-
Notifications
You must be signed in to change notification settings - Fork 1.7k
/
resources.teleport.dev_openssheiceserversv2.yaml
262 lines (262 loc) · 12 KB
/
resources.teleport.dev_openssheiceserversv2.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: teleportopenssheiceserversv2.resources.teleport.dev
spec:
group: resources.teleport.dev
names:
kind: TeleportOpenSSHEICEServerV2
listKind: TeleportOpenSSHEICEServerV2List
plural: teleportopenssheiceserversv2
shortNames:
- openssheiceserverv2
- openssheiceserversv2
singular: teleportopenssheiceserverv2
scope: Namespaced
versions:
- additionalPrinterColumns:
- description: Server hostname
jsonPath: .spec.hostname
name: Hostname
type: string
- description: Server address, with SSH port.
jsonPath: .spec.addr
name: Address
type: string
- description: The age of this resource
jsonPath: .metadata.creationTimestamp
name: Age
type: date
name: v1
schema:
openAPIV3Schema:
description: OpenSSHEICEServerV2 is the Schema for the openssheiceserversv2
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: OpenSSHEICEServer resource definition v2 from Teleport
properties:
addr:
description: Addr is a host:port address where this server can be
reached.
type: string
cloud_metadata:
description: CloudMetadata contains info about the cloud instance
the server is running on, if any.
nullable: true
properties:
aws:
description: AWSInfo contains attributes to match to an EC2 instance.
nullable: true
properties:
account_id:
description: AccountID is an AWS account ID.
type: string
instance_id:
description: InstanceID is an EC2 instance ID.
type: string
integration:
description: Integration is the integration name that added
this Node. When connecting to it, it will use this integration
to issue AWS API calls in order to set up the connection.
This includes sending an SSH Key and then opening a tunnel
(EC2 Instance Connect Endpoint) so Teleport can connect
to it.
type: string
region:
description: Region is the AWS EC2 Instance Region.
type: string
subnet_id:
description: SubnetID is the Subnet ID in use by the instance.
type: string
vpc_id:
description: VPCID is the AWS VPC ID where the Instance is
running.
type: string
type: object
type: object
hostname:
description: Hostname is server hostname
type: string
peer_addr:
description: PeerAddr is the address a proxy server is reachable at
by its peer proxies.
type: string
proxy_ids:
description: ProxyIDs is a list of proxy IDs this server is expected
to be connected to.
items:
type: string
nullable: true
type: array
public_addrs:
description: PublicAddrs is a list of public addresses where this
server can be reached.
items:
type: string
nullable: true
type: array
rotation:
description: Rotation specifies server rotation
properties:
current_id:
description: CurrentID is the ID of the rotation operation to
differentiate between rotation attempts.
type: string
grace_period:
description: GracePeriod is a period during which old and new
CA are valid for checking purposes, but only new CA is issuing
certificates.
format: duration
type: string
last_rotated:
description: LastRotated specifies the last time of the completed
rotation.
format: date-time
type: string
mode:
description: Mode sets manual or automatic rotation mode.
type: string
phase:
description: Phase is the current rotation phase.
type: string
schedule:
description: Schedule is a rotation schedule - used in automatic
mode to switch between phases.
properties:
standby:
description: Standby specifies time to switch to the "Standby"
phase.
format: date-time
type: string
update_clients:
description: UpdateClients specifies time to switch to the
"Update clients" phase
format: date-time
type: string
update_servers:
description: UpdateServers specifies time to switch to the
"Update servers" phase.
format: date-time
type: string
type: object
started:
description: Started is set to the time when rotation has been
started in case if the state of the rotation is "in_progress".
format: date-time
type: string
state:
description: State could be one of "init" or "in_progress".
type: string
type: object
use_tunnel:
description: UseTunnel indicates that connections to this server should
occur over a reverse tunnel.
type: boolean
version:
description: TeleportVersion is the teleport version that the server
is running on
type: string
type: object
status:
description: Status defines the observed state of the Teleport resource
properties:
conditions:
description: Conditions represent the latest available observations
of an object's state
items:
description: "Condition contains details for one aspect of the current
state of this API Resource.\n---\nThis struct is intended for
direct use as an array at the field path .status.conditions. For
example,\n\n\n\ttype FooStatus struct{\n\t // Represents the
observations of a foo's current state.\n\t // Known .status.conditions.type
are: \"Available\", \"Progressing\", and \"Degraded\"\n\t //
+patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t
\ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\"
patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t
\ // other fields\n\t}"
properties:
lastTransitionTime:
description: |-
lastTransitionTime is the last time the condition transitioned from one status to another.
This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable.
format: date-time
type: string
message:
description: |-
message is a human readable message indicating details about the transition.
This may be an empty string.
maxLength: 32768
type: string
observedGeneration:
description: |-
observedGeneration represents the .metadata.generation that the condition was set based upon.
For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
with respect to the current state of the instance.
format: int64
minimum: 0
type: integer
reason:
description: |-
reason contains a programmatic identifier indicating the reason for the condition's last transition.
Producers of specific condition types may define expected values and meanings for this field,
and whether the values are considered a guaranteed API.
The value should be a CamelCase string.
This field may not be empty.
maxLength: 1024
minLength: 1
pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$
type: string
status:
description: status of the condition, one of True, False, Unknown.
enum:
- "True"
- "False"
- Unknown
type: string
type:
description: |-
type of condition in CamelCase or in foo.example.com/CamelCase.
---
Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be
useful (see .node.status.conditions), the ability to deconflict is important.
The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt)
maxLength: 316
pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$
type: string
required:
- lastTransitionTime
- message
- reason
- status
- type
type: object
type: array
teleportResourceID:
format: int64
type: integer
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: null
storedVersions: null