definition

    Field Description
    id
    string     		(Optional)

    ID of the external resource
    type
    string     		(Optional)

    Type of the external resource

    Metadata

    (Appears on: AzureIdentity, AzureIdentityBinding)

    Metadata defines kubernetes resource’s metadata

    Field Description
    name
    string     		(Optional)

    Name of the Resource
    namespace
    string     		(Optional)

    Namespace of the Resource
    labels
    map[string]string     		(Optional)

    Labels of the Resource
    annotations
    map[string]string     		(Optional)

    Annotations of the Resource

    Provider (string alias)

    (Appears on: WorkloadIdentitySpec)

    Provider defines the cloud provider of the WorkloadIdentity

    Value Description

    "AWS"

    ProviderAWS is the AWS provider.

    "Azure"

    ProviderAzure is the Azure provider.

    Resource

    (Appears on: WorkloadIdentityStatus)

    Resource is the definition of the kubernetes resource

    Field Description
    apiVersion
    string     		(Optional)

    APIVersion of the resource
    kind
    string     		(Optional)

    Kind of the resource
    name
    string     		(Optional)

    Name of the resource
    namespace
    string     		(Optional)

    Namespace of the resource

    RoleAssignment

    (Appears on: WorkloadIdentityAzure)

    RoleAssignment defines the role assignment

    Field Description
    role
    string

    Role of the role assignment
    scope
    string     		(Optional)

    Scope of the role assignment

    RoleDefinition

    RoleDefinition is the definition for a Role

    Field Description
    id
    string

    ID of the role definition (this will be used to generate internal UUID for role)
    roleName
    string

    RoleName of the role definition
    roleType
    string

    RoleType of the role definition
    description
    string     		(Optional)

    Description of the role definition
    assignableScopes
    []string     		(Optional)

    AssignableScopes is a list of assignable scopes
    permissions
    []RolePermission

    Permissions of the role definition

    RolePermission

    (Appears on: RoleDefinition)

    RolePermission defines the permissions of a Role

    Field Description
    actions
    []string     		(Optional)

    Actions is a list of actions
    notActions
    []string     		(Optional)

    NotActions is a list of not actions
    dataActions
    []string     		(Optional)

    DataActions is a list of data actions
    notDataActions
    []string     		(Optional)

    NotDataActions is a list of not data actions

    SecretRef

    (Appears on: Credentials)

    SecretRef defines the reference to the secret

    Field Description
    namespace
    string     		(Optional)

    Namespace of the secret.
    name
    string

    Name of the secret.

    ServiceAccount

    ServiceAccount defines the service account’s metadata

    Field Description
    action
    ServiceAccountAction

    Action to be perform on ServiceAccount
    name
    string     		(Optional)

    Name of the ServiceAccount
    namespace
    string     		(Optional)

    Namespace of the ServiceAccount
    Annotations
    map[string]string     		(Optional)

    Annotations to be added on ServiceAccount

    ServiceAccountAction (string alias)

    (Appears on: ServiceAccount)

    A ServiceAccountAction indicates action to be perform on ServiceAccount

    Value Description

    "Create"

    ServiceAccountActionCreate indicates create service account

    ""

    ServiceAccountActionDefault indicates no action

    "Update"

    ServiceAccountActionUpdate indicates updating service account

    WorkloadIdentity

    WorkloadIdentity is the Schema for the workloadidentities API

    Field Description
    metadata
    Kubernetes meta/v1.ObjectMeta     		Refer to the Kubernetes API documentation for the fields of the metadata field.
    spec
    WorkloadIdentitySpec

    name
    string     		(Optional)

    Name of the WorkloadIdentity
    description
    string     		(Optional)

    Desc of the WorkloadIdentity
    credentials
    Credentials     		(Optional)

    Credentials to manage the WorkloadIdentity
    provider
    Provider

    Provider of the WorkloadIdentity
    aws
    WorkloadIdentityAWS     		(Optional)

    AWS WorkloadIdentity
    azure
    WorkloadIdentityAzure     		(Optional)

    Azure WorkloadIdentity
    writeToSecretRef
    WriteToSecretRef     		(Optional)

    WriteToSecretRef is a reference to a secret
    status
    WorkloadIdentityStatus

    WorkloadIdentityAWS

    (Appears on: WorkloadIdentitySpec)

    WorkloadIdentityAWS defines the spec for AWS Provider

    Field Description
    path
    string     		(Optional)

    Path of the Role
    maxSessionDuration
    int64     		(Optional)

    MaxSessionDuration of the Role
    assumeRolePolicy
    string

    AssumeRolePolicy of the Role
    inlinePolicies
    map[string]string     		(Optional)

    InlinePolicies of the Role
    policies
    []string     		(Optional)

    Policies of the Role
    serviceAccounts
    []*github.com/invisibl-cloud/identity-manager/api/v1alpha1.ServiceAccount     		(Optional)

    ServiceAccounts to be managed
    pods
    []*github.com/invisibl-cloud/identity-manager/api/v1alpha1.AwsRoleSpecPod     		(Optional)

    Pods to be managed

    WorkloadIdentityAzure

    (Appears on: WorkloadIdentitySpec)

    WorkloadIdentityAzure is the Provider spec for ProviderAzure

    Field Description
    roleDefinitions
    []*github.com/invisibl-cloud/identity-manager/api/v1alpha1.RoleDefinition     		(Optional)

    RoleDefinitions is a list of role definitions
    roleAssignments
    map[string]github.com/invisibl-cloud/identity-manager/api/v1alpha1.RoleAssignment     		(Optional)

    RoleAssignments of the WorkloadIdentity
    identity
    AzureIdentity     		(Optional)

    Identity of the WorkloadIdentity
    identityBinding
    AzureIdentityBinding     		(Optional)

    IdentityBinding of the WorkloadIdentity

    WorkloadIdentitySpec

    (Appears on: WorkloadIdentity)

    WorkloadIdentitySpec defines the desired state of WorkloadIdentity

    Field Description
    name
    string     		(Optional)

    Name of the WorkloadIdentity
    description
    string     		(Optional)

    Desc of the WorkloadIdentity
    credentials
    Credentials     		(Optional)

    Credentials to manage the WorkloadIdentity
    provider
    Provider

    Provider of the WorkloadIdentity
    aws
    WorkloadIdentityAWS     		(Optional)

    AWS WorkloadIdentity
    azure
    WorkloadIdentityAzure     		(Optional)

    Azure WorkloadIdentity
    writeToSecretRef
    WriteToSecretRef     		(Optional)

    WriteToSecretRef is a reference to a secret

    WorkloadIdentityStatus

    (Appears on: WorkloadIdentity)

    WorkloadIdentityStatus defines the observed state of WorkloadIdentity

    Field Description
    ConditionedStatus
    ConditionedStatus

    (Members of ConditionedStatus are embedded into this type.)

    id
    string     		(Optional)

    ID of the Identity
    name
    string     		(Optional)

    Name of the Identity
    resources
    []Resource     		(Optional)

    Resources managed by the Identity
    externalResources
    []ExternalResource     		(Optional)

    External Resources managed bu the Identity

    WriteToSecretRef

    (Appears on: WorkloadIdentitySpec)

    WriteToSecretRef is a reference to a secret

    Field Description
    name
    string

    Name of the secret
    namespace
    string     		(Optional)

    Namespace of the secret
    templateData
    map[string]string

    TemplateData is a template for the data to be written to the secret

    Generated with gen-crd-api-reference-docs.