managedidentity.azure.com/v1api20230131
APIVersion
| Value | Description |
|---|---|
| “2023-01-31” |
FederatedIdentityCredential
Generator information: - Generated from: /msi/resource-manager/Microsoft.ManagedIdentity/stable/2023-01-31/ManagedIdentity.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{resourceName}/federatedIdentityCredentials/{federatedIdentityCredentialResourceName}
Used by: FederatedIdentityCredentialList.
| Property | Description | Type |
|---|---|---|
| metav1.TypeMeta | ||
| metav1.ObjectMeta | ||
| spec | FederatedIdentityCredential_Spec Optional |
|
| status | FederatedIdentityCredential_STATUS Optional |
FederatedIdentityCredential_Spec
| Property | Description | Type |
|---|---|---|
| audiences | The list of audiences that can appear in the issued token. | string[] Required |
| azureName | The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be. | string Optional |
| issuer | The URL of the issuer to be trusted. | string Optional |
| issuerFromConfig | The URL of the issuer to be trusted. | genruntime.ConfigMapReference Optional |
| operatorSpec | The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure | FederatedIdentityCredentialOperatorSpec Optional |
| owner | The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a managedidentity.azure.com/UserAssignedIdentity resource | genruntime.KnownResourceReference Required |
| subject | The identifier of the external identity. | string Optional |
| subjectFromConfig | The identifier of the external identity. | genruntime.ConfigMapReference Optional |
FederatedIdentityCredential_STATUS
| Property | Description | Type |
|---|---|---|
| audiences | The list of audiences that can appear in the issued token. | string[] Optional |
| conditions | The observed state of the resource | conditions.Condition[] Optional |
| id | Fully qualified resource ID for the resource. E.g. “/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}” | string Optional |
| issuer | The URL of the issuer to be trusted. | string Optional |
| name | The name of the resource | string Optional |
| subject | The identifier of the external identity. | string Optional |
| systemData | Azure Resource Manager metadata containing createdBy and modifiedBy information. | SystemData_STATUS Optional |
| type | The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts” | string Optional |
FederatedIdentityCredentialList
Generator information: - Generated from: /msi/resource-manager/Microsoft.ManagedIdentity/stable/2023-01-31/ManagedIdentity.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{resourceName}/federatedIdentityCredentials/{federatedIdentityCredentialResourceName}
| Property | Description | Type |
|---|---|---|
| metav1.TypeMeta | ||
| metav1.ListMeta | ||
| items | FederatedIdentityCredential[] Optional |
UserAssignedIdentity
Generator information: - Generated from: /msi/resource-manager/Microsoft.ManagedIdentity/stable/2023-01-31/ManagedIdentity.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{resourceName}
Used by: UserAssignedIdentityList.
| Property | Description | Type |
|---|---|---|
| metav1.TypeMeta | ||
| metav1.ObjectMeta | ||
| spec | UserAssignedIdentity_Spec Optional |
|
| status | UserAssignedIdentity_STATUS Optional |
UserAssignedIdentity_Spec
| Property | Description | Type |
|---|---|---|
| azureName | The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be. | string Optional |
| location | The geo-location where the resource lives | string Required |
| operatorSpec | The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure | UserAssignedIdentityOperatorSpec Optional |
| owner | The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource | genruntime.KnownResourceReference Required |
| tags | Resource tags. | map[string]string Optional |
UserAssignedIdentity_STATUS
| Property | Description | Type |
|---|---|---|
| clientId | The id of the app associated with the identity. This is a random generated UUID by MSI. | string Optional |
| conditions | The observed state of the resource | conditions.Condition[] Optional |
| id | Fully qualified resource ID for the resource. E.g. “/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}” | string Optional |
| location | The geo-location where the resource lives | string Optional |
| name | The name of the resource | string Optional |
| principalId | The id of the service principal object associated with the created identity. | string Optional |
| systemData | Azure Resource Manager metadata containing createdBy and modifiedBy information. | SystemData_STATUS Optional |
| tags | Resource tags. | map[string]string Optional |
| tenantId | The id of the tenant which the identity belongs to. | string Optional |
| type | The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts” | string Optional |
UserAssignedIdentityList
Generator information: - Generated from: /msi/resource-manager/Microsoft.ManagedIdentity/stable/2023-01-31/ManagedIdentity.json - ARM URI: /subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/Microsoft.ManagedIdentity/userAssignedIdentities/{resourceName}
| Property | Description | Type |
|---|---|---|
| metav1.TypeMeta | ||
| metav1.ListMeta | ||
| items | UserAssignedIdentity[] Optional |
FederatedIdentityCredential_Spec
Used by: FederatedIdentityCredential.
| Property | Description | Type |
|---|---|---|
| audiences | The list of audiences that can appear in the issued token. | string[] Required |
| azureName | The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be. | string Optional |
| issuer | The URL of the issuer to be trusted. | string Optional |
| issuerFromConfig | The URL of the issuer to be trusted. | genruntime.ConfigMapReference Optional |
| operatorSpec | The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure | FederatedIdentityCredentialOperatorSpec Optional |
| owner | The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a managedidentity.azure.com/UserAssignedIdentity resource | genruntime.KnownResourceReference Required |
| subject | The identifier of the external identity. | string Optional |
| subjectFromConfig | The identifier of the external identity. | genruntime.ConfigMapReference Optional |
FederatedIdentityCredential_STATUS
Used by: FederatedIdentityCredential.
| Property | Description | Type |
|---|---|---|
| audiences | The list of audiences that can appear in the issued token. | string[] Optional |
| conditions | The observed state of the resource | conditions.Condition[] Optional |
| id | Fully qualified resource ID for the resource. E.g. “/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}” | string Optional |
| issuer | The URL of the issuer to be trusted. | string Optional |
| name | The name of the resource | string Optional |
| subject | The identifier of the external identity. | string Optional |
| systemData | Azure Resource Manager metadata containing createdBy and modifiedBy information. | SystemData_STATUS Optional |
| type | The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts” | string Optional |
UserAssignedIdentity_Spec
Used by: UserAssignedIdentity.
| Property | Description | Type |
|---|---|---|
| azureName | The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it doesn’t have to be. | string Optional |
| location | The geo-location where the resource lives | string Required |
| operatorSpec | The specification for configuring operator behavior. This field is interpreted by the operator and not passed directly to Azure | UserAssignedIdentityOperatorSpec Optional |
| owner | The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also controls the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a reference to a resources.azure.com/ResourceGroup resource | genruntime.KnownResourceReference Required |
| tags | Resource tags. | map[string]string Optional |
UserAssignedIdentity_STATUS
Used by: UserAssignedIdentity.
| Property | Description | Type |
|---|---|---|
| clientId | The id of the app associated with the identity. This is a random generated UUID by MSI. | string Optional |
| conditions | The observed state of the resource | conditions.Condition[] Optional |
| id | Fully qualified resource ID for the resource. E.g. “/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{resourceProviderNamespace}/{resourceType}/{resourceName}” | string Optional |
| location | The geo-location where the resource lives | string Optional |
| name | The name of the resource | string Optional |
| principalId | The id of the service principal object associated with the created identity. | string Optional |
| systemData | Azure Resource Manager metadata containing createdBy and modifiedBy information. | SystemData_STATUS Optional |
| tags | Resource tags. | map[string]string Optional |
| tenantId | The id of the tenant which the identity belongs to. | string Optional |
| type | The type of the resource. E.g. “Microsoft.Compute/virtualMachines” or “Microsoft.Storage/storageAccounts” | string Optional |
FederatedIdentityCredentialOperatorSpec
Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure
Used by: FederatedIdentityCredential_Spec.
| Property | Description | Type |
|---|---|---|
| configMapExpressions | configures where to place operator written dynamic ConfigMaps (created with CEL expressions). | core.DestinationExpression[] Optional |
| secretExpressions | configures where to place operator written dynamic secrets (created with CEL expressions). | core.DestinationExpression[] Optional |
SystemData_STATUS
Metadata pertaining to creation and last modification of the resource.
Used by: FederatedIdentityCredential_STATUS, and UserAssignedIdentity_STATUS.
| Property | Description | Type |
|---|---|---|
| createdAt | The timestamp of resource creation (UTC). | string Optional |
| createdBy | The identity that created the resource. | string Optional |
| createdByType | The type of identity that created the resource. | SystemData_CreatedByType_STATUS Optional |
| lastModifiedAt | The timestamp of resource last modification (UTC) | string Optional |
| lastModifiedBy | The identity that last modified the resource. | string Optional |
| lastModifiedByType | The type of identity that last modified the resource. | SystemData_LastModifiedByType_STATUS Optional |
UserAssignedIdentityOperatorSpec
Details for configuring operator behavior. Fields in this struct are interpreted by the operator directly rather than being passed to Azure
Used by: UserAssignedIdentity_Spec.
| Property | Description | Type |
|---|---|---|
| configMapExpressions | configures where to place operator written dynamic ConfigMaps (created with CEL expressions). | core.DestinationExpression[] Optional |
| configMaps | configures where to place operator written ConfigMaps. | UserAssignedIdentityOperatorConfigMaps Optional |
| secretExpressions | configures where to place operator written dynamic secrets (created with CEL expressions). | core.DestinationExpression[] Optional |
| secrets | configures where to place Azure generated secrets. | UserAssignedIdentityOperatorSecrets Optional |
SystemData_CreatedByType_STATUS
Used by: SystemData_STATUS.
| Value | Description |
|---|---|
| “Application” | |
| “Key” | |
| “ManagedIdentity” | |
| “User” |
SystemData_LastModifiedByType_STATUS
Used by: SystemData_STATUS.
| Value | Description |
|---|---|
| “Application” | |
| “Key” | |
| “ManagedIdentity” | |
| “User” |
UserAssignedIdentityOperatorConfigMaps
Used by: UserAssignedIdentityOperatorSpec.
| Property | Description | Type |
|---|---|---|
| clientId | indicates where the ClientId config map should be placed. If omitted, no config map will be created. | genruntime.ConfigMapDestination Optional |
| principalId | indicates where the PrincipalId config map should be placed. If omitted, no config map will be created. | genruntime.ConfigMapDestination Optional |
| tenantId | indicates where the TenantId config map should be placed. If omitted, no config map will be created. | genruntime.ConfigMapDestination Optional |
UserAssignedIdentityOperatorSecrets
Used by: UserAssignedIdentityOperatorSpec.
| Property | Description | Type |
|---|---|---|
| clientId | indicates where the ClientId secret should be placed. If omitted, the secret will not be retrieved from Azure. | genruntime.SecretDestination Optional |
| principalId | indicates where the PrincipalId secret should be placed. If omitted, the secret will not be retrieved from Azure. | genruntime.SecretDestination Optional |
| tenantId | indicates where the TenantId secret should be placed. If omitted, the secret will not be retrieved from Azure. | genruntime.SecretDestination Optional |