Package v1alpha1 contains API Schema definitions for the irsa v1alpha1 API group
Discovery holds the configuration for IdP Discovery, which is crucial for locating the OIDC provider in a self-hosted environment.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
s3 S3Discovery |
S3 specifies the AWS S3 bucket details where the OIDC provider's discovery information is hosted. |
IRSA is the Schema for the irsas API
| Field | Description | Default | Validation |
|---|---|---|---|
apiVersion string |
irsa-manager.kkb0318.github.io/v1alpha1 |
||
kind string |
IRSA |
||
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec IRSASpec |
IRSAServiceAccount represents the details of the Kubernetes service account
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
name string |
Name represents the name of the Kubernetes service account | ||
namespaces string array |
Namespaces represents the list of namespaces where the service account is used |
IRSASetup represents a configuration for setting up IAM Roles for Service Accounts (IRSA) in a Kubernetes cluster.
| Field | Description | Default | Validation |
|---|---|---|---|
apiVersion string |
irsa-manager.kkb0318.github.io/v1alpha1 |
||
kind string |
IRSASetup |
||
metadata ObjectMeta |
Refer to Kubernetes API documentation for fields of metadata. |
||
spec IRSASetupSpec |
IRSASetupSpec defines the desired state of IRSASetup
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
cleanup boolean |
Cleanup, when enabled, allows the IRSASetup to perform garbage collection of resources that are no longer needed or managed. |
||
mode SetupMode |
Mode specifies the operation mode of the controller. Possible values: - "selfhosted": For self-managed Kubernetes clusters. - "eks": For Amazon EKS environments. Default: "selfhosted" |
Enum: [selfhosted eks] |
|
discovery Discovery |
Discovery configures the IdP Discovery process, essential for setting up IRSA by locating the OIDC provider information. Only applicable when Mode is "selfhosted". |
||
iamOIDCProvider string |
IamOIDCProvider configures IAM OIDC IamOIDCProvider Name Only applicable when Mode is "eks". |
IRSASpec defines the desired state of IRSA
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
cleanup boolean |
Cleanup, when enabled, allows the IRSA to perform garbage collection of resources that are no longer needed or managed. |
||
serviceAccount IRSAServiceAccount |
ServiceAccount represents the Kubernetes service account associated with the IRSA. | ||
iamRole IamRole |
IamRole represents the IAM role details associated with the IRSA. | ||
iamPolicies string array |
IamPolicies represents the list of IAM policies to be attached to the IAM role. You can set both the policy name (only AWS default policies) or the full ARN. |
IamRole represents the IAM role configuration
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
name string |
Name represents the name of the IAM role. |
S3Discovery contains the specifics of the S3 bucket used for hosting OIDC provider discovery information.
Appears in:
| Field | Description | Default | Validation |
|---|---|---|---|
region string |
Region denotes the AWS region where the S3 bucket is located. | ||
bucketName string |
BucketName is the name of the S3 bucket that hosts the OIDC discovery information. |
Underlying type: string
Validation:
- Enum: [selfhosted eks]
Appears in: