diff --git a/config/crd/bases/iam/iam.miloapis.com_platformaccessdenials.yaml b/config/crd/bases/iam/iam.miloapis.com_platformaccessdenials.yaml deleted file mode 100644 index aacce160..00000000 --- a/config/crd/bases/iam/iam.miloapis.com_platformaccessdenials.yaml +++ /dev/null @@ -1,158 +0,0 @@ ---- -apiVersion: apiextensions.k8s.io/v1 -kind: CustomResourceDefinition -metadata: - annotations: - controller-gen.kubebuilder.io/version: v0.18.0 - discovery.miloapis.com/parent-contexts: Platform - name: platformaccessdenials.iam.miloapis.com -spec: - group: iam.miloapis.com - names: - kind: PlatformAccessDenial - listKind: PlatformAccessDenialList - plural: platformaccessdenials - singular: platformaccessdenial - scope: Cluster - versions: - - name: v1alpha1 - schema: - openAPIV3Schema: - description: |- - PlatformAccessDenial is the Schema for the platformaccessapprovals API. - It represents a platform access approval for a user. Once the platform access approval is created, an email will be sent to the user. - properties: - apiVersion: - description: |- - APIVersion defines the versioned schema of this representation of an object. - Servers should convert recognized schemas to the latest internal value, and - may reject unrecognized values. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources - type: string - kind: - description: |- - Kind is a string value representing the REST resource this object represents. - Servers may infer this from the endpoint the client submits requests to. - Cannot be updated. - In CamelCase. - More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds - type: string - metadata: - type: object - spec: - description: PlatformAccessDenialSpec defines the desired state of PlatformAccessDenial. - properties: - approverRef: - description: |- - ApproverRef is the reference to the approver being approved. - If not specified, the approval was made by the system. - properties: - name: - description: Name is the name of the User being referenced. - type: string - required: - - name - type: object - subjectRef: - description: SubjectRef is the reference to the subject being approved. - properties: - email: - description: |- - Email is the email of the user being approved. - Use Email to approve an email address that is not associated with a created user. (e.g. when using PlatformInvitation) - UserRef and Email are mutually exclusive. Exactly one of them must be specified. - type: string - userRef: - description: |- - UserRef is the reference to the user being approved. - UserRef and Email are mutually exclusive. Exactly one of them must be specified. - properties: - name: - description: Name is the name of the User being referenced. - type: string - required: - - name - type: object - type: object - x-kubernetes-validations: - - message: Exactly one of email or userRef must be specified - rule: (has(self.email) && !has(self.userRef)) || (!has(self.email) - && has(self.userRef)) - required: - - subjectRef - type: object - x-kubernetes-validations: - - message: spec is immutable - rule: self == oldSelf - status: - properties: - conditions: - default: - - lastTransitionTime: "1970-01-01T00:00:00Z" - message: Platform access approval reconciliation is pending - reason: ReconcilePending - status: Unknown - type: Ready - description: Conditions provide conditions that represent the current - status of the PlatformAccessDenial. - items: - description: Condition contains details for one aspect of the current - state of this API Resource. - properties: - lastTransitionTime: - description: |- - lastTransitionTime is the last time the condition transitioned from one status to another. - This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - format: date-time - type: string - message: - description: |- - message is a human readable message indicating details about the transition. - This may be an empty string. - maxLength: 32768 - type: string - observedGeneration: - description: |- - observedGeneration represents the .metadata.generation that the condition was set based upon. - For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date - with respect to the current state of the instance. - format: int64 - minimum: 0 - type: integer - reason: - description: |- - reason contains a programmatic identifier indicating the reason for the condition's last transition. - Producers of specific condition types may define expected values and meanings for this field, - and whether the values are considered a guaranteed API. - The value should be a CamelCase string. - This field may not be empty. - maxLength: 1024 - minLength: 1 - pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ - type: string - status: - description: status of the condition, one of True, False, Unknown. - enum: - - "True" - - "False" - - Unknown - type: string - type: - description: type of condition in CamelCase or in foo.example.com/CamelCase. - maxLength: 316 - pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ - type: string - required: - - lastTransitionTime - - message - - reason - - status - - type - type: object - type: array - type: object - type: object - served: true - storage: true - subresources: - status: {} diff --git a/config/crd/bases/iam/kustomization.yaml b/config/crd/bases/iam/kustomization.yaml index 366abfce..485b046b 100644 --- a/config/crd/bases/iam/kustomization.yaml +++ b/config/crd/bases/iam/kustomization.yaml @@ -11,3 +11,4 @@ resources: - iam.miloapis.com_userdeactivations.yaml - iam.miloapis.com_platforminvitations.yaml - iam.miloapis.com_platformaccessapprovals.yaml +- iam.miloapis.com_platformaccessrejections.yaml diff --git a/docs/api/iam.md b/docs/api/iam.md index 6edfe9c3..cf5c14f5 100644 --- a/docs/api/iam.md +++ b/docs/api/iam.md @@ -16,8 +16,6 @@ Resource Types: - [PlatformAccessApproval](#platformaccessapproval) -- [PlatformAccessDenial](#platformaccessdenial) - - [PlatformAccessRejection](#platformaccessrejection) - [PlatformInvitation](#platforminvitation) @@ -834,298 +832,6 @@ If not specified, the approval was made by the system. -## PlatformAccessDenial -[↩ Parent](#iammiloapiscomv1alpha1 ) - - - - - - -PlatformAccessDenial is the Schema for the platformaccessapprovals API. -It represents a platform access approval for a user. Once the platform access approval is created, an email will be sent to the user. - -
| Name | -Type | -Description | -Required | -
|---|---|---|---|
| apiVersion | -string | -iam.miloapis.com/v1alpha1 | -true | -
| kind | -string | -PlatformAccessDenial | -true | -
| metadata | -object | -Refer to the Kubernetes API documentation for the fields of the `metadata` field. | -true | -
| spec | -object | -
- PlatformAccessDenialSpec defines the desired state of PlatformAccessDenial. - - Validations: |
- false | -
| status | -object | -
- - |
- false | -
| Name | -Type | -Description | -Required | -
|---|---|---|---|
| subjectRef | -object | -
- SubjectRef is the reference to the subject being approved. - - Validations: |
- true | -
| approverRef | -object | -
- ApproverRef is the reference to the approver being approved.
-If not specified, the approval was made by the system. - |
- false | -
| Name | -Type | -Description | -Required | -
|---|---|---|---|
| string | -
- Email is the email of the user being approved.
-Use Email to approve an email address that is not associated with a created user. (e.g. when using PlatformInvitation)
-UserRef and Email are mutually exclusive. Exactly one of them must be specified. - |
- false | -|
| userRef | -object | -
- UserRef is the reference to the user being approved.
-UserRef and Email are mutually exclusive. Exactly one of them must be specified. - |
- false | -
| Name | -Type | -Description | -Required | -
|---|---|---|---|
| name | -string | -
- Name is the name of the User being referenced. - |
- true | -
| Name | -Type | -Description | -Required | -
|---|---|---|---|
| name | -string | -
- Name is the name of the User being referenced. - |
- true | -
| Name | -Type | -Description | -Required | -
|---|---|---|---|
| conditions | -[]object | -
- Conditions provide conditions that represent the current status of the PlatformAccessDenial. - - Default: [map[lastTransitionTime:1970-01-01T00:00:00Z message:Platform access approval reconciliation is pending reason:ReconcilePending status:Unknown type:Ready]] - |
- false | -
| Name | -Type | -Description | -Required | -
|---|---|---|---|
| lastTransitionTime | -string | -
- lastTransitionTime is the last time the condition transitioned from one status to another.
-This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. - - Format: date-time - |
- true | -
| message | -string | -
- message is a human readable message indicating details about the transition.
-This may be an empty string. - |
- true | -
| reason | -string | -
- reason contains a programmatic identifier indicating the reason for the condition's last transition.
-Producers of specific condition types may define expected values and meanings for this field,
-and whether the values are considered a guaranteed API.
-The value should be a CamelCase string.
-This field may not be empty. - |
- true | -
| status | -enum | -
- status of the condition, one of True, False, Unknown. - - Enum: True, False, Unknown - |
- true | -
| type | -string | -
- type of condition in CamelCase or in foo.example.com/CamelCase. - |
- true | -
| observedGeneration | -integer | -
- observedGeneration represents the .metadata.generation that the condition was set based upon.
-For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date
-with respect to the current state of the instance. - - Format: int64 - Minimum: 0 - |
- false | -