322 lines
15 KiB
YAML
322 lines
15 KiB
YAML
---
|
|
# Source: rook-ceph/charts/rook-ceph/templates/resources.yaml
|
|
apiVersion: apiextensions.k8s.io/v1
|
|
kind: CustomResourceDefinition
|
|
metadata:
|
|
annotations:
|
|
controller-gen.kubebuilder.io/version: v0.19.0
|
|
helm.sh/resource-policy: keep
|
|
name: cephobjectstoreusers.ceph.rook.io
|
|
spec:
|
|
group: ceph.rook.io
|
|
names:
|
|
kind: CephObjectStoreUser
|
|
listKind: CephObjectStoreUserList
|
|
plural: cephobjectstoreusers
|
|
shortNames:
|
|
- rcou
|
|
- objectuser
|
|
- cephosu
|
|
singular: cephobjectstoreuser
|
|
scope: Namespaced
|
|
versions:
|
|
- additionalPrinterColumns:
|
|
- jsonPath: .status.phase
|
|
name: Phase
|
|
type: string
|
|
- jsonPath: .metadata.creationTimestamp
|
|
name: Age
|
|
type: date
|
|
name: v1
|
|
schema:
|
|
openAPIV3Schema:
|
|
description: CephObjectStoreUser represents a Ceph Object Store Gateway User
|
|
properties:
|
|
apiVersion:
|
|
description: |-
|
|
APIVersion defines the versioned schema of this representation of an object.
|
|
Servers should convert recognized schemas to the latest internal value, and
|
|
may reject unrecognized values.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
|
|
type: string
|
|
kind:
|
|
description: |-
|
|
Kind is a string value representing the REST resource this object represents.
|
|
Servers may infer this from the endpoint the client submits requests to.
|
|
Cannot be updated.
|
|
In CamelCase.
|
|
More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
|
|
type: string
|
|
metadata:
|
|
type: object
|
|
spec:
|
|
description: ObjectStoreUserSpec represent the spec of an Objectstoreuser
|
|
properties:
|
|
capabilities:
|
|
description: Additional admin-level capabilities for the Ceph object store user
|
|
nullable: true
|
|
properties:
|
|
amz-cache:
|
|
description: Add capabilities for user to send request to RGW Cache API header. Documented in https://docs.ceph.com/en/latest/radosgw/rgw-cache/#cache-api
|
|
enum:
|
|
- '*'
|
|
- read
|
|
- write
|
|
- read, write
|
|
type: string
|
|
bilog:
|
|
description: Add capabilities for user to change bucket index logging. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
|
|
enum:
|
|
- '*'
|
|
- read
|
|
- write
|
|
- read, write
|
|
type: string
|
|
bucket:
|
|
description: Admin capabilities to read/write Ceph object store buckets. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
|
|
enum:
|
|
- '*'
|
|
- read
|
|
- write
|
|
- read, write
|
|
type: string
|
|
buckets:
|
|
description: Admin capabilities to read/write Ceph object store buckets. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
|
|
enum:
|
|
- '*'
|
|
- read
|
|
- write
|
|
- read, write
|
|
type: string
|
|
datalog:
|
|
description: Add capabilities for user to change data logging. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
|
|
enum:
|
|
- '*'
|
|
- read
|
|
- write
|
|
- read, write
|
|
type: string
|
|
info:
|
|
description: Admin capabilities to read/write information about the user. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
|
|
enum:
|
|
- '*'
|
|
- read
|
|
- write
|
|
- read, write
|
|
type: string
|
|
mdlog:
|
|
description: Add capabilities for user to change metadata logging. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
|
|
enum:
|
|
- '*'
|
|
- read
|
|
- write
|
|
- read, write
|
|
type: string
|
|
metadata:
|
|
description: Admin capabilities to read/write Ceph object store metadata. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
|
|
enum:
|
|
- '*'
|
|
- read
|
|
- write
|
|
- read, write
|
|
type: string
|
|
oidc-provider:
|
|
description: Add capabilities for user to change oidc provider. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
|
|
enum:
|
|
- '*'
|
|
- read
|
|
- write
|
|
- read, write
|
|
type: string
|
|
ratelimit:
|
|
description: Add capabilities for user to set rate limiter for user and bucket. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
|
|
enum:
|
|
- '*'
|
|
- read
|
|
- write
|
|
- read, write
|
|
type: string
|
|
roles:
|
|
description: Admin capabilities to read/write roles for user. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
|
|
enum:
|
|
- '*'
|
|
- read
|
|
- write
|
|
- read, write
|
|
type: string
|
|
usage:
|
|
description: Admin capabilities to read/write Ceph object store usage. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
|
|
enum:
|
|
- '*'
|
|
- read
|
|
- write
|
|
- read, write
|
|
type: string
|
|
user:
|
|
description: Admin capabilities to read/write Ceph object store users. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
|
|
enum:
|
|
- '*'
|
|
- read
|
|
- write
|
|
- read, write
|
|
type: string
|
|
user-policy:
|
|
description: Add capabilities for user to change user policies. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
|
|
enum:
|
|
- '*'
|
|
- read
|
|
- write
|
|
- read, write
|
|
type: string
|
|
users:
|
|
description: Admin capabilities to read/write Ceph object store users. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
|
|
enum:
|
|
- '*'
|
|
- read
|
|
- write
|
|
- read, write
|
|
type: string
|
|
zone:
|
|
description: Admin capabilities to read/write Ceph object store zones. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities
|
|
enum:
|
|
- '*'
|
|
- read
|
|
- write
|
|
- read, write
|
|
type: string
|
|
type: object
|
|
clusterNamespace:
|
|
description: The namespace where the parent CephCluster and CephObjectStore are found
|
|
type: string
|
|
displayName:
|
|
description: The display name for the ceph user.
|
|
type: string
|
|
keys:
|
|
description: |-
|
|
Allows specifying credentials for the user. If not provided, the operator
|
|
will generate them.
|
|
items:
|
|
description: |-
|
|
ObjectUserKey defines a set of rgw user access credentials to be retrieved
|
|
from secret resources.
|
|
properties:
|
|
accessKeyRef:
|
|
description: Secret key selector for the access_key (commonly referred to as AWS_ACCESS_KEY_ID).
|
|
properties:
|
|
key:
|
|
description: The key of the secret to select from. Must be a valid secret key.
|
|
type: string
|
|
name:
|
|
default: ""
|
|
description: |-
|
|
Name of the referent.
|
|
This field is effectively required, but due to backwards compatibility is
|
|
allowed to be empty. Instances of this type with an empty value here are
|
|
almost certainly wrong.
|
|
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
|
type: string
|
|
optional:
|
|
description: Specify whether the Secret or its key must be defined
|
|
type: boolean
|
|
required:
|
|
- key
|
|
type: object
|
|
x-kubernetes-map-type: atomic
|
|
secretKeyRef:
|
|
description: Secret key selector for the secret_key (commonly referred to as AWS_SECRET_ACCESS_KEY).
|
|
properties:
|
|
key:
|
|
description: The key of the secret to select from. Must be a valid secret key.
|
|
type: string
|
|
name:
|
|
default: ""
|
|
description: |-
|
|
Name of the referent.
|
|
This field is effectively required, but due to backwards compatibility is
|
|
allowed to be empty. Instances of this type with an empty value here are
|
|
almost certainly wrong.
|
|
More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names
|
|
type: string
|
|
optional:
|
|
description: Specify whether the Secret or its key must be defined
|
|
type: boolean
|
|
required:
|
|
- key
|
|
type: object
|
|
x-kubernetes-map-type: atomic
|
|
type: object
|
|
type: array
|
|
quotas:
|
|
description: ObjectUserQuotaSpec can be used to set quotas for the object store user to limit their usage. See the [Ceph docs](https://docs.ceph.com/en/latest/radosgw/admin/?#quota-management) for more
|
|
nullable: true
|
|
properties:
|
|
maxBuckets:
|
|
description: Maximum bucket limit for the ceph user
|
|
nullable: true
|
|
type: integer
|
|
maxObjects:
|
|
description: Maximum number of objects across all the user's buckets
|
|
format: int64
|
|
nullable: true
|
|
type: integer
|
|
maxSize:
|
|
anyOf:
|
|
- type: integer
|
|
- type: string
|
|
description: |-
|
|
Maximum size limit of all objects across all the user's buckets
|
|
See https://pkg.go.dev/k8s.io/apimachinery/pkg/api/resource#Quantity for more info.
|
|
nullable: true
|
|
pattern: ^(\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))(([KMGTPE]i)|[numkMGTPE]|([eE](\+|-)?(([0-9]+(\.[0-9]*)?)|(\.[0-9]+))))?$
|
|
x-kubernetes-int-or-string: true
|
|
type: object
|
|
store:
|
|
description: The store the user will be created in
|
|
type: string
|
|
type: object
|
|
status:
|
|
description: ObjectStoreUserStatus represents the status Ceph Object Store Gateway User
|
|
properties:
|
|
info:
|
|
additionalProperties:
|
|
type: string
|
|
nullable: true
|
|
type: object
|
|
keys:
|
|
items:
|
|
properties:
|
|
name:
|
|
description: name is unique within a namespace to reference a secret resource.
|
|
type: string
|
|
namespace:
|
|
description: namespace defines the space within which the secret name must be unique.
|
|
type: string
|
|
resourceVersion:
|
|
type: string
|
|
uid:
|
|
description: |-
|
|
UID is a type that holds unique ID values, including UUIDs. Because we
|
|
don't ONLY use UUIDs, this is an alias to string. Being a type captures
|
|
intent and helps make sure that UIDs and names do not get conflated.
|
|
type: string
|
|
type: object
|
|
x-kubernetes-map-type: atomic
|
|
nullable: true
|
|
type: array
|
|
observedGeneration:
|
|
description: ObservedGeneration is the latest generation observed by the controller.
|
|
format: int64
|
|
type: integer
|
|
phase:
|
|
type: string
|
|
type: object
|
|
x-kubernetes-preserve-unknown-fields: true
|
|
required:
|
|
- metadata
|
|
- spec
|
|
type: object
|
|
served: true
|
|
storage: true
|
|
subresources:
|
|
status: {}
|