# Copyright 2021 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # https://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.2.2 name: identityproviders.security.cloud.google.com spec: conversion: strategy: None group: security.cloud.google.com names: kind: IdentityProvider listKind: IdentityProviderList plural: identityproviders singular: identityprovider preserveUnknownFields: true scope: Cluster versions: - name: v1alpha1 schema: openAPIV3Schema: description: IdentityProvider is the Schema for the identityproviders API. properties: apiVersion: description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: description: IdentityProviderSpec defines the desired state of IdentityProvider. properties: authentication: description: Authentication specifies how to authenticate credential. properties: oidc: description: OIDCAuthSpec defines method to authenticate OIDC credential. properties: issuerUri: description: IssuerURI defines URI of issuer for the OIDC credential. type: string type: object type: description: AuthenticationType describes authentication type. enum: - OIDC type: string type: object serviceAccount: description: ServiceAccount specifies how to extract identity from authenticated attributes. Currently only request.auth.claims is supported. type: string required: - authentication type: object status: description: IdentityProviderStatus defines the observed state of IdentityProvider. properties: lastObservedTime: description: LastObservedTime is the last time this status is observed. format: date-time nullable: true type: string type: object type: object served: true storage: true subresources: status: { } status: acceptedNames: kind: IdentityProvider listKind: IdentityProviderList plural: identityproviders singular: identityprovider conditions: [ ] storedVersions: [ ]