authorization.azure.com/v1api20220401

Package v1api20220401 contains API Schema definitions for the authorization v1api20220401 API group

Resource Types:

APIVersion (`string` alias)

Value	Description
"2022-04-01"

Permission

(Appears on:RoleDefinition_Spec)

Role definition permissions.

Field	Description
`actions` []string	Actions: Allowed actions.
`dataActions` []string	DataActions: Allowed Data actions.
`notActions` []string	NotActions: Denied actions.
`notDataActions` []string	NotDataActions: Denied Data actions.

Permission_STATUS

(Appears on:RoleDefinition_STATUS)

Role definition permissions.

Field	Description
`actions` []string	Actions: Allowed actions.
`dataActions` []string	DataActions: Allowed Data actions.
`notActions` []string	NotActions: Denied actions.
`notDataActions` []string	NotDataActions: Denied Data actions.

RoleAssignment

Generator information: - Generated from: /authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleAssignmentsCalls.json - ARM URI: /{scope}/providers/Microsoft.Authorization/roleAssignments/{roleAssignmentName}

Field Description

metadata
Kubernetes meta/v1.ObjectMeta Refer to the Kubernetes API documentation for the fields of the metadata field.

spec
RoleAssignment_Spec

`azureName` string	AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.
`condition` string	Condition: The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase ‘foo_storage_container’
`conditionVersion` string	ConditionVersion: Version of the condition. Currently the only accepted value is ‘2.0’
`delegatedManagedIdentityResourceReference` genruntime.ResourceReference	DelegatedManagedIdentityResourceReference: Id of the delegated managed identity resource
`description` string	Description: Description of role assignment
`operatorSpec` RoleAssignmentOperatorSpec	OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure
`owner` genruntime.ArbitraryOwnerReference	Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. This resource is an extension resource, which means that any other Azure resource can be its owner.
`principalId` string	PrincipalId: The principal ID.
`principalIdFromConfig` genruntime.ConfigMapReference	PrincipalIdFromConfig: The principal ID.
`principalType` RoleAssignmentProperties_PrincipalType	PrincipalType: The principal type of the assigned principal ID.
`roleDefinitionReference` genruntime.ResourceReference	RoleDefinitionReference: The role definition ID.

status
RoleAssignment_STATUS

RoleAssignmentOperatorSpec

(Appears on:RoleAssignment_Spec)

Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure

Field	Description
`configMapExpressions` []genruntime/core.DestinationExpression	ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).
`namingConvention` string	NamingConvention: The uuid generation technique to use for any role without an explicit AzureName. One of ‘stable’ or ‘random’.
`secretExpressions` []genruntime/core.DestinationExpression	SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).

RoleAssignmentProperties_PrincipalType (`string` alias)

(Appears on:RoleAssignment_Spec)

Value	Description
"Device"
"ForeignGroup"
"Group"
"ServicePrincipal"
"User"

RoleAssignmentProperties_PrincipalType_STATUS (`string` alias)

(Appears on:RoleAssignment_STATUS)

Value	Description
"Device"
"ForeignGroup"
"Group"
"ServicePrincipal"
"User"

RoleAssignment_STATUS

(Appears on:RoleAssignment)

Role Assignments

Field	Description
`condition` string	Condition: The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase ‘foo_storage_container’
`conditionVersion` string	ConditionVersion: Version of the condition. Currently the only accepted value is ‘2.0’
`conditions` []genruntime/conditions.Condition	Conditions: The observed state of the resource
`createdBy` string	CreatedBy: Id of the user who created the assignment
`createdOn` string	CreatedOn: Time it was created
`delegatedManagedIdentityResourceId` string	DelegatedManagedIdentityResourceId: Id of the delegated managed identity resource
`description` string	Description: Description of role assignment
`id` string	Id: The role assignment ID.
`name` string	Name: The role assignment name.
`principalId` string	PrincipalId: The principal ID.
`principalType` RoleAssignmentProperties_PrincipalType_STATUS	PrincipalType: The principal type of the assigned principal ID.
`roleDefinitionId` string	RoleDefinitionId: The role definition ID.
`scope` string	Scope: The role assignment scope.
`type` string	Type: The role assignment type.
`updatedBy` string	UpdatedBy: Id of the user who updated the assignment
`updatedOn` string	UpdatedOn: Time it was updated

RoleAssignment_Spec

(Appears on:RoleAssignment)

Field	Description
`azureName` string	AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.
`condition` string	Condition: The conditions on the role assignment. This limits the resources it can be assigned to. e.g.: @Resource[Microsoft.Storage/storageAccounts/blobServices/containers:ContainerName] StringEqualsIgnoreCase ‘foo_storage_container’
`conditionVersion` string	ConditionVersion: Version of the condition. Currently the only accepted value is ‘2.0’
`delegatedManagedIdentityResourceReference` genruntime.ResourceReference	DelegatedManagedIdentityResourceReference: Id of the delegated managed identity resource
`description` string	Description: Description of role assignment
`operatorSpec` RoleAssignmentOperatorSpec	OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure
`owner` genruntime.ArbitraryOwnerReference	Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. This resource is an extension resource, which means that any other Azure resource can be its owner.
`principalId` string	PrincipalId: The principal ID.
`principalIdFromConfig` genruntime.ConfigMapReference	PrincipalIdFromConfig: The principal ID.
`principalType` RoleAssignmentProperties_PrincipalType	PrincipalType: The principal type of the assigned principal ID.
`roleDefinitionReference` genruntime.ResourceReference	RoleDefinitionReference: The role definition ID.

RoleDefinition

Generator information: - Generated from: /authorization/resource-manager/Microsoft.Authorization/stable/2022-04-01/authorization-RoleDefinitionsCalls.json - ARM URI: /{scope}/providers/Microsoft.Authorization/roleDefinitions/{roleDefinitionId}

Field Description

metadata
Kubernetes meta/v1.ObjectMeta Refer to the Kubernetes API documentation for the fields of the metadata field.

spec
RoleDefinition_Spec

`assignableScopesReferences` []genruntime.ResourceReference	AssignableScopesReferences: Role definition assignable scopes.
`azureName` string	AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.
`description` string	Description: The role definition description.
`operatorSpec` RoleDefinitionOperatorSpec	OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure
`owner` genruntime.ArbitraryOwnerReference	Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. This resource is an extension resource, which means that any other Azure resource can be its owner.
`permissions` []Permission	Permissions: Role definition permissions.
`roleName` string	RoleName: The role name.
`type` string	Type: The role type.

status
RoleDefinition_STATUS

RoleDefinitionOperatorSpec

(Appears on:RoleDefinition_Spec)

Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure

Field	Description
`configMapExpressions` []genruntime/core.DestinationExpression	ConfigMapExpressions: configures where to place operator written dynamic ConfigMaps (created with CEL expressions).
`namingConvention` string	NamingConvention: The uuid generation technique to use for any role without an explicit AzureName. One of ‘stable’ or ‘random’.
`secretExpressions` []genruntime/core.DestinationExpression	SecretExpressions: configures where to place operator written dynamic secrets (created with CEL expressions).

RoleDefinition_STATUS

(Appears on:RoleDefinition)

Role definition.

Field	Description
`assignableScopes` []string	AssignableScopes: Role definition assignable scopes.
`conditions` []genruntime/conditions.Condition	Conditions: The observed state of the resource
`createdBy` string	CreatedBy: Id of the user who created the assignment
`createdOn` string	CreatedOn: Time it was created
`description` string	Description: The role definition description.
`id` string	Id: The role definition ID.
`name` string	Name: The role definition name.
`permissions` []Permission_STATUS	Permissions: Role definition permissions.
`properties_type` string	PropertiesType: The role type.
`roleName` string	RoleName: The role name.
`type` string	Type: The role definition type.
`updatedBy` string	UpdatedBy: Id of the user who updated the assignment
`updatedOn` string	UpdatedOn: Time it was updated

RoleDefinition_Spec

(Appears on:RoleDefinition)

Field	Description
`assignableScopesReferences` []genruntime.ResourceReference	AssignableScopesReferences: Role definition assignable scopes.
`azureName` string	AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be.
`description` string	Description: The role definition description.
`operatorSpec` RoleDefinitionOperatorSpec	OperatorSpec: The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure
`owner` genruntime.ArbitraryOwnerReference	Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. This resource is an extension resource, which means that any other Azure resource can be its owner.
`permissions` []Permission	Permissions: Role definition permissions.
`roleName` string	RoleName: The role name.
`type` string	Type: The role type.

authorization.azure.com/v1api20220401