forked from openfaas/faas-netes
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathiam.openfaas.com_roles.yaml
69 lines (69 loc) · 2.83 KB
/
iam.openfaas.com_roles.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
annotations:
controller-gen.kubebuilder.io/version: v0.11.4
name: roles.iam.openfaas.com
spec:
group: iam.openfaas.com
names:
kind: Role
listKind: RoleList
plural: roles
singular: role
scope: Namespaced
versions:
- additionalPrinterColumns:
- jsonPath: .spec.principal
name: Principal
type: string
- jsonPath: .spec.condition
name: Condition
type: string
- jsonPath: .spec.policy
name: Policy
type: string
name: v1
schema:
openAPIV3Schema:
description: Role is used to define a role for a function
type: object
required:
- spec
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: RoleSpec maps a number of principals or attributes within a JWT to a set of policies.
type: object
properties:
condition:
description: 'Condition is a set of conditions that can be used instead of a principal to match against claims within a JWT { "StringLike": { "jwt:https://my-identity-provider.com#sub-id": [ "1234567890", "0987654321" ], } }'
type: object
additionalProperties:
type: object
additionalProperties:
type: array
items:
type: string
policy:
description: Policy is a list of named policies which apply to this role
type: array
items:
type: string
principal:
description: Principal is the principal that the role applies to i.e. { "jwt:sub":["repo:alexellis/minty:ref:refs/heads/master"] }
type: object
additionalProperties:
type: array
items:
type: string
served: true
storage: true
subresources: {}