diff --git a/CHANGELOG.md b/CHANGELOG.md
index 645bc36ceb..aaf83d7c05 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,9 +2,13 @@
### Supported Kubernetes versions
+- v1.17.x
- v1.16.x
- v1.15.x
-- v1.14.x
+
+### Major changes
+
+- Add support for Kubernetes v1.17.0 (https://github.com/pulumi/pulumi-kubernetes/pull/706)
## 1.3.4 (December 5, 2019)
diff --git a/Makefile b/Makefile
index 24bd875aca..3b347617d5 100644
--- a/Makefile
+++ b/Makefile
@@ -11,7 +11,7 @@ PROVIDER := pulumi-resource-${PACK}
CODEGEN := pulumi-gen-${PACK}
VERSION ?= $(shell scripts/get-version)
PYPI_VERSION := $(shell scripts/get-py-version)
-KUBE_VERSION ?= v1.16.0
+KUBE_VERSION ?= v1.17.0
SWAGGER_URL ?= https://github.com/kubernetes/kubernetes/raw/${KUBE_VERSION}/api/openapi-spec/swagger.json
OPENAPI_DIR := pkg/gen/openapi-specs
OPENAPI_FILE := ${OPENAPI_DIR}/swagger-${KUBE_VERSION}.json
diff --git a/pkg/gen/dotnet.go b/pkg/gen/dotnet.go
index 5049780963..22d374d6d7 100644
--- a/pkg/gen/dotnet.go
+++ b/pkg/gen/dotnet.go
@@ -37,6 +37,7 @@ var pascalCaseMapping = map[string]string{
"discovery": "Discovery",
"events": "Events",
"extensions": "Extensions",
+ "flowcontrol": "FlowControl",
"networking": "Networking",
"meta": "Meta",
"node": "Node",
diff --git a/sdk/dotnet/Discovery/V1Alpha1/EndpointSlice.cs b/sdk/dotnet/Discovery/V1Beta1/EndpointSlice.cs
similarity index 83%
rename from sdk/dotnet/Discovery/V1Alpha1/EndpointSlice.cs
rename to sdk/dotnet/Discovery/V1Beta1/EndpointSlice.cs
index ef84efd1a7..da40fe4a7a 100755
--- a/sdk/dotnet/Discovery/V1Alpha1/EndpointSlice.cs
+++ b/sdk/dotnet/Discovery/V1Beta1/EndpointSlice.cs
@@ -5,7 +5,7 @@
using System.Threading.Tasks;
using Pulumi.Serialization;
-namespace Pulumi.Kubernetes.Discovery.V1Alpha1
+namespace Pulumi.Kubernetes.Discovery.V1Beta1
{
///
/// EndpointSlice represents a subset of the endpoints that implement a service. For a given
@@ -16,7 +16,9 @@ public partial class EndpointSlice : Pulumi.CustomResource
{
///
/// addressType specifies the type of address carried by this EndpointSlice. All addresses
- /// in this slice must be the same type. Default is IP
+ /// in this slice must be the same type. This field is immutable after creation. The
+ /// following address types are currently supported: * IPv4: Represents an IPv4 Address. *
+ /// IPv6: Represents an IPv6 Address. * FQDN: Represents a Fully Qualified Domain Name.
///
[Output("addressType")]
public Output AddressType { get; private set; } = null!;
@@ -35,7 +37,7 @@ public partial class EndpointSlice : Pulumi.CustomResource
/// of 1000 endpoints.
///
[Output("endpoints")]
- public Output Endpoints { get; private set; } = null!;
+ public Output Endpoints { get; private set; } = null!;
///
/// Kind is a string value representing the REST resource this object represents. Servers
@@ -59,7 +61,7 @@ public partial class EndpointSlice : Pulumi.CustomResource
/// Each slice may include a maximum of 100 ports.
///
[Output("ports")]
- public Output Ports { get; private set; } = null!;
+ public Output Ports { get; private set; } = null!;
///
@@ -68,15 +70,15 @@ public partial class EndpointSlice : Pulumi.CustomResource
/// The unique name of the resource
/// The arguments used to populate this resource's properties
/// A bag of options that control this resource's behavior
- public EndpointSlice(string name, Types.Inputs.Discovery.V1Alpha1.EndpointSliceArgs? args = null, CustomResourceOptions? options = null)
- : base("kubernetes:discovery.k8s.io/v1alpha1:EndpointSlice", name, SetAPIKindAndVersion(args), MakeResourceOptions(options))
+ public EndpointSlice(string name, Types.Inputs.Discovery.V1Beta1.EndpointSliceArgs? args = null, CustomResourceOptions? options = null)
+ : base("kubernetes:discovery.k8s.io/v1beta1:EndpointSlice", name, SetAPIKindAndVersion(args), MakeResourceOptions(options))
{
}
- private static ResourceArgs SetAPIKindAndVersion(Types.Inputs.Discovery.V1Alpha1.EndpointSliceArgs? args)
+ private static ResourceArgs SetAPIKindAndVersion(Types.Inputs.Discovery.V1Beta1.EndpointSliceArgs? args)
{
if (args != null) {
- args.ApiVersion = "discovery.k8s.io/v1alpha1";
+ args.ApiVersion = "discovery.k8s.io/v1beta1";
args.Kind = "EndpointSlice";
}
return args ?? ResourceArgs.Empty;
diff --git a/sdk/dotnet/Discovery/V1Alpha1/EndpointSliceList.cs b/sdk/dotnet/Discovery/V1Beta1/EndpointSliceList.cs
similarity index 87%
rename from sdk/dotnet/Discovery/V1Alpha1/EndpointSliceList.cs
rename to sdk/dotnet/Discovery/V1Beta1/EndpointSliceList.cs
index d0f1248320..8fcf9a6d52 100755
--- a/sdk/dotnet/Discovery/V1Alpha1/EndpointSliceList.cs
+++ b/sdk/dotnet/Discovery/V1Beta1/EndpointSliceList.cs
@@ -5,7 +5,7 @@
using System.Threading.Tasks;
using Pulumi.Serialization;
-namespace Pulumi.Kubernetes.Discovery.V1Alpha1
+namespace Pulumi.Kubernetes.Discovery.V1Beta1
{
///
/// EndpointSliceList represents a list of endpoint slices
@@ -25,7 +25,7 @@ public partial class EndpointSliceList : Pulumi.CustomResource
/// List of endpoint slices
///
[Output("items")]
- public Output Items { get; private set; } = null!;
+ public Output Items { get; private set; } = null!;
///
/// Kind is a string value representing the REST resource this object represents. Servers
@@ -49,15 +49,15 @@ public partial class EndpointSliceList : Pulumi.CustomResource
/// The unique name of the resource
/// The arguments used to populate this resource's properties
/// A bag of options that control this resource's behavior
- public EndpointSliceList(string name, Types.Inputs.Discovery.V1Alpha1.EndpointSliceListArgs? args = null, CustomResourceOptions? options = null)
- : base("kubernetes:discovery.k8s.io/v1alpha1:EndpointSliceList", name, SetAPIKindAndVersion(args), MakeResourceOptions(options))
+ public EndpointSliceList(string name, Types.Inputs.Discovery.V1Beta1.EndpointSliceListArgs? args = null, CustomResourceOptions? options = null)
+ : base("kubernetes:discovery.k8s.io/v1beta1:EndpointSliceList", name, SetAPIKindAndVersion(args), MakeResourceOptions(options))
{
}
- private static ResourceArgs SetAPIKindAndVersion(Types.Inputs.Discovery.V1Alpha1.EndpointSliceListArgs? args)
+ private static ResourceArgs SetAPIKindAndVersion(Types.Inputs.Discovery.V1Beta1.EndpointSliceListArgs? args)
{
if (args != null) {
- args.ApiVersion = "discovery.k8s.io/v1alpha1";
+ args.ApiVersion = "discovery.k8s.io/v1beta1";
args.Kind = "EndpointSliceList";
}
return args ?? ResourceArgs.Empty;
diff --git a/sdk/dotnet/FlowControl/V1Alpha1/FlowSchema.cs b/sdk/dotnet/FlowControl/V1Alpha1/FlowSchema.cs
new file mode 100755
index 0000000000..e6978e105d
--- /dev/null
+++ b/sdk/dotnet/FlowControl/V1Alpha1/FlowSchema.cs
@@ -0,0 +1,101 @@
+// *** WARNING: this file was generated by the Pulumi Kubernetes codegen tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+using System.Collections.Immutable;
+using System.Threading.Tasks;
+using Pulumi.Serialization;
+
+namespace Pulumi.Kubernetes.FlowControl.V1Alpha1
+{
+ ///
+ /// FlowSchema defines the schema of a group of flows. Note that a flow is made up of a set of
+ /// inbound API requests with similar attributes and is identified by a pair of strings: the
+ /// name of the FlowSchema and a "flow distinguisher".
+ ///
+ public partial class FlowSchema : Pulumi.CustomResource
+ {
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ [Output("apiVersion")]
+ public Output ApiVersion { get; private set; } = null!;
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ [Output("kind")]
+ public Output Kind { get; private set; } = null!;
+
+ ///
+ /// `metadata` is the standard object's metadata. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ ///
+ [Output("metadata")]
+ public Output Metadata { get; private set; } = null!;
+
+ ///
+ /// `spec` is the specification of the desired behavior of a FlowSchema. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ ///
+ [Output("spec")]
+ public Output Spec { get; private set; } = null!;
+
+ ///
+ /// `status` is the current status of a FlowSchema. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ ///
+ [Output("status")]
+ public Output Status { get; private set; } = null!;
+
+
+ ///
+ /// Create a FlowSchema resource with the given unique name, arguments, and options.
+ ///
+ /// The unique name of the resource
+ /// The arguments used to populate this resource's properties
+ /// A bag of options that control this resource's behavior
+ public FlowSchema(string name, Types.Inputs.FlowControl.V1Alpha1.FlowSchemaArgs? args = null, CustomResourceOptions? options = null)
+ : base("kubernetes:flowcontrol.apiserver.k8s.io/v1alpha1:FlowSchema", name, SetAPIKindAndVersion(args), MakeResourceOptions(options))
+ {
+ }
+
+ private static ResourceArgs SetAPIKindAndVersion(Types.Inputs.FlowControl.V1Alpha1.FlowSchemaArgs? args)
+ {
+ if (args != null) {
+ args.ApiVersion = "flowcontrol.apiserver.k8s.io/v1alpha1";
+ args.Kind = "FlowSchema";
+ }
+ return args ?? ResourceArgs.Empty;
+ }
+
+ private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options)
+ {
+ var defaultOptions = new CustomResourceOptions
+ {
+ Version = Utilities.Version,
+ };
+ return CustomResourceOptions.Merge(defaultOptions, options);
+ }
+
+ ///
+ /// Get an existing FlowSchema resource's state with the given name and ID.
+ ///
+ /// The unique name of the resulting resource.
+ /// The unique provider ID of the resource to lookup.
+ /// A bag of options that control this resource's behavior
+ public static FlowSchema Get(string name, Input id, CustomResourceOptions? options = null)
+ {
+ return new FlowSchema(name, null, CustomResourceOptions.Merge(options, new CustomResourceOptions
+ {
+ Id = id,
+ }));
+ }
+
+ }
+}
diff --git a/sdk/dotnet/FlowControl/V1Alpha1/FlowSchemaList.cs b/sdk/dotnet/FlowControl/V1Alpha1/FlowSchemaList.cs
new file mode 100755
index 0000000000..099a609990
--- /dev/null
+++ b/sdk/dotnet/FlowControl/V1Alpha1/FlowSchemaList.cs
@@ -0,0 +1,91 @@
+// *** WARNING: this file was generated by the Pulumi Kubernetes codegen tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+using System.Collections.Immutable;
+using System.Threading.Tasks;
+using Pulumi.Serialization;
+
+namespace Pulumi.Kubernetes.FlowControl.V1Alpha1
+{
+ ///
+ /// FlowSchemaList is a list of FlowSchema objects.
+ ///
+ public partial class FlowSchemaList : Pulumi.CustomResource
+ {
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ [Output("apiVersion")]
+ public Output ApiVersion { get; private set; } = null!;
+
+ ///
+ /// `items` is a list of FlowSchemas.
+ ///
+ [Output("items")]
+ public Output Items { get; private set; } = null!;
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ [Output("kind")]
+ public Output Kind { get; private set; } = null!;
+
+ ///
+ /// `metadata` is the standard list metadata. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ ///
+ [Output("metadata")]
+ public Output Metadata { get; private set; } = null!;
+
+
+ ///
+ /// Create a FlowSchemaList resource with the given unique name, arguments, and options.
+ ///
+ /// The unique name of the resource
+ /// The arguments used to populate this resource's properties
+ /// A bag of options that control this resource's behavior
+ public FlowSchemaList(string name, Types.Inputs.FlowControl.V1Alpha1.FlowSchemaListArgs? args = null, CustomResourceOptions? options = null)
+ : base("kubernetes:flowcontrol.apiserver.k8s.io/v1alpha1:FlowSchemaList", name, SetAPIKindAndVersion(args), MakeResourceOptions(options))
+ {
+ }
+
+ private static ResourceArgs SetAPIKindAndVersion(Types.Inputs.FlowControl.V1Alpha1.FlowSchemaListArgs? args)
+ {
+ if (args != null) {
+ args.ApiVersion = "flowcontrol.apiserver.k8s.io/v1alpha1";
+ args.Kind = "FlowSchemaList";
+ }
+ return args ?? ResourceArgs.Empty;
+ }
+
+ private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options)
+ {
+ var defaultOptions = new CustomResourceOptions
+ {
+ Version = Utilities.Version,
+ };
+ return CustomResourceOptions.Merge(defaultOptions, options);
+ }
+
+ ///
+ /// Get an existing FlowSchemaList resource's state with the given name and ID.
+ ///
+ /// The unique name of the resulting resource.
+ /// The unique provider ID of the resource to lookup.
+ /// A bag of options that control this resource's behavior
+ public static FlowSchemaList Get(string name, Input id, CustomResourceOptions? options = null)
+ {
+ return new FlowSchemaList(name, null, CustomResourceOptions.Merge(options, new CustomResourceOptions
+ {
+ Id = id,
+ }));
+ }
+
+ }
+}
diff --git a/sdk/dotnet/FlowControl/V1Alpha1/PriorityLevelConfiguration.cs b/sdk/dotnet/FlowControl/V1Alpha1/PriorityLevelConfiguration.cs
new file mode 100755
index 0000000000..947bbf0f50
--- /dev/null
+++ b/sdk/dotnet/FlowControl/V1Alpha1/PriorityLevelConfiguration.cs
@@ -0,0 +1,99 @@
+// *** WARNING: this file was generated by the Pulumi Kubernetes codegen tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+using System.Collections.Immutable;
+using System.Threading.Tasks;
+using Pulumi.Serialization;
+
+namespace Pulumi.Kubernetes.FlowControl.V1Alpha1
+{
+ ///
+ /// PriorityLevelConfiguration represents the configuration of a priority level.
+ ///
+ public partial class PriorityLevelConfiguration : Pulumi.CustomResource
+ {
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ [Output("apiVersion")]
+ public Output ApiVersion { get; private set; } = null!;
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ [Output("kind")]
+ public Output Kind { get; private set; } = null!;
+
+ ///
+ /// `metadata` is the standard object's metadata. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ ///
+ [Output("metadata")]
+ public Output Metadata { get; private set; } = null!;
+
+ ///
+ /// `spec` is the specification of the desired behavior of a "request-priority". More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ ///
+ [Output("spec")]
+ public Output Spec { get; private set; } = null!;
+
+ ///
+ /// `status` is the current status of a "request-priority". More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ ///
+ [Output("status")]
+ public Output Status { get; private set; } = null!;
+
+
+ ///
+ /// Create a PriorityLevelConfiguration resource with the given unique name, arguments, and options.
+ ///
+ /// The unique name of the resource
+ /// The arguments used to populate this resource's properties
+ /// A bag of options that control this resource's behavior
+ public PriorityLevelConfiguration(string name, Types.Inputs.FlowControl.V1Alpha1.PriorityLevelConfigurationArgs? args = null, CustomResourceOptions? options = null)
+ : base("kubernetes:flowcontrol.apiserver.k8s.io/v1alpha1:PriorityLevelConfiguration", name, SetAPIKindAndVersion(args), MakeResourceOptions(options))
+ {
+ }
+
+ private static ResourceArgs SetAPIKindAndVersion(Types.Inputs.FlowControl.V1Alpha1.PriorityLevelConfigurationArgs? args)
+ {
+ if (args != null) {
+ args.ApiVersion = "flowcontrol.apiserver.k8s.io/v1alpha1";
+ args.Kind = "PriorityLevelConfiguration";
+ }
+ return args ?? ResourceArgs.Empty;
+ }
+
+ private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options)
+ {
+ var defaultOptions = new CustomResourceOptions
+ {
+ Version = Utilities.Version,
+ };
+ return CustomResourceOptions.Merge(defaultOptions, options);
+ }
+
+ ///
+ /// Get an existing PriorityLevelConfiguration resource's state with the given name and ID.
+ ///
+ /// The unique name of the resulting resource.
+ /// The unique provider ID of the resource to lookup.
+ /// A bag of options that control this resource's behavior
+ public static PriorityLevelConfiguration Get(string name, Input id, CustomResourceOptions? options = null)
+ {
+ return new PriorityLevelConfiguration(name, null, CustomResourceOptions.Merge(options, new CustomResourceOptions
+ {
+ Id = id,
+ }));
+ }
+
+ }
+}
diff --git a/sdk/dotnet/FlowControl/V1Alpha1/PriorityLevelConfigurationList.cs b/sdk/dotnet/FlowControl/V1Alpha1/PriorityLevelConfigurationList.cs
new file mode 100755
index 0000000000..b83751c10e
--- /dev/null
+++ b/sdk/dotnet/FlowControl/V1Alpha1/PriorityLevelConfigurationList.cs
@@ -0,0 +1,91 @@
+// *** WARNING: this file was generated by the Pulumi Kubernetes codegen tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+using System.Collections.Immutable;
+using System.Threading.Tasks;
+using Pulumi.Serialization;
+
+namespace Pulumi.Kubernetes.FlowControl.V1Alpha1
+{
+ ///
+ /// PriorityLevelConfigurationList is a list of PriorityLevelConfiguration objects.
+ ///
+ public partial class PriorityLevelConfigurationList : Pulumi.CustomResource
+ {
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ [Output("apiVersion")]
+ public Output ApiVersion { get; private set; } = null!;
+
+ ///
+ /// `items` is a list of request-priorities.
+ ///
+ [Output("items")]
+ public Output Items { get; private set; } = null!;
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ [Output("kind")]
+ public Output Kind { get; private set; } = null!;
+
+ ///
+ /// `metadata` is the standard object's metadata. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ ///
+ [Output("metadata")]
+ public Output Metadata { get; private set; } = null!;
+
+
+ ///
+ /// Create a PriorityLevelConfigurationList resource with the given unique name, arguments, and options.
+ ///
+ /// The unique name of the resource
+ /// The arguments used to populate this resource's properties
+ /// A bag of options that control this resource's behavior
+ public PriorityLevelConfigurationList(string name, Types.Inputs.FlowControl.V1Alpha1.PriorityLevelConfigurationListArgs? args = null, CustomResourceOptions? options = null)
+ : base("kubernetes:flowcontrol.apiserver.k8s.io/v1alpha1:PriorityLevelConfigurationList", name, SetAPIKindAndVersion(args), MakeResourceOptions(options))
+ {
+ }
+
+ private static ResourceArgs SetAPIKindAndVersion(Types.Inputs.FlowControl.V1Alpha1.PriorityLevelConfigurationListArgs? args)
+ {
+ if (args != null) {
+ args.ApiVersion = "flowcontrol.apiserver.k8s.io/v1alpha1";
+ args.Kind = "PriorityLevelConfigurationList";
+ }
+ return args ?? ResourceArgs.Empty;
+ }
+
+ private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options)
+ {
+ var defaultOptions = new CustomResourceOptions
+ {
+ Version = Utilities.Version,
+ };
+ return CustomResourceOptions.Merge(defaultOptions, options);
+ }
+
+ ///
+ /// Get an existing PriorityLevelConfigurationList resource's state with the given name and ID.
+ ///
+ /// The unique name of the resulting resource.
+ /// The unique provider ID of the resource to lookup.
+ /// A bag of options that control this resource's behavior
+ public static PriorityLevelConfigurationList Get(string name, Input id, CustomResourceOptions? options = null)
+ {
+ return new PriorityLevelConfigurationList(name, null, CustomResourceOptions.Merge(options, new CustomResourceOptions
+ {
+ Id = id,
+ }));
+ }
+
+ }
+}
diff --git a/sdk/dotnet/Rbac/V1Alpha1/ClusterRole.cs b/sdk/dotnet/Rbac/V1Alpha1/ClusterRole.cs
index 7f3b9e3f29..3ec4fd91a3 100755
--- a/sdk/dotnet/Rbac/V1Alpha1/ClusterRole.cs
+++ b/sdk/dotnet/Rbac/V1Alpha1/ClusterRole.cs
@@ -9,7 +9,8 @@ namespace Pulumi.Kubernetes.Rbac.V1Alpha1
{
///
/// ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a
- /// unit by a RoleBinding or ClusterRoleBinding.
+ /// unit by a RoleBinding or ClusterRoleBinding. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 ClusterRole, and will no longer be served in v1.20.
///
public partial class ClusterRole : Pulumi.CustomResource
{
diff --git a/sdk/dotnet/Rbac/V1Alpha1/ClusterRoleBinding.cs b/sdk/dotnet/Rbac/V1Alpha1/ClusterRoleBinding.cs
index 18715be4c8..8648e8cddb 100755
--- a/sdk/dotnet/Rbac/V1Alpha1/ClusterRoleBinding.cs
+++ b/sdk/dotnet/Rbac/V1Alpha1/ClusterRoleBinding.cs
@@ -9,7 +9,9 @@ namespace Pulumi.Kubernetes.Rbac.V1Alpha1
{
///
/// ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a
- /// ClusterRole in the global namespace, and adds who information via Subject.
+ /// ClusterRole in the global namespace, and adds who information via Subject. Deprecated in
+ /// v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoleBinding, and will no longer be
+ /// served in v1.20.
///
public partial class ClusterRoleBinding : Pulumi.CustomResource
{
diff --git a/sdk/dotnet/Rbac/V1Alpha1/ClusterRoleBindingList.cs b/sdk/dotnet/Rbac/V1Alpha1/ClusterRoleBindingList.cs
index a8874468d0..fa23190b73 100755
--- a/sdk/dotnet/Rbac/V1Alpha1/ClusterRoleBindingList.cs
+++ b/sdk/dotnet/Rbac/V1Alpha1/ClusterRoleBindingList.cs
@@ -8,7 +8,8 @@
namespace Pulumi.Kubernetes.Rbac.V1Alpha1
{
///
- /// ClusterRoleBindingList is a collection of ClusterRoleBindings
+ /// ClusterRoleBindingList is a collection of ClusterRoleBindings. Deprecated in v1.17 in favor
+ /// of rbac.authorization.k8s.io/v1 ClusterRoleBindings, and will no longer be served in v1.20.
///
public partial class ClusterRoleBindingList : Pulumi.CustomResource
{
diff --git a/sdk/dotnet/Rbac/V1Alpha1/ClusterRoleList.cs b/sdk/dotnet/Rbac/V1Alpha1/ClusterRoleList.cs
index a9f90085a1..cc4684d0ef 100755
--- a/sdk/dotnet/Rbac/V1Alpha1/ClusterRoleList.cs
+++ b/sdk/dotnet/Rbac/V1Alpha1/ClusterRoleList.cs
@@ -8,7 +8,8 @@
namespace Pulumi.Kubernetes.Rbac.V1Alpha1
{
///
- /// ClusterRoleList is a collection of ClusterRoles
+ /// ClusterRoleList is a collection of ClusterRoles. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 ClusterRoles, and will no longer be served in v1.20.
///
public partial class ClusterRoleList : Pulumi.CustomResource
{
diff --git a/sdk/dotnet/Rbac/V1Alpha1/Role.cs b/sdk/dotnet/Rbac/V1Alpha1/Role.cs
index 6050b575f6..f506cbd240 100755
--- a/sdk/dotnet/Rbac/V1Alpha1/Role.cs
+++ b/sdk/dotnet/Rbac/V1Alpha1/Role.cs
@@ -9,7 +9,8 @@ namespace Pulumi.Kubernetes.Rbac.V1Alpha1
{
///
/// Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a
- /// RoleBinding.
+ /// RoleBinding. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 Role, and will no
+ /// longer be served in v1.20.
///
public partial class Role : Pulumi.CustomResource
{
diff --git a/sdk/dotnet/Rbac/V1Alpha1/RoleBinding.cs b/sdk/dotnet/Rbac/V1Alpha1/RoleBinding.cs
index ee9751452b..c0579793bc 100755
--- a/sdk/dotnet/Rbac/V1Alpha1/RoleBinding.cs
+++ b/sdk/dotnet/Rbac/V1Alpha1/RoleBinding.cs
@@ -11,7 +11,8 @@ namespace Pulumi.Kubernetes.Rbac.V1Alpha1
/// RoleBinding references a role, but does not contain it. It can reference a Role in the same
/// namespace or a ClusterRole in the global namespace. It adds who information via Subjects and
/// namespace information by which namespace it exists in. RoleBindings in a given namespace
- /// only have effect in that namespace.
+ /// only have effect in that namespace. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleBinding, and will no longer be served in v1.20.
///
public partial class RoleBinding : Pulumi.CustomResource
{
diff --git a/sdk/dotnet/Rbac/V1Alpha1/RoleBindingList.cs b/sdk/dotnet/Rbac/V1Alpha1/RoleBindingList.cs
index 16322acc5c..a0b8fc32eb 100755
--- a/sdk/dotnet/Rbac/V1Alpha1/RoleBindingList.cs
+++ b/sdk/dotnet/Rbac/V1Alpha1/RoleBindingList.cs
@@ -8,7 +8,8 @@
namespace Pulumi.Kubernetes.Rbac.V1Alpha1
{
///
- /// RoleBindingList is a collection of RoleBindings
+ /// RoleBindingList is a collection of RoleBindings Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleBindingList, and will no longer be served in v1.20.
///
public partial class RoleBindingList : Pulumi.CustomResource
{
diff --git a/sdk/dotnet/Rbac/V1Alpha1/RoleList.cs b/sdk/dotnet/Rbac/V1Alpha1/RoleList.cs
index fd15a3b9fc..251955148c 100755
--- a/sdk/dotnet/Rbac/V1Alpha1/RoleList.cs
+++ b/sdk/dotnet/Rbac/V1Alpha1/RoleList.cs
@@ -8,7 +8,8 @@
namespace Pulumi.Kubernetes.Rbac.V1Alpha1
{
///
- /// RoleList is a collection of Roles
+ /// RoleList is a collection of Roles. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleList, and will no longer be served in v1.20.
///
public partial class RoleList : Pulumi.CustomResource
{
diff --git a/sdk/dotnet/Rbac/V1Beta1/ClusterRole.cs b/sdk/dotnet/Rbac/V1Beta1/ClusterRole.cs
index e240e2eae7..e2ad045df4 100755
--- a/sdk/dotnet/Rbac/V1Beta1/ClusterRole.cs
+++ b/sdk/dotnet/Rbac/V1Beta1/ClusterRole.cs
@@ -9,7 +9,8 @@ namespace Pulumi.Kubernetes.Rbac.V1Beta1
{
///
/// ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a
- /// unit by a RoleBinding or ClusterRoleBinding.
+ /// unit by a RoleBinding or ClusterRoleBinding. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 ClusterRole, and will no longer be served in v1.20.
///
public partial class ClusterRole : Pulumi.CustomResource
{
diff --git a/sdk/dotnet/Rbac/V1Beta1/ClusterRoleBinding.cs b/sdk/dotnet/Rbac/V1Beta1/ClusterRoleBinding.cs
index 5d362b9d43..13c9d57aff 100755
--- a/sdk/dotnet/Rbac/V1Beta1/ClusterRoleBinding.cs
+++ b/sdk/dotnet/Rbac/V1Beta1/ClusterRoleBinding.cs
@@ -9,7 +9,9 @@ namespace Pulumi.Kubernetes.Rbac.V1Beta1
{
///
/// ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a
- /// ClusterRole in the global namespace, and adds who information via Subject.
+ /// ClusterRole in the global namespace, and adds who information via Subject. Deprecated in
+ /// v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoleBinding, and will no longer be
+ /// served in v1.20.
///
public partial class ClusterRoleBinding : Pulumi.CustomResource
{
diff --git a/sdk/dotnet/Rbac/V1Beta1/ClusterRoleBindingList.cs b/sdk/dotnet/Rbac/V1Beta1/ClusterRoleBindingList.cs
index 421be1dbac..70c13b2ccc 100755
--- a/sdk/dotnet/Rbac/V1Beta1/ClusterRoleBindingList.cs
+++ b/sdk/dotnet/Rbac/V1Beta1/ClusterRoleBindingList.cs
@@ -8,7 +8,9 @@
namespace Pulumi.Kubernetes.Rbac.V1Beta1
{
///
- /// ClusterRoleBindingList is a collection of ClusterRoleBindings
+ /// ClusterRoleBindingList is a collection of ClusterRoleBindings. Deprecated in v1.17 in favor
+ /// of rbac.authorization.k8s.io/v1 ClusterRoleBindingList, and will no longer be served in
+ /// v1.20.
///
public partial class ClusterRoleBindingList : Pulumi.CustomResource
{
diff --git a/sdk/dotnet/Rbac/V1Beta1/ClusterRoleList.cs b/sdk/dotnet/Rbac/V1Beta1/ClusterRoleList.cs
index b4a694d8a2..fc5d941366 100755
--- a/sdk/dotnet/Rbac/V1Beta1/ClusterRoleList.cs
+++ b/sdk/dotnet/Rbac/V1Beta1/ClusterRoleList.cs
@@ -8,7 +8,8 @@
namespace Pulumi.Kubernetes.Rbac.V1Beta1
{
///
- /// ClusterRoleList is a collection of ClusterRoles
+ /// ClusterRoleList is a collection of ClusterRoles. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 ClusterRoles, and will no longer be served in v1.20.
///
public partial class ClusterRoleList : Pulumi.CustomResource
{
diff --git a/sdk/dotnet/Rbac/V1Beta1/Role.cs b/sdk/dotnet/Rbac/V1Beta1/Role.cs
index 43670890ae..7513d29570 100755
--- a/sdk/dotnet/Rbac/V1Beta1/Role.cs
+++ b/sdk/dotnet/Rbac/V1Beta1/Role.cs
@@ -9,7 +9,8 @@ namespace Pulumi.Kubernetes.Rbac.V1Beta1
{
///
/// Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a
- /// RoleBinding.
+ /// RoleBinding. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 Role, and will no
+ /// longer be served in v1.20.
///
public partial class Role : Pulumi.CustomResource
{
diff --git a/sdk/dotnet/Rbac/V1Beta1/RoleBinding.cs b/sdk/dotnet/Rbac/V1Beta1/RoleBinding.cs
index 08574080ea..e145a6b14a 100755
--- a/sdk/dotnet/Rbac/V1Beta1/RoleBinding.cs
+++ b/sdk/dotnet/Rbac/V1Beta1/RoleBinding.cs
@@ -11,7 +11,8 @@ namespace Pulumi.Kubernetes.Rbac.V1Beta1
/// RoleBinding references a role, but does not contain it. It can reference a Role in the same
/// namespace or a ClusterRole in the global namespace. It adds who information via Subjects and
/// namespace information by which namespace it exists in. RoleBindings in a given namespace
- /// only have effect in that namespace.
+ /// only have effect in that namespace. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleBinding, and will no longer be served in v1.20.
///
public partial class RoleBinding : Pulumi.CustomResource
{
diff --git a/sdk/dotnet/Rbac/V1Beta1/RoleBindingList.cs b/sdk/dotnet/Rbac/V1Beta1/RoleBindingList.cs
index b1d09dd938..f2d9563a7f 100755
--- a/sdk/dotnet/Rbac/V1Beta1/RoleBindingList.cs
+++ b/sdk/dotnet/Rbac/V1Beta1/RoleBindingList.cs
@@ -8,7 +8,8 @@
namespace Pulumi.Kubernetes.Rbac.V1Beta1
{
///
- /// RoleBindingList is a collection of RoleBindings
+ /// RoleBindingList is a collection of RoleBindings Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleBindingList, and will no longer be served in v1.20.
///
public partial class RoleBindingList : Pulumi.CustomResource
{
diff --git a/sdk/dotnet/Rbac/V1Beta1/RoleList.cs b/sdk/dotnet/Rbac/V1Beta1/RoleList.cs
index 40b85ece74..e6e5f533cf 100755
--- a/sdk/dotnet/Rbac/V1Beta1/RoleList.cs
+++ b/sdk/dotnet/Rbac/V1Beta1/RoleList.cs
@@ -8,7 +8,8 @@
namespace Pulumi.Kubernetes.Rbac.V1Beta1
{
///
- /// RoleList is a collection of Roles
+ /// RoleList is a collection of Roles Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleList, and will no longer be served in v1.20.
///
public partial class RoleList : Pulumi.CustomResource
{
diff --git a/sdk/dotnet/Storage/V1/CSINode.cs b/sdk/dotnet/Storage/V1/CSINode.cs
new file mode 100755
index 0000000000..c14921d0d5
--- /dev/null
+++ b/sdk/dotnet/Storage/V1/CSINode.cs
@@ -0,0 +1,96 @@
+// *** WARNING: this file was generated by the Pulumi Kubernetes codegen tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+using System.Collections.Immutable;
+using System.Threading.Tasks;
+using Pulumi.Serialization;
+
+namespace Pulumi.Kubernetes.Storage.V1
+{
+ ///
+ /// CSINode holds information about all CSI drivers installed on a node. CSI drivers do not need
+ /// to create the CSINode object directly. As long as they use the node-driver-registrar sidecar
+ /// container, the kubelet will automatically populate the CSINode object for the CSI driver as
+ /// part of kubelet plugin registration. CSINode has the same name as a node. If the object is
+ /// missing, it means either there are no CSI Drivers available on the node, or the Kubelet
+ /// version is low enough that it doesn't create this object. CSINode has an OwnerReference that
+ /// points to the corresponding node object.
+ ///
+ public partial class CSINode : Pulumi.CustomResource
+ {
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ [Output("apiVersion")]
+ public Output ApiVersion { get; private set; } = null!;
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ [Output("kind")]
+ public Output Kind { get; private set; } = null!;
+
+ ///
+ /// metadata.name must be the Kubernetes node name.
+ ///
+ [Output("metadata")]
+ public Output Metadata { get; private set; } = null!;
+
+ ///
+ /// spec is the specification of CSINode
+ ///
+ [Output("spec")]
+ public Output Spec { get; private set; } = null!;
+
+
+ ///
+ /// Create a CSINode resource with the given unique name, arguments, and options.
+ ///
+ /// The unique name of the resource
+ /// The arguments used to populate this resource's properties
+ /// A bag of options that control this resource's behavior
+ public CSINode(string name, Types.Inputs.Storage.V1.CSINodeArgs? args = null, CustomResourceOptions? options = null)
+ : base("kubernetes:storage.k8s.io/v1:CSINode", name, SetAPIKindAndVersion(args), MakeResourceOptions(options))
+ {
+ }
+
+ private static ResourceArgs SetAPIKindAndVersion(Types.Inputs.Storage.V1.CSINodeArgs? args)
+ {
+ if (args != null) {
+ args.ApiVersion = "storage.k8s.io/v1";
+ args.Kind = "CSINode";
+ }
+ return args ?? ResourceArgs.Empty;
+ }
+
+ private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options)
+ {
+ var defaultOptions = new CustomResourceOptions
+ {
+ Version = Utilities.Version,
+ };
+ return CustomResourceOptions.Merge(defaultOptions, options);
+ }
+
+ ///
+ /// Get an existing CSINode resource's state with the given name and ID.
+ ///
+ /// The unique name of the resulting resource.
+ /// The unique provider ID of the resource to lookup.
+ /// A bag of options that control this resource's behavior
+ public static CSINode Get(string name, Input id, CustomResourceOptions? options = null)
+ {
+ return new CSINode(name, null, CustomResourceOptions.Merge(options, new CustomResourceOptions
+ {
+ Id = id,
+ }));
+ }
+
+ }
+}
diff --git a/sdk/dotnet/Storage/V1/CSINodeList.cs b/sdk/dotnet/Storage/V1/CSINodeList.cs
new file mode 100755
index 0000000000..7eda05d37f
--- /dev/null
+++ b/sdk/dotnet/Storage/V1/CSINodeList.cs
@@ -0,0 +1,91 @@
+// *** WARNING: this file was generated by the Pulumi Kubernetes codegen tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+using System.Collections.Immutable;
+using System.Threading.Tasks;
+using Pulumi.Serialization;
+
+namespace Pulumi.Kubernetes.Storage.V1
+{
+ ///
+ /// CSINodeList is a collection of CSINode objects.
+ ///
+ public partial class CSINodeList : Pulumi.CustomResource
+ {
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ [Output("apiVersion")]
+ public Output ApiVersion { get; private set; } = null!;
+
+ ///
+ /// items is the list of CSINode
+ ///
+ [Output("items")]
+ public Output Items { get; private set; } = null!;
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ [Output("kind")]
+ public Output Kind { get; private set; } = null!;
+
+ ///
+ /// Standard list metadata More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ ///
+ [Output("metadata")]
+ public Output Metadata { get; private set; } = null!;
+
+
+ ///
+ /// Create a CSINodeList resource with the given unique name, arguments, and options.
+ ///
+ /// The unique name of the resource
+ /// The arguments used to populate this resource's properties
+ /// A bag of options that control this resource's behavior
+ public CSINodeList(string name, Types.Inputs.Storage.V1.CSINodeListArgs? args = null, CustomResourceOptions? options = null)
+ : base("kubernetes:storage.k8s.io/v1:CSINodeList", name, SetAPIKindAndVersion(args), MakeResourceOptions(options))
+ {
+ }
+
+ private static ResourceArgs SetAPIKindAndVersion(Types.Inputs.Storage.V1.CSINodeListArgs? args)
+ {
+ if (args != null) {
+ args.ApiVersion = "storage.k8s.io/v1";
+ args.Kind = "CSINodeList";
+ }
+ return args ?? ResourceArgs.Empty;
+ }
+
+ private static CustomResourceOptions MakeResourceOptions(CustomResourceOptions? options)
+ {
+ var defaultOptions = new CustomResourceOptions
+ {
+ Version = Utilities.Version,
+ };
+ return CustomResourceOptions.Merge(defaultOptions, options);
+ }
+
+ ///
+ /// Get an existing CSINodeList resource's state with the given name and ID.
+ ///
+ /// The unique name of the resulting resource.
+ /// The unique provider ID of the resource to lookup.
+ /// A bag of options that control this resource's behavior
+ public static CSINodeList Get(string name, Input id, CustomResourceOptions? options = null)
+ {
+ return new CSINodeList(name, null, CustomResourceOptions.Merge(options, new CustomResourceOptions
+ {
+ Id = id,
+ }));
+ }
+
+ }
+}
diff --git a/sdk/dotnet/Storage/V1Beta1/CSINode.cs b/sdk/dotnet/Storage/V1Beta1/CSINode.cs
index 83c800b71f..0dc28ebd68 100755
--- a/sdk/dotnet/Storage/V1Beta1/CSINode.cs
+++ b/sdk/dotnet/Storage/V1Beta1/CSINode.cs
@@ -8,6 +8,9 @@
namespace Pulumi.Kubernetes.Storage.V1Beta1
{
///
+ /// DEPRECATED - storage/v1beta1/CSINode is not supported by Kubernetes 1.16+ clusters. Use
+ /// storage/v1beta1/CSINode instead.
+ ///
/// CSINode holds information about all CSI drivers installed on a node. CSI drivers do not need
/// to create the CSINode object directly. As long as they use the node-driver-registrar sidecar
/// container, the kubelet will automatically populate the CSINode object for the CSI driver as
diff --git a/sdk/dotnet/Types/Input.cs b/sdk/dotnet/Types/Input.cs
index 36ae35564b..dca56b8ae1 100755
--- a/sdk/dotnet/Types/Input.cs
+++ b/sdk/dotnet/Types/Input.cs
@@ -851,7 +851,7 @@ public InputList Rules
}
///
- /// SideEffects states whether this webhookk has side effects. Acceptable values are:
+ /// SideEffects states whether this webhook has side effects. Acceptable values are:
/// Unknown, None, Some, NoneOnDryRun Webhooks with side effects MUST implement a
/// reconciliation system, since a request may be rejected by a future step in the admission
/// change and the side effects therefore need to be undone. Requests with the dryRun
@@ -1211,7 +1211,7 @@ public InputList Rules
}
///
- /// SideEffects states whether this webhookk has side effects. Acceptable values are:
+ /// SideEffects states whether this webhook has side effects. Acceptable values are:
/// Unknown, None, Some, NoneOnDryRun Webhooks with side effects MUST implement a
/// reconciliation system, since a request may be rejected by a future step in the admission
/// change and the side effects therefore need to be undone. Requests with the dryRun
@@ -1655,7 +1655,7 @@ public class CustomResourceDefinitionSpecArgs : Pulumi.ResourceArgs
///
/// scope indicates whether the defined custom resource is cluster- or namespace-scoped.
- /// Allowed values are `Cluster` and `Namespaced`. Default is `Namespaced`.
+ /// Allowed values are `Cluster` and `Namespaced`.
///
[Input("scope", required: true)]
public Input Scope { get; set; } = null!;
@@ -1979,7 +1979,37 @@ public InputList Enum
[Input("externalDocs")]
public Input? ExternalDocs { get; set; }
-
+ ///
+ /// format is an OpenAPI v3 format string. Unknown formats are ignored. The following
+ /// formats are validated:
+ ///
+ /// - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as
+ /// parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang
+ /// net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as
+ /// defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang
+ /// net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed
+ /// by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an
+ /// UUID that allows uppercase defined by the regex
+ /// (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3
+ /// that allows uppercase defined by the regex
+ /// (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an
+ /// UUID4 that allows uppercase defined by the regex
+ /// (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5:
+ /// an UUID5 that allows uppercase defined by the regex
+ /// (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an
+ /// ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" - isbn10: an ISBN10
+ /// number string like "0321751043" - isbn13: an ISBN13 number string like "978-0321751041"
+ /// - creditcard: a credit card number defined by the regex
+ /// ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\d{3})\d{11})$
+ /// with any non digit characters mixed in - ssn: a U.S. social security number following
+ /// the regex ^\d{3}[- ]?\d{2}[- ]?\d{4}$ - hexcolor: an hexadecimal color code like
+ /// "#FFFFFF: following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB
+ /// color code like rgb like "rgb(255,255,2559" - byte: base64 encoded binary data -
+ /// password: any kind of string - date: a date string like "2006-01-02" as defined by
+ /// full-date in RFC3339 - duration: a duration string like "22 ns" as parsed by Golang
+ /// time.ParseDuration or compatible with Scala duration format - datetime: a date time
+ /// string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
+ ///
[Input("format")]
public Input? Format { get; set; }
@@ -2144,7 +2174,8 @@ public InputList X_kubernetes_list_map_keys
/// may be used on any type of list (struct, scalar, ...).
/// 2) `set`:
/// Sets are lists that must not have multiple items with the same value. Each
- /// value must be a scalar (or another atomic type).
+ /// value must be a scalar, an object with x-kubernetes-map-type `atomic` or an
+ /// array with x-kubernetes-list-type `atomic`.
/// 3) `map`:
/// These lists are like maps in that their elements have a non-index key
/// used to identify them. Order is preserved upon merge. The map tag
@@ -2154,6 +2185,20 @@ public InputList X_kubernetes_list_map_keys
[Input("x_kubernetes_list_type")]
public Input? X_kubernetes_list_type { get; set; }
+ ///
+ /// x-kubernetes-map-type annotates an object to further describe its topology. This
+ /// extension must only be used when type is object and may have 2 possible values:
+ ///
+ /// 1) `granular`:
+ /// These maps are actual maps (key-value pairs) and each fields are independent
+ /// from each other (they can each be manipulated by separate actors). This is
+ /// the default behaviour for all maps.
+ /// 2) `atomic`: the list is treated as a single entity, like a scalar.
+ /// Atomic maps will be entirely replaced when updated.
+ ///
+ [Input("x_kubernetes_map_type")]
+ public Input? X_kubernetes_map_type { get; set; }
+
///
/// x-kubernetes-preserve-unknown-fields stops the API server decoding step from pruning
/// fields which are not specified in the validation schema. This affects fields
@@ -2952,7 +2997,37 @@ public InputList Enum
[Input("externalDocs")]
public Input? ExternalDocs { get; set; }
-
+ ///
+ /// format is an OpenAPI v3 format string. Unknown formats are ignored. The following
+ /// formats are validated:
+ ///
+ /// - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as
+ /// parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang
+ /// net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as
+ /// defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang
+ /// net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed
+ /// by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an
+ /// UUID that allows uppercase defined by the regex
+ /// (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3
+ /// that allows uppercase defined by the regex
+ /// (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an
+ /// UUID4 that allows uppercase defined by the regex
+ /// (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5:
+ /// an UUID5 that allows uppercase defined by the regex
+ /// (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an
+ /// ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" - isbn10: an ISBN10
+ /// number string like "0321751043" - isbn13: an ISBN13 number string like "978-0321751041"
+ /// - creditcard: a credit card number defined by the regex
+ /// ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\d{3})\d{11})$
+ /// with any non digit characters mixed in - ssn: a U.S. social security number following
+ /// the regex ^\d{3}[- ]?\d{2}[- ]?\d{4}$ - hexcolor: an hexadecimal color code like
+ /// "#FFFFFF: following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB
+ /// color code like rgb like "rgb(255,255,2559" - byte: base64 encoded binary data -
+ /// password: any kind of string - date: a date string like "2006-01-02" as defined by
+ /// full-date in RFC3339 - duration: a duration string like "22 ns" as parsed by Golang
+ /// time.ParseDuration or compatible with Scala duration format - datetime: a date time
+ /// string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
+ ///
[Input("format")]
public Input? Format { get; set; }
@@ -3117,7 +3192,8 @@ public InputList X_kubernetes_list_map_keys
/// may be used on any type of list (struct, scalar, ...).
/// 2) `set`:
/// Sets are lists that must not have multiple items with the same value. Each
- /// value must be a scalar (or another atomic type).
+ /// value must be a scalar, an object with x-kubernetes-map-type `atomic` or an
+ /// array with x-kubernetes-list-type `atomic`.
/// 3) `map`:
/// These lists are like maps in that their elements have a non-index key
/// used to identify them. Order is preserved upon merge. The map tag
@@ -3127,6 +3203,20 @@ public InputList X_kubernetes_list_map_keys
[Input("x_kubernetes_list_type")]
public Input? X_kubernetes_list_type { get; set; }
+ ///
+ /// x-kubernetes-map-type annotates an object to further describe its topology. This
+ /// extension must only be used when type is object and may have 2 possible values:
+ ///
+ /// 1) `granular`:
+ /// These maps are actual maps (key-value pairs) and each fields are independent
+ /// from each other (they can each be manipulated by separate actors). This is
+ /// the default behaviour for all maps.
+ /// 2) `atomic`: the list is treated as a single entity, like a scalar.
+ /// Atomic maps will be entirely replaced when updated.
+ ///
+ [Input("x_kubernetes_map_type")]
+ public Input? X_kubernetes_map_type { get; set; }
+
///
/// x-kubernetes-preserve-unknown-fields stops the API server decoding step from pruning
/// fields which are not specified in the validation schema. This affects fields
@@ -13377,7 +13467,7 @@ public class EnvVarSourceArgs : Pulumi.ResourceArgs
///
/// Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels,
/// metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP,
- /// status.podIP.
+ /// status.podIP, status.podIPs.
///
[Input("fieldRef")]
public Input? FieldRef { get; set; }
@@ -17074,8 +17164,7 @@ public InputList ReadinessGates
/// Share a single process namespace between all of the containers in a pod. When this is
/// set containers will be able to view and signal processes from other containers in the
/// same pod, and the first process in each container will not be assigned PID 1. HostPID
- /// and ShareProcessNamespace cannot both be set. Optional: Default to false. This field is
- /// beta-level and may be disabled with the PodShareProcessNamespace feature.
+ /// and ShareProcessNamespace cannot both be set. Optional: Default to false.
///
[Input("shareProcessNamespace")]
public Input? ShareProcessNamespace { get; set; }
@@ -19203,6 +19292,26 @@ public InputMap Selector
[Input("sessionAffinityConfig")]
public Input? SessionAffinityConfig { get; set; }
+ [Input("topologyKeys")]
+ private InputList? _topologyKeys;
+
+ ///
+ /// topologyKeys is a preference-order list of topology keys which implementations of
+ /// services should use to preferentially sort endpoints when accessing this Service, it can
+ /// not be used at the same time as externalTrafficPolicy=Local. Topology keys must be valid
+ /// label keys and at most 16 keys may be specified. Endpoints are chosen based on the first
+ /// topology key with available backends. If this field is specified and all entries have no
+ /// backends that match the topology of the client, the service has no backends for that
+ /// client and connections should fail. The special value "*" may be used to mean "any
+ /// topology". This catch-all value, if used, only makes sense as the last value in the
+ /// list. If this is not specified or empty, no topology constraints will be applied.
+ ///
+ public InputList TopologyKeys
+ {
+ get => _topologyKeys ?? (_topologyKeys = new InputList());
+ set => _topologyKeys = value;
+ }
+
///
/// type determines how the Service is exposed. Defaults to ClusterIP. Valid options are
/// ExternalName, ClusterIP, NodePort, and LoadBalancer. "ExternalName" maps to the
@@ -19853,7 +19962,7 @@ public class VolumeMountArgs : Pulumi.ResourceArgs
/// Expanded path within the volume from which the container's volume should be mounted.
/// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are
/// expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr
- /// and SubPath are mutually exclusive. This field is beta in 1.15.
+ /// and SubPath are mutually exclusive.
///
[Input("subPathExpr")]
public Input? SubPathExpr { get; set; }
@@ -19982,8 +20091,8 @@ public class WindowsSecurityContextOptionsArgs : Pulumi.ResourceArgs
/// The UserName in Windows to run the entrypoint of the container process. Defaults to the
/// user specified in image metadata if unspecified. May also be set in PodSecurityContext.
/// If set in both SecurityContext and PodSecurityContext, the value specified in
- /// SecurityContext takes precedence. This field is alpha-level and it is only honored by
- /// servers that enable the WindowsRunAsUserName feature flag.
+ /// SecurityContext takes precedence. This field is beta-level and may be disabled with the
+ /// WindowsRunAsUserName feature flag.
///
[Input("runAsUserName")]
public Input? RunAsUserName { get; set; }
@@ -19996,7 +20105,7 @@ public class WindowsSecurityContextOptionsArgs : Pulumi.ResourceArgs
namespace Pulumi.Kubernetes.Types.Inputs.Discovery
{
- namespace V1Alpha1
+ namespace V1Beta1
{
///
/// Endpoint represents a single logical "backend" implementing a service.
@@ -20008,8 +20117,7 @@ public class EndpointArgs : Pulumi.ResourceArgs
///
/// addresses of this endpoint. The contents of this field are interpreted according to the
- /// corresponding EndpointSlice addressType field. This allows for cases like dual-stack
- /// (IPv4 and IPv6) networking. Consumers (e.g. kube-proxy) must handle different types of
+ /// corresponding EndpointSlice addressType field. Consumers must handle different types of
/// addresses in the context of their own capabilities. This must contain at least one
/// address but no more than 100.
///
@@ -20023,7 +20131,7 @@ public InputList Addresses
/// conditions contains information about the current status of the endpoint.
///
[Input("conditions")]
- public Input? Conditions { get; set; }
+ public Input? Conditions { get; set; }
///
/// hostname of this endpoint. This field may be used by consumers of endpoints to
@@ -20085,13 +20193,22 @@ public class EndpointConditionsArgs : Pulumi.ResourceArgs
///
public class EndpointPortArgs : Pulumi.ResourceArgs
{
+ ///
+ /// The application protocol for this port. This field follows standard Kubernetes label
+ /// syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335
+ /// and http://www.iana.org/assignments/service-names). Non-standard protocols should use
+ /// prefixed names. Default is empty string.
+ ///
+ [Input("appProtocol")]
+ public Input? AppProtocol { get; set; }
+
///
/// The name of this port. All ports in an EndpointSlice must have a unique name. If the
/// EndpointSlice is dervied from a Kubernetes service, this corresponds to the
- /// Service.ports[].name. Name must either be an empty string or pass IANA_SVC_NAME
- /// validation: * must be no more than 15 characters long * may contain only [-a-z0-9] *
- /// must contain at least one letter [a-z] * it must not start or end with a hyphen, nor
- /// contain adjacent hyphens Default is empty string.
+ /// Service.ports[].name. Name must either be an empty string or pass DNS_LABEL validation:
+ /// * must be no more than 63 characters long. * must consist of lower case alphanumeric
+ /// characters or '-'. * must start and end with an alphanumeric character. Default is empty
+ /// string.
///
[Input("name")]
public Input? Name { get; set; }
@@ -20118,26 +20235,28 @@ public class EndpointPortArgs : Pulumi.ResourceArgs
///
public class EndpointSliceArgs : Pulumi.ResourceArgs
{
+ ///
+ /// addressType specifies the type of address carried by this EndpointSlice. All addresses
+ /// in this slice must be the same type. This field is immutable after creation. The
+ /// following address types are currently supported: * IPv4: Represents an IPv4 Address. *
+ /// IPv6: Represents an IPv6 Address. * FQDN: Represents a Fully Qualified Domain Name.
+ ///
+ [Input("addressType", required: true)]
+ public Input AddressType { get; set; } = null!;
+
[Input("endpoints", required: true)]
- private InputList? _endpoints;
+ private InputList? _endpoints;
///
/// endpoints is a list of unique endpoints in this slice. Each slice may include a maximum
/// of 1000 endpoints.
///
- public InputList Endpoints
+ public InputList Endpoints
{
- get => _endpoints ?? (_endpoints = new InputList());
+ get => _endpoints ?? (_endpoints = new InputList());
set => _endpoints = value;
}
- ///
- /// addressType specifies the type of address carried by this EndpointSlice. All addresses
- /// in this slice must be the same type. Default is IP
- ///
- [Input("addressType")]
- public Input? AddressType { get; set; }
-
///
/// APIVersion defines the versioned schema of this representation of an object. Servers
/// should convert recognized schemas to the latest internal value, and may reject
@@ -20163,7 +20282,7 @@ public InputList Endpoints
public Input? Metadata { get; set; }
[Input("ports")]
- private InputList? _ports;
+ private InputList? _ports;
///
/// ports specifies the list of network ports exposed by each endpoint in this slice. Each
@@ -20171,9 +20290,9 @@ public InputList Endpoints
/// defined ports. When a port is defined with a nil port value, it indicates "all ports".
/// Each slice may include a maximum of 100 ports.
///
- public InputList Ports
+ public InputList Ports
{
- get => _ports ?? (_ports = new InputList());
+ get => _ports ?? (_ports = new InputList());
set => _ports = value;
}
@@ -20185,14 +20304,14 @@ public InputList Ports
public class EndpointSliceListArgs : Pulumi.ResourceArgs
{
[Input("items", required: true)]
- private InputList? _items;
+ private InputList? _items;
///
/// List of endpoint slices
///
- public InputList Items
+ public InputList Items
{
- get => _items ?? (_items = new InputList());
+ get => _items ?? (_items = new InputList());
set => _items = value;
}
@@ -22613,33 +22732,31 @@ public InputList Ranges
}
-namespace Pulumi.Kubernetes.Types.Inputs.Meta
+namespace Pulumi.Kubernetes.Types.Inputs.FlowControl
{
- namespace V1
+ namespace V1Alpha1
{
///
- /// APIGroup contains the name, the supported versions, and the preferred version of a group.
+ /// FlowDistinguisherMethod specifies the method of a flow distinguisher.
///
- public class APIGroupArgs : Pulumi.ResourceArgs
+ public class FlowDistinguisherMethodArgs : Pulumi.ResourceArgs
{
///
- /// name is the name of the group.
+ /// `type` is the type of flow distinguisher method The supported types are "ByUser" and
+ /// "ByNamespace". Required.
///
- [Input("name", required: true)]
- public Input Name { get; set; } = null!;
-
- [Input("versions", required: true)]
- private InputList? _versions;
+ [Input("type", required: true)]
+ public Input Type { get; set; } = null!;
- ///
- /// versions are the versions supported in this group.
- ///
- public InputList Versions
- {
- get => _versions ?? (_versions = new InputList());
- set => _versions = value;
- }
+ }
+ ///
+ /// FlowSchema defines the schema of a group of flows. Note that a flow is made up of a set of
+ /// inbound API requests with similar attributes and is identified by a pair of strings: the
+ /// name of the FlowSchema and a "flow distinguisher".
+ ///
+ public class FlowSchemaArgs : Pulumi.ResourceArgs
+ {
///
/// APIVersion defines the versioned schema of this representation of an object. Servers
/// should convert recognized schemas to the latest internal value, and may reject
@@ -22659,48 +22776,68 @@ public InputList Versions
public Input? Kind { get; set; }
///
- /// preferredVersion is the version preferred by the API server, which probably is the
- /// storage version.
+ /// `metadata` is the standard object's metadata. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
///
- [Input("preferredVersion")]
- public Input? PreferredVersion { get; set; }
+ [Input("metadata")]
+ public Input? Metadata { get; set; }
- [Input("serverAddressByClientCIDRs")]
- private InputList? _serverAddressByClientCIDRs;
+ ///
+ /// `spec` is the specification of the desired behavior of a FlowSchema. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ ///
+ [Input("spec")]
+ public Input? Spec { get; set; }
+
+ }
+ ///
+ /// FlowSchemaCondition describes conditions for a FlowSchema.
+ ///
+ public class FlowSchemaConditionArgs : Pulumi.ResourceArgs
+ {
///
- /// a map of client CIDR to server address that is serving this group. This is to help
- /// clients reach servers in the most network-efficient way possible. Clients can use the
- /// appropriate server address as per the CIDR that they match. In case of multiple matches,
- /// clients should use the longest matching CIDR. The server returns only those CIDRs that
- /// it thinks that the client can match. For example: the master will return an internal IP
- /// CIDR only, if the client reaches the server using an internal IP. Server looks at
- /// X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get
- /// the client IP.
+ /// `lastTransitionTime` is the last time the condition transitioned from one status to
+ /// another.
///
- public InputList ServerAddressByClientCIDRs
- {
- get => _serverAddressByClientCIDRs ?? (_serverAddressByClientCIDRs = new InputList());
- set => _serverAddressByClientCIDRs = value;
- }
+ [Input("lastTransitionTime")]
+ public Input? LastTransitionTime { get; set; }
+
+ ///
+ /// `message` is a human-readable message indicating details about last transition.
+ ///
+ [Input("message")]
+ public Input? Message { get; set; }
+
+ ///
+ /// `reason` is a unique, one-word, CamelCase reason for the condition's last transition.
+ ///
+ [Input("reason")]
+ public Input? Reason { get; set; }
+
+ ///
+ /// `type` is the type of the condition. Required.
+ ///
+ [Input("type")]
+ public Input? Type { get; set; }
}
///
- /// APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis.
+ /// FlowSchemaList is a list of FlowSchema objects.
///
- public class APIGroupListArgs : Pulumi.ResourceArgs
+ public class FlowSchemaListArgs : Pulumi.ResourceArgs
{
- [Input("groups", required: true)]
- private InputList? _groups;
+ [Input("items", required: true)]
+ private InputList? _items;
///
- /// groups is a list of APIGroup.
+ /// `items` is a list of FlowSchemas.
///
- public InputList Groups
+ public InputList Items
{
- get => _groups ?? (_groups = new InputList());
- set => _groups = value;
+ get => _items ?? (_items = new InputList());
+ set => _items = value;
}
///
@@ -22721,162 +22858,860 @@ public InputList Groups
[Input("kind")]
public Input? Kind { get; set; }
+ ///
+ /// `metadata` is the standard list metadata. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ ///
+ [Input("metadata")]
+ public Input? Metadata { get; set; }
+
}
///
- /// APIResource specifies the name of a resource and whether it is namespaced.
+ /// FlowSchemaSpec describes how the FlowSchema's specification looks like.
///
- public class APIResourceArgs : Pulumi.ResourceArgs
+ public class FlowSchemaSpecArgs : Pulumi.ResourceArgs
{
///
- /// kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')
- ///
- [Input("kind", required: true)]
- public Input Kind { get; set; } = null!;
-
- ///
- /// name is the plural name of the resource.
- ///
- [Input("name", required: true)]
- public Input Name { get; set; } = null!;
-
- ///
- /// namespaced indicates if a resource is namespaced or not.
+ /// `priorityLevelConfiguration` should reference a PriorityLevelConfiguration in the
+ /// cluster. If the reference cannot be resolved, the FlowSchema will be ignored and marked
+ /// as invalid in its status. Required.
///
- [Input("namespaced", required: true)]
- public Input Namespaced { get; set; } = null!;
+ [Input("priorityLevelConfiguration", required: true)]
+ public Input PriorityLevelConfiguration { get; set; } = null!;
///
- /// singularName is the singular name of the resource. This allows clients to handle plural
- /// and singular opaquely. The singularName is more correct for reporting status on a single
- /// item and both singular and plural are allowed from the kubectl CLI interface.
+ /// `distinguisherMethod` defines how to compute the flow distinguisher for requests that
+ /// match this schema. `nil` specifies that the distinguisher is disabled and thus will
+ /// always be the empty string.
///
- [Input("singularName", required: true)]
- public Input SingularName { get; set; } = null!;
-
- [Input("verbs", required: true)]
- private InputList? _verbs;
+ [Input("distinguisherMethod")]
+ public Input? DistinguisherMethod { get; set; }
///
- /// verbs is a list of supported kube verbs (this includes get, list, watch, create, update,
- /// patch, delete, deletecollection, and proxy)
+ /// `matchingPrecedence` is used to choose among the FlowSchemas that match a given request.
+ /// The chosen FlowSchema is among those with the numerically lowest (which we take to be
+ /// logically highest) MatchingPrecedence. Each MatchingPrecedence value must be
+ /// non-negative. Note that if the precedence is not specified or zero, it will be set to
+ /// 1000 as default.
///
- public InputList Verbs
- {
- get => _verbs ?? (_verbs = new InputList());
- set => _verbs = value;
- }
+ [Input("matchingPrecedence")]
+ public Input? MatchingPrecedence { get; set; }
- [Input("categories")]
- private InputList? _categories;
+ [Input("rules")]
+ private InputList? _rules;
///
- /// categories is a list of the grouped resources this resource belongs to (e.g. 'all')
+ /// `rules` describes which requests will match this flow schema. This FlowSchema matches a
+ /// request if and only if at least one member of rules matches the request. if it is an
+ /// empty slice, there will be no requests matching the FlowSchema.
///
- public InputList Categories
+ public InputList Rules
{
- get => _categories ?? (_categories = new InputList());
- set => _categories = value;
+ get => _rules ?? (_rules = new InputList());
+ set => _rules = value;
}
- ///
- /// group is the preferred group of the resource. Empty implies the group of the containing
- /// resource list. For subresources, this may have a different value, for example: Scale".
- ///
- [Input("group")]
- public Input? Group { get; set; }
+ }
- [Input("shortNames")]
- private InputList? _shortNames;
+ ///
+ /// FlowSchemaStatus represents the current state of a FlowSchema.
+ ///
+ public class FlowSchemaStatusArgs : Pulumi.ResourceArgs
+ {
+ [Input("conditions")]
+ private InputList? _conditions;
///
- /// shortNames is a list of suggested short names of the resource.
+ /// `conditions` is a list of the current states of FlowSchema.
///
- public InputList ShortNames
+ public InputList Conditions
{
- get => _shortNames ?? (_shortNames = new InputList());
- set => _shortNames = value;
+ get => _conditions ?? (_conditions = new InputList());
+ set => _conditions = value;
}
- ///
- /// The hash value of the storage version, the version this resource is converted to when
- /// written to the data store. Value must be treated as opaque by clients. Only equality
- /// comparison on the value is valid. This is an alpha feature and may change or be removed
- /// in the future. The field is populated by the apiserver only if the StorageVersionHash
- /// feature gate is enabled. This field will remain optional even if it graduates.
- ///
- [Input("storageVersionHash")]
- public Input? StorageVersionHash { get; set; }
+ }
+ ///
+ /// GroupSubject holds detailed information for group-kind subject.
+ ///
+ public class GroupSubjectArgs : Pulumi.ResourceArgs
+ {
///
- /// version is the preferred version of the resource. Empty implies the version of the
- /// containing resource list For subresources, this may have a different value, for example:
- /// v1 (while inside a v1beta1 version of the core resource's group)".
+ /// name is the user group that matches, or "*" to match all user groups. See
+ /// https://github.com/kubernetes/apiserver/blob/master/pkg/authentication/user/user.go for
+ /// some well-known group names. Required.
///
- [Input("version")]
- public Input? Version { get; set; }
+ [Input("name", required: true)]
+ public Input Name { get; set; } = null!;
}
///
- /// APIResourceList is a list of APIResource, it is used to expose the name of the resources
- /// supported in a specific group and version, and if the resource is namespaced.
+ /// LimitResponse defines how to handle requests that can not be executed right now.
///
- public class APIResourceListArgs : Pulumi.ResourceArgs
+ public class LimitResponseArgs : Pulumi.ResourceArgs
{
///
- /// groupVersion is the group and version this APIResourceList is for.
+ /// `type` is "Queue" or "Reject". "Queue" means that requests that can not be executed upon
+ /// arrival are held in a queue until they can be executed or a queuing limit is reached.
+ /// "Reject" means that requests that can not be executed upon arrival are rejected.
+ /// Required.
///
- [Input("groupVersion", required: true)]
- public Input GroupVersion { get; set; } = null!;
-
- [Input("resources", required: true)]
- private InputList? _resources;
+ [Input("type", required: true)]
+ public Input Type { get; set; } = null!;
///
- /// resources contains the name of the resources and if they are namespaced.
+ /// `queuing` holds the configuration parameters for queuing. This field may be non-empty
+ /// only if `type` is `"Queue"`.
///
- public InputList Resources
- {
- get => _resources ?? (_resources = new InputList());
- set => _resources = value;
- }
+ [Input("queuing")]
+ public Input? Queuing { get; set; }
+
+ }
+ ///
+ /// LimitedPriorityLevelConfiguration specifies how to handle requests that are subject to
+ /// limits. It addresses two issues:
+ /// * How are requests for this priority level limited?
+ /// * What should be done with requests that exceed the limit?
+ ///
+ public class LimitedPriorityLevelConfigurationArgs : Pulumi.ResourceArgs
+ {
///
- /// APIVersion defines the versioned schema of this representation of an object. Servers
- /// should convert recognized schemas to the latest internal value, and may reject
- /// unrecognized values. More info:
- /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ /// `assuredConcurrencyShares` (ACS) configures the execution limit, which is a limit on the
+ /// number of requests of this priority level that may be exeucting at a given time. ACS
+ /// must be a positive number. The server's concurrency limit (SCL) is divided among the
+ /// concurrency-controlled priority levels in proportion to their assured concurrency
+ /// shares. This produces the assured concurrency value (ACV) --- the number of requests
+ /// that may be executing at a time --- for each such priority level:
+ ///
+ /// ACV(l) = ceil( SCL * ACS(l) / ( sum[priority levels k] ACS(k) ) )
+ ///
+ /// bigger numbers of ACS mean more reserved concurrent requests (at the expense of every
+ /// other PL). This field has a default value of 30.
///
- [Input("apiVersion")]
- public Input? ApiVersion { get; set; }
+ [Input("assuredConcurrencyShares")]
+ public Input? AssuredConcurrencyShares { get; set; }
///
- /// Kind is a string value representing the REST resource this object represents. Servers
- /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
- /// CamelCase. More info:
- /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ /// `limitResponse` indicates what to do with requests that can not be executed right now
///
- [Input("kind")]
- public Input? Kind { get; set; }
+ [Input("limitResponse")]
+ public Input? LimitResponse { get; set; }
}
///
- /// APIVersions lists the versions that are available, to allow clients to discover the API at
- /// /api, which is the root path of the legacy v1 API.
+ /// NonResourcePolicyRule is a predicate that matches non-resource requests according to their
+ /// verb and the target non-resource URL. A NonResourcePolicyRule matches a request if and only
+ /// if both (a) at least one member of verbs matches the request and (b) at least one member of
+ /// nonResourceURLs matches the request.
///
- public class APIVersionsArgs : Pulumi.ResourceArgs
+ public class NonResourcePolicyRuleArgs : Pulumi.ResourceArgs
{
- [Input("serverAddressByClientCIDRs", required: true)]
- private InputList? _serverAddressByClientCIDRs;
+ [Input("nonResourceURLs", required: true)]
+ private InputList? _nonResourceURLs;
///
- /// a map of client CIDR to server address that is serving this group. This is to help
- /// clients reach servers in the most network-efficient way possible. Clients can use the
- /// appropriate server address as per the CIDR that they match. In case of multiple matches,
- /// clients should use the longest matching CIDR. The server returns only those CIDRs that
- /// it thinks that the client can match. For example: the master will return an internal IP
+ /// `nonResourceURLs` is a set of url prefixes that a user should have access to and may not
+ /// be empty. For example:
+ /// - "/healthz" is legal
+ /// - "/hea*" is illegal
+ /// - "/hea" is legal but matches nothing
+ /// - "/hea/*" also matches nothing
+ /// - "/healthz/*" matches all per-component health checks.
+ /// "*" matches all non-resource urls. if it is present, it must be the only entry.
+ /// Required.
+ ///
+ public InputList NonResourceURLs
+ {
+ get => _nonResourceURLs ?? (_nonResourceURLs = new InputList());
+ set => _nonResourceURLs = value;
+ }
+
+ [Input("verbs", required: true)]
+ private InputList? _verbs;
+
+ ///
+ /// `verbs` is a list of matching verbs and may not be empty. "*" matches all verbs. If it
+ /// is present, it must be the only entry. Required.
+ ///
+ public InputList Verbs
+ {
+ get => _verbs ?? (_verbs = new InputList());
+ set => _verbs = value;
+ }
+
+ }
+
+ ///
+ /// PolicyRulesWithSubjects prescribes a test that applies to a request to an apiserver. The
+ /// test considers the subject making the request, the verb being requested, and the resource to
+ /// be acted upon. This PolicyRulesWithSubjects matches a request if and only if both (a) at
+ /// least one member of subjects matches the request and (b) at least one member of
+ /// resourceRules or nonResourceRules matches the request.
+ ///
+ public class PolicyRulesWithSubjectsArgs : Pulumi.ResourceArgs
+ {
+ [Input("subjects", required: true)]
+ private InputList? _subjects;
+
+ ///
+ /// subjects is the list of normal user, serviceaccount, or group that this rule cares
+ /// about. There must be at least one member in this slice. A slice that includes both the
+ /// system:authenticated and system:unauthenticated user groups matches every request.
+ /// Required.
+ ///
+ public InputList Subjects
+ {
+ get => _subjects ?? (_subjects = new InputList());
+ set => _subjects = value;
+ }
+
+ [Input("nonResourceRules")]
+ private InputList? _nonResourceRules;
+
+ ///
+ /// `nonResourceRules` is a list of NonResourcePolicyRules that identify matching requests
+ /// according to their verb and the target non-resource URL.
+ ///
+ public InputList NonResourceRules
+ {
+ get => _nonResourceRules ?? (_nonResourceRules = new InputList());
+ set => _nonResourceRules = value;
+ }
+
+ [Input("resourceRules")]
+ private InputList? _resourceRules;
+
+ ///
+ /// `resourceRules` is a slice of ResourcePolicyRules that identify matching requests
+ /// according to their verb and the target resource. At least one of `resourceRules` and
+ /// `nonResourceRules` has to be non-empty.
+ ///
+ public InputList ResourceRules
+ {
+ get => _resourceRules ?? (_resourceRules = new InputList());
+ set => _resourceRules = value;
+ }
+
+ }
+
+ ///
+ /// PriorityLevelConfiguration represents the configuration of a priority level.
+ ///
+ public class PriorityLevelConfigurationArgs : Pulumi.ResourceArgs
+ {
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ [Input("apiVersion")]
+ public Input? ApiVersion { get; set; }
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ [Input("kind")]
+ public Input? Kind { get; set; }
+
+ ///
+ /// `metadata` is the standard object's metadata. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ ///
+ [Input("metadata")]
+ public Input? Metadata { get; set; }
+
+ ///
+ /// `spec` is the specification of the desired behavior of a "request-priority". More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ ///
+ [Input("spec")]
+ public Input? Spec { get; set; }
+
+ }
+
+ ///
+ /// PriorityLevelConfigurationCondition defines the condition of priority level.
+ ///
+ public class PriorityLevelConfigurationConditionArgs : Pulumi.ResourceArgs
+ {
+ ///
+ /// `lastTransitionTime` is the last time the condition transitioned from one status to
+ /// another.
+ ///
+ [Input("lastTransitionTime")]
+ public Input? LastTransitionTime { get; set; }
+
+ ///
+ /// `message` is a human-readable message indicating details about last transition.
+ ///
+ [Input("message")]
+ public Input? Message { get; set; }
+
+ ///
+ /// `reason` is a unique, one-word, CamelCase reason for the condition's last transition.
+ ///
+ [Input("reason")]
+ public Input? Reason { get; set; }
+
+ ///
+ /// `type` is the type of the condition. Required.
+ ///
+ [Input("type")]
+ public Input? Type { get; set; }
+
+ }
+
+ ///
+ /// PriorityLevelConfigurationList is a list of PriorityLevelConfiguration objects.
+ ///
+ public class PriorityLevelConfigurationListArgs : Pulumi.ResourceArgs
+ {
+ [Input("items", required: true)]
+ private InputList? _items;
+
+ ///
+ /// `items` is a list of request-priorities.
+ ///
+ public InputList Items
+ {
+ get => _items ?? (_items = new InputList());
+ set => _items = value;
+ }
+
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ [Input("apiVersion")]
+ public Input? ApiVersion { get; set; }
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ [Input("kind")]
+ public Input? Kind { get; set; }
+
+ ///
+ /// `metadata` is the standard object's metadata. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ ///
+ [Input("metadata")]
+ public Input? Metadata { get; set; }
+
+ }
+
+ ///
+ /// PriorityLevelConfigurationReference contains information that points to the
+ /// "request-priority" being used.
+ ///
+ public class PriorityLevelConfigurationReferenceArgs : Pulumi.ResourceArgs
+ {
+ ///
+ /// `name` is the name of the priority level configuration being referenced Required.
+ ///
+ [Input("name", required: true)]
+ public Input Name { get; set; } = null!;
+
+ }
+
+ ///
+ /// PriorityLevelConfigurationSpec specifies the configuration of a priority level.
+ ///
+ public class PriorityLevelConfigurationSpecArgs : Pulumi.ResourceArgs
+ {
+ ///
+ /// `type` indicates whether this priority level is subject to limitation on request
+ /// execution. A value of `"Exempt"` means that requests of this priority level are not
+ /// subject to a limit (and thus are never queued) and do not detract from the capacity made
+ /// available to other priority levels. A value of `"Limited"` means that (a) requests of
+ /// this priority level _are_ subject to limits and (b) some of the server's limited
+ /// capacity is made available exclusively to this priority level. Required.
+ ///
+ [Input("type", required: true)]
+ public Input Type { get; set; } = null!;
+
+ ///
+ /// `limited` specifies how requests are handled for a Limited priority level. This field
+ /// must be non-empty if and only if `type` is `"Limited"`.
+ ///
+ [Input("limited")]
+ public Input? Limited { get; set; }
+
+ }
+
+ ///
+ /// PriorityLevelConfigurationStatus represents the current state of a "request-priority".
+ ///
+ public class PriorityLevelConfigurationStatusArgs : Pulumi.ResourceArgs
+ {
+ [Input("conditions")]
+ private InputList? _conditions;
+
+ ///
+ /// `conditions` is the current state of "request-priority".
+ ///
+ public InputList Conditions
+ {
+ get => _conditions ?? (_conditions = new InputList());
+ set => _conditions = value;
+ }
+
+ }
+
+ ///
+ /// QueuingConfiguration holds the configuration parameters for queuing
+ ///
+ public class QueuingConfigurationArgs : Pulumi.ResourceArgs
+ {
+ ///
+ /// `handSize` is a small positive number that configures the shuffle sharding of requests
+ /// into queues. When enqueuing a request at this priority level the request's flow
+ /// identifier (a string pair) is hashed and the hash value is used to shuffle the list of
+ /// queues and deal a hand of the size specified here. The request is put into one of the
+ /// shortest queues in that hand. `handSize` must be no larger than `queues`, and should be
+ /// significantly smaller (so that a few heavy flows do not saturate most of the queues).
+ /// See the user-facing documentation for more extensive guidance on setting this field.
+ /// This field has a default value of 8.
+ ///
+ [Input("handSize")]
+ public Input? HandSize { get; set; }
+
+ ///
+ /// `queueLengthLimit` is the maximum number of requests allowed to be waiting in a given
+ /// queue of this priority level at a time; excess requests are rejected. This value must
+ /// be positive. If not specified, it will be defaulted to 50.
+ ///
+ [Input("queueLengthLimit")]
+ public Input? QueueLengthLimit { get; set; }
+
+ ///
+ /// `queues` is the number of queues for this priority level. The queues exist independently
+ /// at each apiserver. The value must be positive. Setting it to 1 effectively precludes
+ /// shufflesharding and thus makes the distinguisher method of associated flow schemas
+ /// irrelevant. This field has a default value of 64.
+ ///
+ [Input("queues")]
+ public Input? Queues { get; set; }
+
+ }
+
+ ///
+ /// ResourcePolicyRule is a predicate that matches some resource requests, testing the request's
+ /// verb and the target resource. A ResourcePolicyRule matches a resource request if and only
+ /// if: (a) at least one member of verbs matches the request, (b) at least one member of
+ /// apiGroups matches the request, (c) at least one member of resources matches the request, and
+ /// (d) least one member of namespaces matches the request.
+ ///
+ public class ResourcePolicyRuleArgs : Pulumi.ResourceArgs
+ {
+ [Input("apiGroups", required: true)]
+ private InputList? _apiGroups;
+
+ ///
+ /// `apiGroups` is a list of matching API groups and may not be empty. "*" matches all API
+ /// groups and, if present, must be the only entry. Required.
+ ///
+ public InputList ApiGroups
+ {
+ get => _apiGroups ?? (_apiGroups = new InputList());
+ set => _apiGroups = value;
+ }
+
+ [Input("resources", required: true)]
+ private InputList? _resources;
+
+ ///
+ /// `resources` is a list of matching resources (i.e., lowercase and plural) with, if
+ /// desired, subresource. For example, [ "services", "nodes/status" ]. This list may not
+ /// be empty. "*" matches all resources and, if present, must be the only entry. Required.
+ ///
+ public InputList Resources
+ {
+ get => _resources ?? (_resources = new InputList());
+ set => _resources = value;
+ }
+
+ [Input("verbs", required: true)]
+ private InputList? _verbs;
+
+ ///
+ /// `verbs` is a list of matching verbs and may not be empty. "*" matches all verbs and, if
+ /// present, must be the only entry. Required.
+ ///
+ public InputList Verbs
+ {
+ get => _verbs ?? (_verbs = new InputList());
+ set => _verbs = value;
+ }
+
+ ///
+ /// `clusterScope` indicates whether to match requests that do not specify a namespace
+ /// (which happens either because the resource is not namespaced or the request targets all
+ /// namespaces). If this field is omitted or false then the `namespaces` field must contain
+ /// a non-empty list.
+ ///
+ [Input("clusterScope")]
+ public Input? ClusterScope { get; set; }
+
+ [Input("namespaces")]
+ private InputList? _namespaces;
+
+ ///
+ /// `namespaces` is a list of target namespaces that restricts matches. A request that
+ /// specifies a target namespace matches only if either (a) this list contains that target
+ /// namespace or (b) this list contains "*". Note that "*" matches any specified namespace
+ /// but does not match a request that _does not specify_ a namespace (see the `clusterScope`
+ /// field for that). This list may be empty, but only if `clusterScope` is true.
+ ///
+ public InputList Namespaces
+ {
+ get => _namespaces ?? (_namespaces = new InputList());
+ set => _namespaces = value;
+ }
+
+ }
+
+ ///
+ /// ServiceAccountSubject holds detailed information for service-account-kind subject.
+ ///
+ public class ServiceAccountSubjectArgs : Pulumi.ResourceArgs
+ {
+ ///
+ /// `name` is the name of matching ServiceAccount objects, or "*" to match regardless of
+ /// name. Required.
+ ///
+ [Input("name", required: true)]
+ public Input Name { get; set; } = null!;
+
+ ///
+ /// `namespace` is the namespace of matching ServiceAccount objects. Required.
+ ///
+ [Input("namespace", required: true)]
+ public Input Namespace { get; set; } = null!;
+
+ }
+
+ ///
+ /// Subject matches the originator of a request, as identified by the request authentication
+ /// system. There are three ways of matching an originator; by user, group, or service account.
+ ///
+ public class SubjectArgs : Pulumi.ResourceArgs
+ {
+ ///
+ /// Required
+ ///
+ [Input("kind", required: true)]
+ public Input Kind { get; set; } = null!;
+
+
+ [Input("group")]
+ public Input? Group { get; set; }
+
+
+ [Input("serviceAccount")]
+ public Input? ServiceAccount { get; set; }
+
+
+ [Input("user")]
+ public Input? User { get; set; }
+
+ }
+
+ ///
+ /// UserSubject holds detailed information for user-kind subject.
+ ///
+ public class UserSubjectArgs : Pulumi.ResourceArgs
+ {
+ ///
+ /// `name` is the username that matches, or "*" to match all usernames. Required.
+ ///
+ [Input("name", required: true)]
+ public Input Name { get; set; } = null!;
+
+ }
+
+ }
+
+}
+
+namespace Pulumi.Kubernetes.Types.Inputs.Meta
+{
+ namespace V1
+ {
+ ///
+ /// APIGroup contains the name, the supported versions, and the preferred version of a group.
+ ///
+ public class APIGroupArgs : Pulumi.ResourceArgs
+ {
+ ///
+ /// name is the name of the group.
+ ///
+ [Input("name", required: true)]
+ public Input Name { get; set; } = null!;
+
+ [Input("versions", required: true)]
+ private InputList? _versions;
+
+ ///
+ /// versions are the versions supported in this group.
+ ///
+ public InputList Versions
+ {
+ get => _versions ?? (_versions = new InputList());
+ set => _versions = value;
+ }
+
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ [Input("apiVersion")]
+ public Input? ApiVersion { get; set; }
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ [Input("kind")]
+ public Input? Kind { get; set; }
+
+ ///
+ /// preferredVersion is the version preferred by the API server, which probably is the
+ /// storage version.
+ ///
+ [Input("preferredVersion")]
+ public Input? PreferredVersion { get; set; }
+
+ [Input("serverAddressByClientCIDRs")]
+ private InputList? _serverAddressByClientCIDRs;
+
+ ///
+ /// a map of client CIDR to server address that is serving this group. This is to help
+ /// clients reach servers in the most network-efficient way possible. Clients can use the
+ /// appropriate server address as per the CIDR that they match. In case of multiple matches,
+ /// clients should use the longest matching CIDR. The server returns only those CIDRs that
+ /// it thinks that the client can match. For example: the master will return an internal IP
+ /// CIDR only, if the client reaches the server using an internal IP. Server looks at
+ /// X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get
+ /// the client IP.
+ ///
+ public InputList ServerAddressByClientCIDRs
+ {
+ get => _serverAddressByClientCIDRs ?? (_serverAddressByClientCIDRs = new InputList());
+ set => _serverAddressByClientCIDRs = value;
+ }
+
+ }
+
+ ///
+ /// APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis.
+ ///
+ public class APIGroupListArgs : Pulumi.ResourceArgs
+ {
+ [Input("groups", required: true)]
+ private InputList? _groups;
+
+ ///
+ /// groups is a list of APIGroup.
+ ///
+ public InputList Groups
+ {
+ get => _groups ?? (_groups = new InputList());
+ set => _groups = value;
+ }
+
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ [Input("apiVersion")]
+ public Input? ApiVersion { get; set; }
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ [Input("kind")]
+ public Input? Kind { get; set; }
+
+ }
+
+ ///
+ /// APIResource specifies the name of a resource and whether it is namespaced.
+ ///
+ public class APIResourceArgs : Pulumi.ResourceArgs
+ {
+ ///
+ /// kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')
+ ///
+ [Input("kind", required: true)]
+ public Input Kind { get; set; } = null!;
+
+ ///
+ /// name is the plural name of the resource.
+ ///
+ [Input("name", required: true)]
+ public Input Name { get; set; } = null!;
+
+ ///
+ /// namespaced indicates if a resource is namespaced or not.
+ ///
+ [Input("namespaced", required: true)]
+ public Input Namespaced { get; set; } = null!;
+
+ ///
+ /// singularName is the singular name of the resource. This allows clients to handle plural
+ /// and singular opaquely. The singularName is more correct for reporting status on a single
+ /// item and both singular and plural are allowed from the kubectl CLI interface.
+ ///
+ [Input("singularName", required: true)]
+ public Input SingularName { get; set; } = null!;
+
+ [Input("verbs", required: true)]
+ private InputList? _verbs;
+
+ ///
+ /// verbs is a list of supported kube verbs (this includes get, list, watch, create, update,
+ /// patch, delete, deletecollection, and proxy)
+ ///
+ public InputList Verbs
+ {
+ get => _verbs ?? (_verbs = new InputList());
+ set => _verbs = value;
+ }
+
+ [Input("categories")]
+ private InputList? _categories;
+
+ ///
+ /// categories is a list of the grouped resources this resource belongs to (e.g. 'all')
+ ///
+ public InputList Categories
+ {
+ get => _categories ?? (_categories = new InputList());
+ set => _categories = value;
+ }
+
+ ///
+ /// group is the preferred group of the resource. Empty implies the group of the containing
+ /// resource list. For subresources, this may have a different value, for example: Scale".
+ ///
+ [Input("group")]
+ public Input? Group { get; set; }
+
+ [Input("shortNames")]
+ private InputList? _shortNames;
+
+ ///
+ /// shortNames is a list of suggested short names of the resource.
+ ///
+ public InputList ShortNames
+ {
+ get => _shortNames ?? (_shortNames = new InputList());
+ set => _shortNames = value;
+ }
+
+ ///
+ /// The hash value of the storage version, the version this resource is converted to when
+ /// written to the data store. Value must be treated as opaque by clients. Only equality
+ /// comparison on the value is valid. This is an alpha feature and may change or be removed
+ /// in the future. The field is populated by the apiserver only if the StorageVersionHash
+ /// feature gate is enabled. This field will remain optional even if it graduates.
+ ///
+ [Input("storageVersionHash")]
+ public Input? StorageVersionHash { get; set; }
+
+ ///
+ /// version is the preferred version of the resource. Empty implies the version of the
+ /// containing resource list For subresources, this may have a different value, for example:
+ /// v1 (while inside a v1beta1 version of the core resource's group)".
+ ///
+ [Input("version")]
+ public Input? Version { get; set; }
+
+ }
+
+ ///
+ /// APIResourceList is a list of APIResource, it is used to expose the name of the resources
+ /// supported in a specific group and version, and if the resource is namespaced.
+ ///
+ public class APIResourceListArgs : Pulumi.ResourceArgs
+ {
+ ///
+ /// groupVersion is the group and version this APIResourceList is for.
+ ///
+ [Input("groupVersion", required: true)]
+ public Input GroupVersion { get; set; } = null!;
+
+ [Input("resources", required: true)]
+ private InputList? _resources;
+
+ ///
+ /// resources contains the name of the resources and if they are namespaced.
+ ///
+ public InputList Resources
+ {
+ get => _resources ?? (_resources = new InputList());
+ set => _resources = value;
+ }
+
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ [Input("apiVersion")]
+ public Input? ApiVersion { get; set; }
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ [Input("kind")]
+ public Input? Kind { get; set; }
+
+ }
+
+ ///
+ /// APIVersions lists the versions that are available, to allow clients to discover the API at
+ /// /api, which is the root path of the legacy v1 API.
+ ///
+ public class APIVersionsArgs : Pulumi.ResourceArgs
+ {
+ [Input("serverAddressByClientCIDRs", required: true)]
+ private InputList? _serverAddressByClientCIDRs;
+
+ ///
+ /// a map of client CIDR to server address that is serving this group. This is to help
+ /// clients reach servers in the most network-efficient way possible. Clients can use the
+ /// appropriate server address as per the CIDR that they match. In case of multiple matches,
+ /// clients should use the longest matching CIDR. The server returns only those CIDRs that
+ /// it thinks that the client can match. For example: the master will return an internal IP
/// CIDR only, if the client reaches the server using an internal IP. Server looks at
/// X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get
/// the client IP.
@@ -23265,7 +24100,14 @@ public InputMap Annotations
/// Must be empty before the object is deleted from the registry. Each entry is an
/// identifier for the responsible component that will remove the entry from the list. If
/// the deletionTimestamp of the object is non-nil, entries in this list can only be
- /// removed.
+ /// removed. Finalizers may be processed and removed in any order. Order is NOT enforced
+ /// because it introduces significant risk of stuck finalizers. finalizers is a shared
+ /// field, any actor with permission can reorder it. If the finalizer list is processed in
+ /// order, then this can lead to a situation in which the component responsible for the
+ /// first finalizer in the list is waiting for a signal (field value, external system, or
+ /// other) produced by a component responsible for a finalizer later in the list, resulting
+ /// in a deadlock. Without enforced ordering finalizers are free to order amongst themselves
+ /// and are not vulnerable to ordering changes in the list.
///
public InputList Finalizers
{
@@ -24997,7 +25839,7 @@ public InputMap DisruptedPods
///
/// Most recent generation observed when updating this PDB status. PodDisruptionsAllowed and
- /// other status informatio is valid only if observedGeneration equals to PDB's object
+ /// other status information is valid only if observedGeneration equals to PDB's object
/// generation.
///
[Input("observedGeneration")]
@@ -26047,7 +26889,8 @@ public InputList ClusterRoleSelectors
///
/// ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a
- /// unit by a RoleBinding or ClusterRoleBinding.
+ /// unit by a RoleBinding or ClusterRoleBinding. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 ClusterRole, and will no longer be served in v1.20.
///
public class ClusterRoleArgs : Pulumi.ResourceArgs
{
@@ -26099,7 +26942,9 @@ public InputList Rules
///
/// ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a
- /// ClusterRole in the global namespace, and adds who information via Subject.
+ /// ClusterRole in the global namespace, and adds who information via Subject. Deprecated in
+ /// v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoleBinding, and will no longer be
+ /// served in v1.20.
///
public class ClusterRoleBindingArgs : Pulumi.ResourceArgs
{
@@ -26149,7 +26994,8 @@ public InputList Subjects
}
///
- /// ClusterRoleBindingList is a collection of ClusterRoleBindings
+ /// ClusterRoleBindingList is a collection of ClusterRoleBindings. Deprecated in v1.17 in favor
+ /// of rbac.authorization.k8s.io/v1 ClusterRoleBindings, and will no longer be served in v1.20.
///
public class ClusterRoleBindingListArgs : Pulumi.ResourceArgs
{
@@ -26192,7 +27038,8 @@ public InputList Items
}
///
- /// ClusterRoleList is a collection of ClusterRoles
+ /// ClusterRoleList is a collection of ClusterRoles. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 ClusterRoles, and will no longer be served in v1.20.
///
public class ClusterRoleListArgs : Pulumi.ResourceArgs
{
@@ -26315,7 +27162,8 @@ public InputList Resources
///
/// Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a
- /// RoleBinding.
+ /// RoleBinding. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 Role, and will no
+ /// longer be served in v1.20.
///
public class RoleArgs : Pulumi.ResourceArgs
{
@@ -26361,7 +27209,8 @@ public InputList Rules
/// RoleBinding references a role, but does not contain it. It can reference a Role in the same
/// namespace or a ClusterRole in the global namespace. It adds who information via Subjects and
/// namespace information by which namespace it exists in. RoleBindings in a given namespace
- /// only have effect in that namespace.
+ /// only have effect in that namespace. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleBinding, and will no longer be served in v1.20.
///
public class RoleBindingArgs : Pulumi.ResourceArgs
{
@@ -26411,7 +27260,8 @@ public InputList Subjects
}
///
- /// RoleBindingList is a collection of RoleBindings
+ /// RoleBindingList is a collection of RoleBindings Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleBindingList, and will no longer be served in v1.20.
///
public class RoleBindingListArgs : Pulumi.ResourceArgs
{
@@ -26454,7 +27304,8 @@ public InputList Items
}
///
- /// RoleList is a collection of Roles
+ /// RoleList is a collection of Roles. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleList, and will no longer be served in v1.20.
///
public class RoleListArgs : Pulumi.ResourceArgs
{
@@ -26586,7 +27437,8 @@ public InputList ClusterRoleSelectors
///
/// ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a
- /// unit by a RoleBinding or ClusterRoleBinding.
+ /// unit by a RoleBinding or ClusterRoleBinding. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 ClusterRole, and will no longer be served in v1.20.
///
public class ClusterRoleArgs : Pulumi.ResourceArgs
{
@@ -26638,7 +27490,9 @@ public InputList Rules
///
/// ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a
- /// ClusterRole in the global namespace, and adds who information via Subject.
+ /// ClusterRole in the global namespace, and adds who information via Subject. Deprecated in
+ /// v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoleBinding, and will no longer be
+ /// served in v1.20.
///
public class ClusterRoleBindingArgs : Pulumi.ResourceArgs
{
@@ -26688,7 +27542,9 @@ public InputList Subjects
}
///
- /// ClusterRoleBindingList is a collection of ClusterRoleBindings
+ /// ClusterRoleBindingList is a collection of ClusterRoleBindings. Deprecated in v1.17 in favor
+ /// of rbac.authorization.k8s.io/v1 ClusterRoleBindingList, and will no longer be served in
+ /// v1.20.
///
public class ClusterRoleBindingListArgs : Pulumi.ResourceArgs
{
@@ -26731,7 +27587,8 @@ public InputList Items
}
///
- /// ClusterRoleList is a collection of ClusterRoles
+ /// ClusterRoleList is a collection of ClusterRoles. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 ClusterRoles, and will no longer be served in v1.20.
///
public class ClusterRoleListArgs : Pulumi.ResourceArgs
{
@@ -26853,7 +27710,8 @@ public InputList Resources
///
/// Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a
- /// RoleBinding.
+ /// RoleBinding. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 Role, and will no
+ /// longer be served in v1.20.
///
public class RoleArgs : Pulumi.ResourceArgs
{
@@ -26899,7 +27757,8 @@ public InputList Rules
/// RoleBinding references a role, but does not contain it. It can reference a Role in the same
/// namespace or a ClusterRole in the global namespace. It adds who information via Subjects and
/// namespace information by which namespace it exists in. RoleBindings in a given namespace
- /// only have effect in that namespace.
+ /// only have effect in that namespace. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleBinding, and will no longer be served in v1.20.
///
public class RoleBindingArgs : Pulumi.ResourceArgs
{
@@ -26949,7 +27808,8 @@ public InputList Subjects
}
///
- /// RoleBindingList is a collection of RoleBindings
+ /// RoleBindingList is a collection of RoleBindings Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleBindingList, and will no longer be served in v1.20.
///
public class RoleBindingListArgs : Pulumi.ResourceArgs
{
@@ -26992,7 +27852,8 @@ public InputList Items
}
///
- /// RoleList is a collection of Roles
+ /// RoleList is a collection of Roles Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleList, and will no longer be served in v1.20.
///
public class RoleListArgs : Pulumi.ResourceArgs
{
@@ -27599,6 +28460,166 @@ namespace Pulumi.Kubernetes.Types.Inputs.Storage
{
namespace V1
{
+ ///
+ /// CSINode holds information about all CSI drivers installed on a node. CSI drivers do not need
+ /// to create the CSINode object directly. As long as they use the node-driver-registrar sidecar
+ /// container, the kubelet will automatically populate the CSINode object for the CSI driver as
+ /// part of kubelet plugin registration. CSINode has the same name as a node. If the object is
+ /// missing, it means either there are no CSI Drivers available on the node, or the Kubelet
+ /// version is low enough that it doesn't create this object. CSINode has an OwnerReference that
+ /// points to the corresponding node object.
+ ///
+ public class CSINodeArgs : Pulumi.ResourceArgs
+ {
+ ///
+ /// spec is the specification of CSINode
+ ///
+ [Input("spec", required: true)]
+ public Input Spec { get; set; } = null!;
+
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ [Input("apiVersion")]
+ public Input? ApiVersion { get; set; }
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ [Input("kind")]
+ public Input? Kind { get; set; }
+
+ ///
+ /// metadata.name must be the Kubernetes node name.
+ ///
+ [Input("metadata")]
+ public Input? Metadata { get; set; }
+
+ }
+
+ ///
+ /// CSINodeDriver holds information about the specification of one CSI driver installed on a
+ /// node
+ ///
+ public class CSINodeDriverArgs : Pulumi.ResourceArgs
+ {
+ ///
+ /// This is the name of the CSI driver that this object refers to. This MUST be the same
+ /// name returned by the CSI GetPluginName() call for that driver.
+ ///
+ [Input("name", required: true)]
+ public Input Name { get; set; } = null!;
+
+ ///
+ /// nodeID of the node from the driver point of view. This field enables Kubernetes to
+ /// communicate with storage systems that do not share the same nomenclature for nodes. For
+ /// example, Kubernetes may refer to a given node as "node1", but the storage system may
+ /// refer to the same node as "nodeA". When Kubernetes issues a command to the storage
+ /// system to attach a volume to a specific node, it can use this field to refer to the node
+ /// name using the ID that the storage system will understand, e.g. "nodeA" instead of
+ /// "node1". This field is required.
+ ///
+ [Input("nodeID", required: true)]
+ public Input NodeID { get; set; } = null!;
+
+ ///
+ /// allocatable represents the volume resources of a node that are available for scheduling.
+ /// This field is beta.
+ ///
+ [Input("allocatable")]
+ public Input? Allocatable { get; set; }
+
+ [Input("topologyKeys")]
+ private InputList? _topologyKeys;
+
+ ///
+ /// topologyKeys is the list of keys supported by the driver. When a driver is initialized
+ /// on a cluster, it provides a set of topology keys that it understands (e.g.
+ /// "company.com/zone", "company.com/region"). When a driver is initialized on a node, it
+ /// provides the same topology keys along with values. Kubelet will expose these topology
+ /// keys as labels on its own node object. When Kubernetes does topology aware provisioning,
+ /// it can use this list to determine which labels it should retrieve from the node object
+ /// and pass back to the driver. It is possible for different nodes to use different
+ /// topology keys. This can be empty if driver does not support topology.
+ ///
+ public InputList TopologyKeys
+ {
+ get => _topologyKeys ?? (_topologyKeys = new InputList());
+ set => _topologyKeys = value;
+ }
+
+ }
+
+ ///
+ /// CSINodeList is a collection of CSINode objects.
+ ///
+ public class CSINodeListArgs : Pulumi.ResourceArgs
+ {
+ [Input("items", required: true)]
+ private InputList? _items;
+
+ ///
+ /// items is the list of CSINode
+ ///
+ public InputList Items
+ {
+ get => _items ?? (_items = new InputList());
+ set => _items = value;
+ }
+
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ [Input("apiVersion")]
+ public Input? ApiVersion { get; set; }
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ [Input("kind")]
+ public Input? Kind { get; set; }
+
+ ///
+ /// Standard list metadata More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ ///
+ [Input("metadata")]
+ public Input? Metadata { get; set; }
+
+ }
+
+ ///
+ /// CSINodeSpec holds information about the specification of all CSI drivers installed on a node
+ ///
+ public class CSINodeSpecArgs : Pulumi.ResourceArgs
+ {
+ [Input("drivers", required: true)]
+ private InputList? _drivers;
+
+ ///
+ /// drivers is a list of information of all CSI Drivers existing on a node. If all drivers
+ /// in the list are uninstalled, this can become empty.
+ ///
+ public InputList Drivers
+ {
+ get => _drivers ?? (_drivers = new InputList());
+ set => _drivers = value;
+ }
+
+ }
+
///
/// StorageClass describes the parameters for a class of storage for which PersistentVolumes can
/// be dynamically provisioned.
@@ -27948,6 +28969,23 @@ public class VolumeErrorArgs : Pulumi.ResourceArgs
}
+ ///
+ /// VolumeNodeResources is a set of resource limits for scheduling of volumes.
+ ///
+ public class VolumeNodeResourcesArgs : Pulumi.ResourceArgs
+ {
+ ///
+ /// Maximum number of unique volumes managed by the CSI driver that can be used on a node. A
+ /// volume that is both attached and mounted on a node is considered to be used once, not
+ /// twice. The same rule applies for a unique volume that is shared among multiple pods on
+ /// the same node. If this field is not specified, then the supported number of volumes on
+ /// this node is unbounded.
+ ///
+ [Input("count")]
+ public Input? Count { get; set; }
+
+ }
+
}
namespace V1Alpha1
@@ -28313,6 +29351,9 @@ public InputList VolumeLifecycleModes
}
///
+ /// DEPRECATED - storage/v1beta1/CSINode is not supported by Kubernetes 1.16+ clusters. Use
+ /// storage/v1beta1/CSINode instead.
+ ///
/// CSINode holds information about all CSI drivers installed on a node. CSI drivers do not need
/// to create the CSINode object directly. As long as they use the node-driver-registrar sidecar
/// container, the kubelet will automatically populate the CSINode object for the CSI driver as
diff --git a/sdk/dotnet/Types/Output.cs b/sdk/dotnet/Types/Output.cs
index 302a515583..645aff68ba 100755
--- a/sdk/dotnet/Types/Output.cs
+++ b/sdk/dotnet/Types/Output.cs
@@ -853,7 +853,7 @@ public sealed class MutatingWebhook
public readonly ImmutableArray Rules;
///
- /// SideEffects states whether this webhookk has side effects. Acceptable values are:
+ /// SideEffects states whether this webhook has side effects. Acceptable values are:
/// Unknown, None, Some, NoneOnDryRun Webhooks with side effects MUST implement a
/// reconciliation system, since a request may be rejected by a future step in the admission
/// change and the side effects therefore need to be undone. Requests with the dryRun
@@ -1219,7 +1219,7 @@ public sealed class ValidatingWebhook
public readonly ImmutableArray Rules;
///
- /// SideEffects states whether this webhookk has side effects. Acceptable values are:
+ /// SideEffects states whether this webhook has side effects. Acceptable values are:
/// Unknown, None, Some, NoneOnDryRun Webhooks with side effects MUST implement a
/// reconciliation system, since a request may be rejected by a future step in the admission
/// change and the side effects therefore need to be undone. Requests with the dryRun
@@ -1760,7 +1760,7 @@ public sealed class CustomResourceDefinitionSpec
///
/// scope indicates whether the defined custom resource is cluster- or namespace-scoped.
- /// Allowed values are `Cluster` and `Namespaced`. Default is `Namespaced`.
+ /// Allowed values are `Cluster` and `Namespaced`.
///
public readonly string Scope;
@@ -2068,7 +2068,37 @@ public sealed class JSONSchemaProps
public readonly ApiExtensions.V1.ExternalDocumentation ExternalDocs;
-
+ ///
+ /// format is an OpenAPI v3 format string. Unknown formats are ignored. The following
+ /// formats are validated:
+ ///
+ /// - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as
+ /// parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang
+ /// net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as
+ /// defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang
+ /// net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed
+ /// by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an
+ /// UUID that allows uppercase defined by the regex
+ /// (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3
+ /// that allows uppercase defined by the regex
+ /// (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an
+ /// UUID4 that allows uppercase defined by the regex
+ /// (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5:
+ /// an UUID5 that allows uppercase defined by the regex
+ /// (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an
+ /// ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" - isbn10: an ISBN10
+ /// number string like "0321751043" - isbn13: an ISBN13 number string like "978-0321751041"
+ /// - creditcard: a credit card number defined by the regex
+ /// ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\d{3})\d{11})$
+ /// with any non digit characters mixed in - ssn: a U.S. social security number following
+ /// the regex ^\d{3}[- ]?\d{2}[- ]?\d{4}$ - hexcolor: an hexadecimal color code like
+ /// "#FFFFFF: following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB
+ /// color code like rgb like "rgb(255,255,2559" - byte: base64 encoded binary data -
+ /// password: any kind of string - date: a date string like "2006-01-02" as defined by
+ /// full-date in RFC3339 - duration: a duration string like "22 ns" as parsed by Golang
+ /// time.ParseDuration or compatible with Scala duration format - datetime: a date time
+ /// string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
+ ///
public readonly string Format;
@@ -2178,7 +2208,8 @@ public sealed class JSONSchemaProps
/// may be used on any type of list (struct, scalar, ...).
/// 2) `set`:
/// Sets are lists that must not have multiple items with the same value. Each
- /// value must be a scalar (or another atomic type).
+ /// value must be a scalar, an object with x-kubernetes-map-type `atomic` or an
+ /// array with x-kubernetes-list-type `atomic`.
/// 3) `map`:
/// These lists are like maps in that their elements have a non-index key
/// used to identify them. Order is preserved upon merge. The map tag
@@ -2187,6 +2218,19 @@ public sealed class JSONSchemaProps
///
public readonly string X_kubernetes_list_type;
+ ///
+ /// x-kubernetes-map-type annotates an object to further describe its topology. This
+ /// extension must only be used when type is object and may have 2 possible values:
+ ///
+ /// 1) `granular`:
+ /// These maps are actual maps (key-value pairs) and each fields are independent
+ /// from each other (they can each be manipulated by separate actors). This is
+ /// the default behaviour for all maps.
+ /// 2) `atomic`: the list is treated as a single entity, like a scalar.
+ /// Atomic maps will be entirely replaced when updated.
+ ///
+ public readonly string X_kubernetes_map_type;
+
///
/// x-kubernetes-preserve-unknown-fields stops the API server decoding step from pruning
/// fields which are not specified in the validation schema. This affects fields
@@ -2239,6 +2283,7 @@ private JSONSchemaProps(
bool @x_kubernetes_int_or_string,
ImmutableArray @x_kubernetes_list_map_keys,
string @x_kubernetes_list_type,
+ string @x_kubernetes_map_type,
bool @x_kubernetes_preserve_unknown_fields)
{
this.Ref = @ref;
@@ -2282,6 +2327,7 @@ private JSONSchemaProps(
this.X_kubernetes_int_or_string = @x_kubernetes_int_or_string;
this.X_kubernetes_list_map_keys = @x_kubernetes_list_map_keys;
this.X_kubernetes_list_type = @x_kubernetes_list_type;
+ this.X_kubernetes_map_type = @x_kubernetes_map_type;
this.X_kubernetes_preserve_unknown_fields = @x_kubernetes_preserve_unknown_fields;
}
@@ -3128,7 +3174,37 @@ public sealed class JSONSchemaProps
public readonly ApiExtensions.V1Beta1.ExternalDocumentation ExternalDocs;
-
+ ///
+ /// format is an OpenAPI v3 format string. Unknown formats are ignored. The following
+ /// formats are validated:
+ ///
+ /// - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as
+ /// parsed by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang
+ /// net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as
+ /// defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang
+ /// net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed
+ /// by Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an
+ /// UUID that allows uppercase defined by the regex
+ /// (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3
+ /// that allows uppercase defined by the regex
+ /// (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an
+ /// UUID4 that allows uppercase defined by the regex
+ /// (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5:
+ /// an UUID5 that allows uppercase defined by the regex
+ /// (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an
+ /// ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" - isbn10: an ISBN10
+ /// number string like "0321751043" - isbn13: an ISBN13 number string like "978-0321751041"
+ /// - creditcard: a credit card number defined by the regex
+ /// ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\d{3})\d{11})$
+ /// with any non digit characters mixed in - ssn: a U.S. social security number following
+ /// the regex ^\d{3}[- ]?\d{2}[- ]?\d{4}$ - hexcolor: an hexadecimal color code like
+ /// "#FFFFFF: following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB
+ /// color code like rgb like "rgb(255,255,2559" - byte: base64 encoded binary data -
+ /// password: any kind of string - date: a date string like "2006-01-02" as defined by
+ /// full-date in RFC3339 - duration: a duration string like "22 ns" as parsed by Golang
+ /// time.ParseDuration or compatible with Scala duration format - datetime: a date time
+ /// string like "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
+ ///
public readonly string Format;
@@ -3238,7 +3314,8 @@ public sealed class JSONSchemaProps
/// may be used on any type of list (struct, scalar, ...).
/// 2) `set`:
/// Sets are lists that must not have multiple items with the same value. Each
- /// value must be a scalar (or another atomic type).
+ /// value must be a scalar, an object with x-kubernetes-map-type `atomic` or an
+ /// array with x-kubernetes-list-type `atomic`.
/// 3) `map`:
/// These lists are like maps in that their elements have a non-index key
/// used to identify them. Order is preserved upon merge. The map tag
@@ -3247,6 +3324,19 @@ public sealed class JSONSchemaProps
///
public readonly string X_kubernetes_list_type;
+ ///
+ /// x-kubernetes-map-type annotates an object to further describe its topology. This
+ /// extension must only be used when type is object and may have 2 possible values:
+ ///
+ /// 1) `granular`:
+ /// These maps are actual maps (key-value pairs) and each fields are independent
+ /// from each other (they can each be manipulated by separate actors). This is
+ /// the default behaviour for all maps.
+ /// 2) `atomic`: the list is treated as a single entity, like a scalar.
+ /// Atomic maps will be entirely replaced when updated.
+ ///
+ public readonly string X_kubernetes_map_type;
+
///
/// x-kubernetes-preserve-unknown-fields stops the API server decoding step from pruning
/// fields which are not specified in the validation schema. This affects fields
@@ -3299,6 +3389,7 @@ private JSONSchemaProps(
bool @x_kubernetes_int_or_string,
ImmutableArray @x_kubernetes_list_map_keys,
string @x_kubernetes_list_type,
+ string @x_kubernetes_map_type,
bool @x_kubernetes_preserve_unknown_fields)
{
this.Ref = @ref;
@@ -3342,6 +3433,7 @@ private JSONSchemaProps(
this.X_kubernetes_int_or_string = @x_kubernetes_int_or_string;
this.X_kubernetes_list_map_keys = @x_kubernetes_list_map_keys;
this.X_kubernetes_list_type = @x_kubernetes_list_type;
+ this.X_kubernetes_map_type = @x_kubernetes_map_type;
this.X_kubernetes_preserve_unknown_fields = @x_kubernetes_preserve_unknown_fields;
}
@@ -15449,7 +15541,7 @@ public sealed class EnvVarSource
///
/// Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels,
/// metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP,
- /// status.podIP.
+ /// status.podIP, status.podIPs.
///
public readonly Core.V1.ObjectFieldSelector FieldRef;
@@ -19456,8 +19548,7 @@ public sealed class PodSpec
/// Share a single process namespace between all of the containers in a pod. When this is
/// set containers will be able to view and signal processes from other containers in the
/// same pod, and the first process in each container will not be assigned PID 1. HostPID
- /// and ShareProcessNamespace cannot both be set. Optional: Default to false. This field is
- /// beta-level and may be disabled with the PodShareProcessNamespace feature.
+ /// and ShareProcessNamespace cannot both be set. Optional: Default to false.
///
public readonly bool ShareProcessNamespace;
@@ -21837,6 +21928,19 @@ public sealed class ServiceSpec
///
public readonly Core.V1.SessionAffinityConfig SessionAffinityConfig;
+ ///
+ /// topologyKeys is a preference-order list of topology keys which implementations of
+ /// services should use to preferentially sort endpoints when accessing this Service, it can
+ /// not be used at the same time as externalTrafficPolicy=Local. Topology keys must be valid
+ /// label keys and at most 16 keys may be specified. Endpoints are chosen based on the first
+ /// topology key with available backends. If this field is specified and all entries have no
+ /// backends that match the topology of the client, the service has no backends for that
+ /// client and connections should fail. The special value "*" may be used to mean "any
+ /// topology". This catch-all value, if used, only makes sense as the last value in the
+ /// list. If this is not specified or empty, no topology constraints will be applied.
+ ///
+ public readonly ImmutableArray TopologyKeys;
+
///
/// type determines how the Service is exposed. Defaults to ClusterIP. Valid options are
/// ExternalName, ClusterIP, NodePort, and LoadBalancer. "ExternalName" maps to the
@@ -21867,6 +21971,7 @@ private ServiceSpec(
ImmutableDictionary @selector,
string @sessionAffinity,
Core.V1.SessionAffinityConfig @sessionAffinityConfig,
+ ImmutableArray @topologyKeys,
string @type)
{
this.ClusterIP = @clusterIP;
@@ -21882,6 +21987,7 @@ private ServiceSpec(
this.Selector = @selector;
this.SessionAffinity = @sessionAffinity;
this.SessionAffinityConfig = @sessionAffinityConfig;
+ this.TopologyKeys = @topologyKeys;
this.Type = @type;
}
@@ -22638,7 +22744,7 @@ public sealed class VolumeMount
/// Expanded path within the volume from which the container's volume should be mounted.
/// Behaves similarly to SubPath but environment variable references $(VAR_NAME) are
/// expanded using the container's environment. Defaults to "" (volume's root). SubPathExpr
- /// and SubPath are mutually exclusive. This field is beta in 1.15.
+ /// and SubPath are mutually exclusive.
///
public readonly string SubPathExpr;
@@ -22812,8 +22918,8 @@ public sealed class WindowsSecurityContextOptions
/// The UserName in Windows to run the entrypoint of the container process. Defaults to the
/// user specified in image metadata if unspecified. May also be set in PodSecurityContext.
/// If set in both SecurityContext and PodSecurityContext, the value specified in
- /// SecurityContext takes precedence. This field is alpha-level and it is only honored by
- /// servers that enable the WindowsRunAsUserName feature flag.
+ /// SecurityContext takes precedence. This field is beta-level and may be disabled with the
+ /// WindowsRunAsUserName feature flag.
///
public readonly string RunAsUserName;
@@ -22835,7 +22941,7 @@ private WindowsSecurityContextOptions(
namespace Pulumi.Kubernetes.Types.Outputs.Discovery
{
- namespace V1Alpha1
+ namespace V1Beta1
{
///
/// Endpoint represents a single logical "backend" implementing a service.
@@ -22845,8 +22951,7 @@ public sealed class Endpoint
{
///
/// addresses of this endpoint. The contents of this field are interpreted according to the
- /// corresponding EndpointSlice addressType field. This allows for cases like dual-stack
- /// (IPv4 and IPv6) networking. Consumers (e.g. kube-proxy) must handle different types of
+ /// corresponding EndpointSlice addressType field. Consumers must handle different types of
/// addresses in the context of their own capabilities. This must contain at least one
/// address but no more than 100.
///
@@ -22855,7 +22960,7 @@ public sealed class Endpoint
///
/// conditions contains information about the current status of the endpoint.
///
- public readonly Discovery.V1Alpha1.EndpointConditions Conditions;
+ public readonly Discovery.V1Beta1.EndpointConditions Conditions;
///
/// hostname of this endpoint. This field may be used by consumers of endpoints to
@@ -22889,7 +22994,7 @@ public sealed class Endpoint
[OutputConstructor]
private Endpoint(
ImmutableArray @addresses,
- Discovery.V1Alpha1.EndpointConditions @conditions,
+ Discovery.V1Beta1.EndpointConditions @conditions,
string @hostname,
Core.V1.ObjectReference @targetRef,
ImmutableDictionary @topology)
@@ -22929,13 +23034,21 @@ private EndpointConditions(
[OutputType]
public sealed class EndpointPort
{
+ ///
+ /// The application protocol for this port. This field follows standard Kubernetes label
+ /// syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335
+ /// and http://www.iana.org/assignments/service-names). Non-standard protocols should use
+ /// prefixed names. Default is empty string.
+ ///
+ public readonly string AppProtocol;
+
///
/// The name of this port. All ports in an EndpointSlice must have a unique name. If the
/// EndpointSlice is dervied from a Kubernetes service, this corresponds to the
- /// Service.ports[].name. Name must either be an empty string or pass IANA_SVC_NAME
- /// validation: * must be no more than 15 characters long * may contain only [-a-z0-9] *
- /// must contain at least one letter [a-z] * it must not start or end with a hyphen, nor
- /// contain adjacent hyphens Default is empty string.
+ /// Service.ports[].name. Name must either be an empty string or pass DNS_LABEL validation:
+ /// * must be no more than 63 characters long. * must consist of lower case alphanumeric
+ /// characters or '-'. * must start and end with an alphanumeric character. Default is empty
+ /// string.
///
public readonly string Name;
@@ -22952,10 +23065,12 @@ public sealed class EndpointPort
[OutputConstructor]
private EndpointPort(
+ string @appProtocol,
string @name,
int @port,
string @protocol)
{
+ this.AppProtocol = @appProtocol;
this.Name = @name;
this.Port = @port;
this.Protocol = @protocol;
@@ -22972,7 +23087,9 @@ public sealed class EndpointSlice
{
///
/// addressType specifies the type of address carried by this EndpointSlice. All addresses
- /// in this slice must be the same type. Default is IP
+ /// in this slice must be the same type. This field is immutable after creation. The
+ /// following address types are currently supported: * IPv4: Represents an IPv4 Address. *
+ /// IPv6: Represents an IPv6 Address. * FQDN: Represents a Fully Qualified Domain Name.
///
public readonly string AddressType;
@@ -22988,7 +23105,7 @@ public sealed class EndpointSlice
/// endpoints is a list of unique endpoints in this slice. Each slice may include a maximum
/// of 1000 endpoints.
///
- public readonly ImmutableArray Endpoints;
+ public readonly ImmutableArray Endpoints;
///
/// Kind is a string value representing the REST resource this object represents. Servers
@@ -23009,16 +23126,16 @@ public sealed class EndpointSlice
/// defined ports. When a port is defined with a nil port value, it indicates "all ports".
/// Each slice may include a maximum of 100 ports.
///
- public readonly ImmutableArray Ports;
+ public readonly ImmutableArray Ports;
[OutputConstructor]
private EndpointSlice(
string @addressType,
string @apiVersion,
- ImmutableArray @endpoints,
+ ImmutableArray @endpoints,
string @kind,
Meta.V1.ObjectMeta @metadata,
- ImmutableArray @ports)
+ ImmutableArray @ports)
{
this.AddressType = @addressType;
this.ApiVersion = @apiVersion;
@@ -23046,7 +23163,7 @@ public sealed class EndpointSliceList
///
/// List of endpoint slices
///
- public readonly ImmutableArray Items;
+ public readonly ImmutableArray Items;
///
/// Kind is a string value representing the REST resource this object represents. Servers
@@ -23064,7 +23181,7 @@ public sealed class EndpointSliceList
[OutputConstructor]
private EndpointSliceList(
string @apiVersion,
- ImmutableArray @items,
+ ImmutableArray @items,
string @kind,
Meta.V1.ListMeta @metadata)
{
@@ -25782,83 +25899,37 @@ private SupplementalGroupsStrategyOptions(
}
-namespace Pulumi.Kubernetes.Types.Outputs.Meta
+namespace Pulumi.Kubernetes.Types.Outputs.FlowControl
{
- namespace V1
+ namespace V1Alpha1
{
///
- /// APIGroup contains the name, the supported versions, and the preferred version of a group.
+ /// FlowDistinguisherMethod specifies the method of a flow distinguisher.
///
[OutputType]
- public sealed class APIGroup
+ public sealed class FlowDistinguisherMethod
{
///
- /// APIVersion defines the versioned schema of this representation of an object. Servers
- /// should convert recognized schemas to the latest internal value, and may reject
- /// unrecognized values. More info:
- /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
- ///
- public readonly string ApiVersion;
-
- ///
- /// Kind is a string value representing the REST resource this object represents. Servers
- /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
- /// CamelCase. More info:
- /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
- ///
- public readonly string Kind;
-
- ///
- /// name is the name of the group.
- ///
- public readonly string Name;
-
- ///
- /// preferredVersion is the version preferred by the API server, which probably is the
- /// storage version.
- ///
- public readonly Meta.V1.GroupVersionForDiscovery PreferredVersion;
-
- ///
- /// a map of client CIDR to server address that is serving this group. This is to help
- /// clients reach servers in the most network-efficient way possible. Clients can use the
- /// appropriate server address as per the CIDR that they match. In case of multiple matches,
- /// clients should use the longest matching CIDR. The server returns only those CIDRs that
- /// it thinks that the client can match. For example: the master will return an internal IP
- /// CIDR only, if the client reaches the server using an internal IP. Server looks at
- /// X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get
- /// the client IP.
- ///
- public readonly ImmutableArray ServerAddressByClientCIDRs;
-
- ///
- /// versions are the versions supported in this group.
+ /// `type` is the type of flow distinguisher method The supported types are "ByUser" and
+ /// "ByNamespace". Required.
///
- public readonly ImmutableArray Versions;
+ public readonly string Type;
[OutputConstructor]
- private APIGroup(
- string @apiVersion,
- string @kind,
- string @name,
- Meta.V1.GroupVersionForDiscovery @preferredVersion,
- ImmutableArray @serverAddressByClientCIDRs,
- ImmutableArray @versions)
+ private FlowDistinguisherMethod(
+ string @type)
{
- this.ApiVersion = @apiVersion;
- this.Kind = @kind;
- this.Name = @name;
- this.PreferredVersion = @preferredVersion;
- this.ServerAddressByClientCIDRs = @serverAddressByClientCIDRs;
- this.Versions = @versions;
+ this.Type = @type;
}
}
///
- /// APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis.
+ /// FlowSchema defines the schema of a group of flows. Note that a flow is made up of a set of
+ /// inbound API requests with similar attributes and is identified by a pair of strings: the
+ /// name of the FlowSchema and a "flow distinguisher".
///
[OutputType]
- public sealed class APIGroupList
+ public sealed class FlowSchema
{
///
/// APIVersion defines the versioned schema of this representation of an object. Servers
@@ -25868,11 +25939,6 @@ public sealed class APIGroupList
///
public readonly string ApiVersion;
- ///
- /// groups is a list of APIGroup.
- ///
- public readonly ImmutableArray Groups;
-
///
/// Kind is a string value representing the REST resource this object represents. Servers
/// may infer this from the endpoint the client submits requests to. Cannot be updated. In
@@ -25881,116 +25947,93 @@ public sealed class APIGroupList
///
public readonly string Kind;
+ ///
+ /// `metadata` is the standard object's metadata. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ ///
+ public readonly Meta.V1.ObjectMeta Metadata;
+
+ ///
+ /// `spec` is the specification of the desired behavior of a FlowSchema. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ ///
+ public readonly FlowControl.V1Alpha1.FlowSchemaSpec Spec;
+
+ ///
+ /// `status` is the current status of a FlowSchema. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ ///
+ public readonly FlowControl.V1Alpha1.FlowSchemaStatus Status;
+
[OutputConstructor]
- private APIGroupList(
+ private FlowSchema(
string @apiVersion,
- ImmutableArray @groups,
- string @kind)
+ string @kind,
+ Meta.V1.ObjectMeta @metadata,
+ FlowControl.V1Alpha1.FlowSchemaSpec @spec,
+ FlowControl.V1Alpha1.FlowSchemaStatus @status)
{
this.ApiVersion = @apiVersion;
- this.Groups = @groups;
this.Kind = @kind;
+ this.Metadata = @metadata;
+ this.Spec = @spec;
+ this.Status = @status;
}
}
///
- /// APIResource specifies the name of a resource and whether it is namespaced.
+ /// FlowSchemaCondition describes conditions for a FlowSchema.
///
[OutputType]
- public sealed class APIResource
+ public sealed class FlowSchemaCondition
{
///
- /// categories is a list of the grouped resources this resource belongs to (e.g. 'all')
- ///
- public readonly ImmutableArray Categories;
-
- ///
- /// group is the preferred group of the resource. Empty implies the group of the containing
- /// resource list. For subresources, this may have a different value, for example: Scale".
- ///
- public readonly string Group;
-
- ///
- /// kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')
- ///
- public readonly string Kind;
-
- ///
- /// name is the plural name of the resource.
- ///
- public readonly string Name;
-
- ///
- /// namespaced indicates if a resource is namespaced or not.
- ///
- public readonly bool Namespaced;
-
- ///
- /// shortNames is a list of suggested short names of the resource.
+ /// `lastTransitionTime` is the last time the condition transitioned from one status to
+ /// another.
///
- public readonly ImmutableArray ShortNames;
+ public readonly string LastTransitionTime;
///
- /// singularName is the singular name of the resource. This allows clients to handle plural
- /// and singular opaquely. The singularName is more correct for reporting status on a single
- /// item and both singular and plural are allowed from the kubectl CLI interface.
+ /// `message` is a human-readable message indicating details about last transition.
///
- public readonly string SingularName;
+ public readonly string Message;
///
- /// The hash value of the storage version, the version this resource is converted to when
- /// written to the data store. Value must be treated as opaque by clients. Only equality
- /// comparison on the value is valid. This is an alpha feature and may change or be removed
- /// in the future. The field is populated by the apiserver only if the StorageVersionHash
- /// feature gate is enabled. This field will remain optional even if it graduates.
+ /// `reason` is a unique, one-word, CamelCase reason for the condition's last transition.
///
- public readonly string StorageVersionHash;
+ public readonly string Reason;
///
- /// verbs is a list of supported kube verbs (this includes get, list, watch, create, update,
- /// patch, delete, deletecollection, and proxy)
+ /// `status` is the status of the condition. Can be True, False, Unknown. Required.
///
- public readonly ImmutableArray Verbs;
+ public readonly string Status;
///
- /// version is the preferred version of the resource. Empty implies the version of the
- /// containing resource list For subresources, this may have a different value, for example:
- /// v1 (while inside a v1beta1 version of the core resource's group)".
+ /// `type` is the type of the condition. Required.
///
- public readonly string Version;
+ public readonly string Type;
[OutputConstructor]
- private APIResource(
- ImmutableArray @categories,
- string @group,
- string @kind,
- string @name,
- bool @namespaced,
- ImmutableArray @shortNames,
- string @singularName,
- string @storageVersionHash,
- ImmutableArray @verbs,
- string @version)
+ private FlowSchemaCondition(
+ string @lastTransitionTime,
+ string @message,
+ string @reason,
+ string @status,
+ string @type)
{
- this.Categories = @categories;
- this.Group = @group;
- this.Kind = @kind;
- this.Name = @name;
- this.Namespaced = @namespaced;
- this.ShortNames = @shortNames;
- this.SingularName = @singularName;
- this.StorageVersionHash = @storageVersionHash;
- this.Verbs = @verbs;
- this.Version = @version;
+ this.LastTransitionTime = @lastTransitionTime;
+ this.Message = @message;
+ this.Reason = @reason;
+ this.Status = @status;
+ this.Type = @type;
}
}
///
- /// APIResourceList is a list of APIResource, it is used to expose the name of the resources
- /// supported in a specific group and version, and if the resource is namespaced.
+ /// FlowSchemaList is a list of FlowSchema objects.
///
[OutputType]
- public sealed class APIResourceList
+ public sealed class FlowSchemaList
{
///
/// APIVersion defines the versioned schema of this representation of an object. Servers
@@ -26001,9 +26044,9 @@ public sealed class APIResourceList
public readonly string ApiVersion;
///
- /// groupVersion is the group and version this APIResourceList is for.
+ /// `items` is a list of FlowSchemas.
///
- public readonly string GroupVersion;
+ public readonly ImmutableArray Items;
///
/// Kind is a string value representing the REST resource this object represents. Servers
@@ -26014,87 +26057,992 @@ public sealed class APIResourceList
public readonly string Kind;
///
- /// resources contains the name of the resources and if they are namespaced.
+ /// `metadata` is the standard list metadata. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
///
- public readonly ImmutableArray Resources;
+ public readonly Meta.V1.ListMeta Metadata;
[OutputConstructor]
- private APIResourceList(
+ private FlowSchemaList(
string @apiVersion,
- string @groupVersion,
+ ImmutableArray @items,
string @kind,
- ImmutableArray @resources)
+ Meta.V1.ListMeta @metadata)
{
this.ApiVersion = @apiVersion;
- this.GroupVersion = @groupVersion;
+ this.Items = @items;
this.Kind = @kind;
- this.Resources = @resources;
+ this.Metadata = @metadata;
}
}
///
- /// APIVersions lists the versions that are available, to allow clients to discover the API at
- /// /api, which is the root path of the legacy v1 API.
+ /// FlowSchemaSpec describes how the FlowSchema's specification looks like.
///
[OutputType]
- public sealed class APIVersions
+ public sealed class FlowSchemaSpec
{
///
- /// APIVersion defines the versioned schema of this representation of an object. Servers
- /// should convert recognized schemas to the latest internal value, and may reject
- /// unrecognized values. More info:
- /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ /// `distinguisherMethod` defines how to compute the flow distinguisher for requests that
+ /// match this schema. `nil` specifies that the distinguisher is disabled and thus will
+ /// always be the empty string.
///
- public readonly string ApiVersion;
+ public readonly FlowControl.V1Alpha1.FlowDistinguisherMethod DistinguisherMethod;
///
- /// Kind is a string value representing the REST resource this object represents. Servers
- /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
- /// CamelCase. More info:
- /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ /// `matchingPrecedence` is used to choose among the FlowSchemas that match a given request.
+ /// The chosen FlowSchema is among those with the numerically lowest (which we take to be
+ /// logically highest) MatchingPrecedence. Each MatchingPrecedence value must be
+ /// non-negative. Note that if the precedence is not specified or zero, it will be set to
+ /// 1000 as default.
///
- public readonly string Kind;
+ public readonly int MatchingPrecedence;
///
- /// a map of client CIDR to server address that is serving this group. This is to help
- /// clients reach servers in the most network-efficient way possible. Clients can use the
- /// appropriate server address as per the CIDR that they match. In case of multiple matches,
- /// clients should use the longest matching CIDR. The server returns only those CIDRs that
- /// it thinks that the client can match. For example: the master will return an internal IP
- /// CIDR only, if the client reaches the server using an internal IP. Server looks at
- /// X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get
- /// the client IP.
+ /// `priorityLevelConfiguration` should reference a PriorityLevelConfiguration in the
+ /// cluster. If the reference cannot be resolved, the FlowSchema will be ignored and marked
+ /// as invalid in its status. Required.
///
- public readonly ImmutableArray ServerAddressByClientCIDRs;
+ public readonly FlowControl.V1Alpha1.PriorityLevelConfigurationReference PriorityLevelConfiguration;
///
- /// versions are the api versions that are available.
+ /// `rules` describes which requests will match this flow schema. This FlowSchema matches a
+ /// request if and only if at least one member of rules matches the request. if it is an
+ /// empty slice, there will be no requests matching the FlowSchema.
///
- public readonly ImmutableArray Versions;
+ public readonly ImmutableArray Rules;
[OutputConstructor]
- private APIVersions(
- string @apiVersion,
- string @kind,
- ImmutableArray @serverAddressByClientCIDRs,
- ImmutableArray @versions)
+ private FlowSchemaSpec(
+ FlowControl.V1Alpha1.FlowDistinguisherMethod @distinguisherMethod,
+ int @matchingPrecedence,
+ FlowControl.V1Alpha1.PriorityLevelConfigurationReference @priorityLevelConfiguration,
+ ImmutableArray @rules)
{
- this.ApiVersion = @apiVersion;
- this.Kind = @kind;
- this.ServerAddressByClientCIDRs = @serverAddressByClientCIDRs;
- this.Versions = @versions;
+ this.DistinguisherMethod = @distinguisherMethod;
+ this.MatchingPrecedence = @matchingPrecedence;
+ this.PriorityLevelConfiguration = @priorityLevelConfiguration;
+ this.Rules = @rules;
}
}
///
- /// DeleteOptions may be provided when deleting an API object.
+ /// FlowSchemaStatus represents the current state of a FlowSchema.
///
[OutputType]
- public sealed class DeleteOptions
+ public sealed class FlowSchemaStatus
{
///
- /// APIVersion defines the versioned schema of this representation of an object. Servers
- /// should convert recognized schemas to the latest internal value, and may reject
+ /// `conditions` is a list of the current states of FlowSchema.
+ ///
+ public readonly ImmutableArray Conditions;
+
+ [OutputConstructor]
+ private FlowSchemaStatus(
+ ImmutableArray @conditions)
+ {
+ this.Conditions = @conditions;
+ }
+
+ }
+ ///
+ /// GroupSubject holds detailed information for group-kind subject.
+ ///
+ [OutputType]
+ public sealed class GroupSubject
+ {
+ ///
+ /// name is the user group that matches, or "*" to match all user groups. See
+ /// https://github.com/kubernetes/apiserver/blob/master/pkg/authentication/user/user.go for
+ /// some well-known group names. Required.
+ ///
+ public readonly string Name;
+
+ [OutputConstructor]
+ private GroupSubject(
+ string @name)
+ {
+ this.Name = @name;
+ }
+
+ }
+ ///
+ /// LimitResponse defines how to handle requests that can not be executed right now.
+ ///
+ [OutputType]
+ public sealed class LimitResponse
+ {
+ ///
+ /// `queuing` holds the configuration parameters for queuing. This field may be non-empty
+ /// only if `type` is `"Queue"`.
+ ///
+ public readonly FlowControl.V1Alpha1.QueuingConfiguration Queuing;
+
+ ///
+ /// `type` is "Queue" or "Reject". "Queue" means that requests that can not be executed upon
+ /// arrival are held in a queue until they can be executed or a queuing limit is reached.
+ /// "Reject" means that requests that can not be executed upon arrival are rejected.
+ /// Required.
+ ///
+ public readonly string Type;
+
+ [OutputConstructor]
+ private LimitResponse(
+ FlowControl.V1Alpha1.QueuingConfiguration @queuing,
+ string @type)
+ {
+ this.Queuing = @queuing;
+ this.Type = @type;
+ }
+
+ }
+ ///
+ /// LimitedPriorityLevelConfiguration specifies how to handle requests that are subject to
+ /// limits. It addresses two issues:
+ /// * How are requests for this priority level limited?
+ /// * What should be done with requests that exceed the limit?
+ ///
+ [OutputType]
+ public sealed class LimitedPriorityLevelConfiguration
+ {
+ ///
+ /// `assuredConcurrencyShares` (ACS) configures the execution limit, which is a limit on the
+ /// number of requests of this priority level that may be exeucting at a given time. ACS
+ /// must be a positive number. The server's concurrency limit (SCL) is divided among the
+ /// concurrency-controlled priority levels in proportion to their assured concurrency
+ /// shares. This produces the assured concurrency value (ACV) --- the number of requests
+ /// that may be executing at a time --- for each such priority level:
+ ///
+ /// ACV(l) = ceil( SCL * ACS(l) / ( sum[priority levels k] ACS(k) ) )
+ ///
+ /// bigger numbers of ACS mean more reserved concurrent requests (at the expense of every
+ /// other PL). This field has a default value of 30.
+ ///
+ public readonly int AssuredConcurrencyShares;
+
+ ///
+ /// `limitResponse` indicates what to do with requests that can not be executed right now
+ ///
+ public readonly FlowControl.V1Alpha1.LimitResponse LimitResponse;
+
+ [OutputConstructor]
+ private LimitedPriorityLevelConfiguration(
+ int @assuredConcurrencyShares,
+ FlowControl.V1Alpha1.LimitResponse @limitResponse)
+ {
+ this.AssuredConcurrencyShares = @assuredConcurrencyShares;
+ this.LimitResponse = @limitResponse;
+ }
+
+ }
+ ///
+ /// NonResourcePolicyRule is a predicate that matches non-resource requests according to their
+ /// verb and the target non-resource URL. A NonResourcePolicyRule matches a request if and only
+ /// if both (a) at least one member of verbs matches the request and (b) at least one member of
+ /// nonResourceURLs matches the request.
+ ///
+ [OutputType]
+ public sealed class NonResourcePolicyRule
+ {
+ ///
+ /// `nonResourceURLs` is a set of url prefixes that a user should have access to and may not
+ /// be empty. For example:
+ /// - "/healthz" is legal
+ /// - "/hea*" is illegal
+ /// - "/hea" is legal but matches nothing
+ /// - "/hea/*" also matches nothing
+ /// - "/healthz/*" matches all per-component health checks.
+ /// "*" matches all non-resource urls. if it is present, it must be the only entry.
+ /// Required.
+ ///
+ public readonly ImmutableArray NonResourceURLs;
+
+ ///
+ /// `verbs` is a list of matching verbs and may not be empty. "*" matches all verbs. If it
+ /// is present, it must be the only entry. Required.
+ ///
+ public readonly ImmutableArray Verbs;
+
+ [OutputConstructor]
+ private NonResourcePolicyRule(
+ ImmutableArray @nonResourceURLs,
+ ImmutableArray @verbs)
+ {
+ this.NonResourceURLs = @nonResourceURLs;
+ this.Verbs = @verbs;
+ }
+
+ }
+ ///
+ /// PolicyRulesWithSubjects prescribes a test that applies to a request to an apiserver. The
+ /// test considers the subject making the request, the verb being requested, and the resource to
+ /// be acted upon. This PolicyRulesWithSubjects matches a request if and only if both (a) at
+ /// least one member of subjects matches the request and (b) at least one member of
+ /// resourceRules or nonResourceRules matches the request.
+ ///
+ [OutputType]
+ public sealed class PolicyRulesWithSubjects
+ {
+ ///
+ /// `nonResourceRules` is a list of NonResourcePolicyRules that identify matching requests
+ /// according to their verb and the target non-resource URL.
+ ///
+ public readonly ImmutableArray NonResourceRules;
+
+ ///
+ /// `resourceRules` is a slice of ResourcePolicyRules that identify matching requests
+ /// according to their verb and the target resource. At least one of `resourceRules` and
+ /// `nonResourceRules` has to be non-empty.
+ ///
+ public readonly ImmutableArray ResourceRules;
+
+ ///
+ /// subjects is the list of normal user, serviceaccount, or group that this rule cares
+ /// about. There must be at least one member in this slice. A slice that includes both the
+ /// system:authenticated and system:unauthenticated user groups matches every request.
+ /// Required.
+ ///
+ public readonly ImmutableArray Subjects;
+
+ [OutputConstructor]
+ private PolicyRulesWithSubjects(
+ ImmutableArray @nonResourceRules,
+ ImmutableArray @resourceRules,
+ ImmutableArray @subjects)
+ {
+ this.NonResourceRules = @nonResourceRules;
+ this.ResourceRules = @resourceRules;
+ this.Subjects = @subjects;
+ }
+
+ }
+ ///
+ /// PriorityLevelConfiguration represents the configuration of a priority level.
+ ///
+ [OutputType]
+ public sealed class PriorityLevelConfiguration
+ {
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ public readonly string ApiVersion;
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ public readonly string Kind;
+
+ ///
+ /// `metadata` is the standard object's metadata. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ ///
+ public readonly Meta.V1.ObjectMeta Metadata;
+
+ ///
+ /// `spec` is the specification of the desired behavior of a "request-priority". More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ ///
+ public readonly FlowControl.V1Alpha1.PriorityLevelConfigurationSpec Spec;
+
+ ///
+ /// `status` is the current status of a "request-priority". More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ ///
+ public readonly FlowControl.V1Alpha1.PriorityLevelConfigurationStatus Status;
+
+ [OutputConstructor]
+ private PriorityLevelConfiguration(
+ string @apiVersion,
+ string @kind,
+ Meta.V1.ObjectMeta @metadata,
+ FlowControl.V1Alpha1.PriorityLevelConfigurationSpec @spec,
+ FlowControl.V1Alpha1.PriorityLevelConfigurationStatus @status)
+ {
+ this.ApiVersion = @apiVersion;
+ this.Kind = @kind;
+ this.Metadata = @metadata;
+ this.Spec = @spec;
+ this.Status = @status;
+ }
+
+ }
+ ///
+ /// PriorityLevelConfigurationCondition defines the condition of priority level.
+ ///
+ [OutputType]
+ public sealed class PriorityLevelConfigurationCondition
+ {
+ ///
+ /// `lastTransitionTime` is the last time the condition transitioned from one status to
+ /// another.
+ ///
+ public readonly string LastTransitionTime;
+
+ ///
+ /// `message` is a human-readable message indicating details about last transition.
+ ///
+ public readonly string Message;
+
+ ///
+ /// `reason` is a unique, one-word, CamelCase reason for the condition's last transition.
+ ///
+ public readonly string Reason;
+
+ ///
+ /// `status` is the status of the condition. Can be True, False, Unknown. Required.
+ ///
+ public readonly string Status;
+
+ ///
+ /// `type` is the type of the condition. Required.
+ ///
+ public readonly string Type;
+
+ [OutputConstructor]
+ private PriorityLevelConfigurationCondition(
+ string @lastTransitionTime,
+ string @message,
+ string @reason,
+ string @status,
+ string @type)
+ {
+ this.LastTransitionTime = @lastTransitionTime;
+ this.Message = @message;
+ this.Reason = @reason;
+ this.Status = @status;
+ this.Type = @type;
+ }
+
+ }
+ ///
+ /// PriorityLevelConfigurationList is a list of PriorityLevelConfiguration objects.
+ ///
+ [OutputType]
+ public sealed class PriorityLevelConfigurationList
+ {
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ public readonly string ApiVersion;
+
+ ///
+ /// `items` is a list of request-priorities.
+ ///
+ public readonly ImmutableArray Items;
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ public readonly string Kind;
+
+ ///
+ /// `metadata` is the standard object's metadata. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ ///
+ public readonly Meta.V1.ListMeta Metadata;
+
+ [OutputConstructor]
+ private PriorityLevelConfigurationList(
+ string @apiVersion,
+ ImmutableArray @items,
+ string @kind,
+ Meta.V1.ListMeta @metadata)
+ {
+ this.ApiVersion = @apiVersion;
+ this.Items = @items;
+ this.Kind = @kind;
+ this.Metadata = @metadata;
+ }
+
+ }
+ ///
+ /// PriorityLevelConfigurationReference contains information that points to the
+ /// "request-priority" being used.
+ ///
+ [OutputType]
+ public sealed class PriorityLevelConfigurationReference
+ {
+ ///
+ /// `name` is the name of the priority level configuration being referenced Required.
+ ///
+ public readonly string Name;
+
+ [OutputConstructor]
+ private PriorityLevelConfigurationReference(
+ string @name)
+ {
+ this.Name = @name;
+ }
+
+ }
+ ///
+ /// PriorityLevelConfigurationSpec specifies the configuration of a priority level.
+ ///
+ [OutputType]
+ public sealed class PriorityLevelConfigurationSpec
+ {
+ ///
+ /// `limited` specifies how requests are handled for a Limited priority level. This field
+ /// must be non-empty if and only if `type` is `"Limited"`.
+ ///
+ public readonly FlowControl.V1Alpha1.LimitedPriorityLevelConfiguration Limited;
+
+ ///
+ /// `type` indicates whether this priority level is subject to limitation on request
+ /// execution. A value of `"Exempt"` means that requests of this priority level are not
+ /// subject to a limit (and thus are never queued) and do not detract from the capacity made
+ /// available to other priority levels. A value of `"Limited"` means that (a) requests of
+ /// this priority level _are_ subject to limits and (b) some of the server's limited
+ /// capacity is made available exclusively to this priority level. Required.
+ ///
+ public readonly string Type;
+
+ [OutputConstructor]
+ private PriorityLevelConfigurationSpec(
+ FlowControl.V1Alpha1.LimitedPriorityLevelConfiguration @limited,
+ string @type)
+ {
+ this.Limited = @limited;
+ this.Type = @type;
+ }
+
+ }
+ ///
+ /// PriorityLevelConfigurationStatus represents the current state of a "request-priority".
+ ///
+ [OutputType]
+ public sealed class PriorityLevelConfigurationStatus
+ {
+ ///
+ /// `conditions` is the current state of "request-priority".
+ ///
+ public readonly ImmutableArray Conditions;
+
+ [OutputConstructor]
+ private PriorityLevelConfigurationStatus(
+ ImmutableArray @conditions)
+ {
+ this.Conditions = @conditions;
+ }
+
+ }
+ ///
+ /// QueuingConfiguration holds the configuration parameters for queuing
+ ///
+ [OutputType]
+ public sealed class QueuingConfiguration
+ {
+ ///
+ /// `handSize` is a small positive number that configures the shuffle sharding of requests
+ /// into queues. When enqueuing a request at this priority level the request's flow
+ /// identifier (a string pair) is hashed and the hash value is used to shuffle the list of
+ /// queues and deal a hand of the size specified here. The request is put into one of the
+ /// shortest queues in that hand. `handSize` must be no larger than `queues`, and should be
+ /// significantly smaller (so that a few heavy flows do not saturate most of the queues).
+ /// See the user-facing documentation for more extensive guidance on setting this field.
+ /// This field has a default value of 8.
+ ///
+ public readonly int HandSize;
+
+ ///
+ /// `queueLengthLimit` is the maximum number of requests allowed to be waiting in a given
+ /// queue of this priority level at a time; excess requests are rejected. This value must
+ /// be positive. If not specified, it will be defaulted to 50.
+ ///
+ public readonly int QueueLengthLimit;
+
+ ///
+ /// `queues` is the number of queues for this priority level. The queues exist independently
+ /// at each apiserver. The value must be positive. Setting it to 1 effectively precludes
+ /// shufflesharding and thus makes the distinguisher method of associated flow schemas
+ /// irrelevant. This field has a default value of 64.
+ ///
+ public readonly int Queues;
+
+ [OutputConstructor]
+ private QueuingConfiguration(
+ int @handSize,
+ int @queueLengthLimit,
+ int @queues)
+ {
+ this.HandSize = @handSize;
+ this.QueueLengthLimit = @queueLengthLimit;
+ this.Queues = @queues;
+ }
+
+ }
+ ///
+ /// ResourcePolicyRule is a predicate that matches some resource requests, testing the request's
+ /// verb and the target resource. A ResourcePolicyRule matches a resource request if and only
+ /// if: (a) at least one member of verbs matches the request, (b) at least one member of
+ /// apiGroups matches the request, (c) at least one member of resources matches the request, and
+ /// (d) least one member of namespaces matches the request.
+ ///
+ [OutputType]
+ public sealed class ResourcePolicyRule
+ {
+ ///
+ /// `apiGroups` is a list of matching API groups and may not be empty. "*" matches all API
+ /// groups and, if present, must be the only entry. Required.
+ ///
+ public readonly ImmutableArray ApiGroups;
+
+ ///
+ /// `clusterScope` indicates whether to match requests that do not specify a namespace
+ /// (which happens either because the resource is not namespaced or the request targets all
+ /// namespaces). If this field is omitted or false then the `namespaces` field must contain
+ /// a non-empty list.
+ ///
+ public readonly bool ClusterScope;
+
+ ///
+ /// `namespaces` is a list of target namespaces that restricts matches. A request that
+ /// specifies a target namespace matches only if either (a) this list contains that target
+ /// namespace or (b) this list contains "*". Note that "*" matches any specified namespace
+ /// but does not match a request that _does not specify_ a namespace (see the `clusterScope`
+ /// field for that). This list may be empty, but only if `clusterScope` is true.
+ ///
+ public readonly ImmutableArray Namespaces;
+
+ ///
+ /// `resources` is a list of matching resources (i.e., lowercase and plural) with, if
+ /// desired, subresource. For example, [ "services", "nodes/status" ]. This list may not
+ /// be empty. "*" matches all resources and, if present, must be the only entry. Required.
+ ///
+ public readonly ImmutableArray Resources;
+
+ ///
+ /// `verbs` is a list of matching verbs and may not be empty. "*" matches all verbs and, if
+ /// present, must be the only entry. Required.
+ ///
+ public readonly ImmutableArray Verbs;
+
+ [OutputConstructor]
+ private ResourcePolicyRule(
+ ImmutableArray @apiGroups,
+ bool @clusterScope,
+ ImmutableArray @namespaces,
+ ImmutableArray @resources,
+ ImmutableArray @verbs)
+ {
+ this.ApiGroups = @apiGroups;
+ this.ClusterScope = @clusterScope;
+ this.Namespaces = @namespaces;
+ this.Resources = @resources;
+ this.Verbs = @verbs;
+ }
+
+ }
+ ///
+ /// ServiceAccountSubject holds detailed information for service-account-kind subject.
+ ///
+ [OutputType]
+ public sealed class ServiceAccountSubject
+ {
+ ///
+ /// `name` is the name of matching ServiceAccount objects, or "*" to match regardless of
+ /// name. Required.
+ ///
+ public readonly string Name;
+
+ ///
+ /// `namespace` is the namespace of matching ServiceAccount objects. Required.
+ ///
+ public readonly string Namespace;
+
+ [OutputConstructor]
+ private ServiceAccountSubject(
+ string @name,
+ string @namespace)
+ {
+ this.Name = @name;
+ this.Namespace = @namespace;
+ }
+
+ }
+ ///
+ /// Subject matches the originator of a request, as identified by the request authentication
+ /// system. There are three ways of matching an originator; by user, group, or service account.
+ ///
+ [OutputType]
+ public sealed class Subject
+ {
+
+ public readonly FlowControl.V1Alpha1.GroupSubject Group;
+
+ ///
+ /// Required
+ ///
+ public readonly string Kind;
+
+
+ public readonly FlowControl.V1Alpha1.ServiceAccountSubject ServiceAccount;
+
+
+ public readonly FlowControl.V1Alpha1.UserSubject User;
+
+ [OutputConstructor]
+ private Subject(
+ FlowControl.V1Alpha1.GroupSubject @group,
+ string @kind,
+ FlowControl.V1Alpha1.ServiceAccountSubject @serviceAccount,
+ FlowControl.V1Alpha1.UserSubject @user)
+ {
+ this.Group = @group;
+ this.Kind = @kind;
+ this.ServiceAccount = @serviceAccount;
+ this.User = @user;
+ }
+
+ }
+ ///
+ /// UserSubject holds detailed information for user-kind subject.
+ ///
+ [OutputType]
+ public sealed class UserSubject
+ {
+ ///
+ /// `name` is the username that matches, or "*" to match all usernames. Required.
+ ///
+ public readonly string Name;
+
+ [OutputConstructor]
+ private UserSubject(
+ string @name)
+ {
+ this.Name = @name;
+ }
+
+ }
+ }
+
+}
+
+namespace Pulumi.Kubernetes.Types.Outputs.Meta
+{
+ namespace V1
+ {
+ ///
+ /// APIGroup contains the name, the supported versions, and the preferred version of a group.
+ ///
+ [OutputType]
+ public sealed class APIGroup
+ {
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ public readonly string ApiVersion;
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ public readonly string Kind;
+
+ ///
+ /// name is the name of the group.
+ ///
+ public readonly string Name;
+
+ ///
+ /// preferredVersion is the version preferred by the API server, which probably is the
+ /// storage version.
+ ///
+ public readonly Meta.V1.GroupVersionForDiscovery PreferredVersion;
+
+ ///
+ /// a map of client CIDR to server address that is serving this group. This is to help
+ /// clients reach servers in the most network-efficient way possible. Clients can use the
+ /// appropriate server address as per the CIDR that they match. In case of multiple matches,
+ /// clients should use the longest matching CIDR. The server returns only those CIDRs that
+ /// it thinks that the client can match. For example: the master will return an internal IP
+ /// CIDR only, if the client reaches the server using an internal IP. Server looks at
+ /// X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get
+ /// the client IP.
+ ///
+ public readonly ImmutableArray ServerAddressByClientCIDRs;
+
+ ///
+ /// versions are the versions supported in this group.
+ ///
+ public readonly ImmutableArray Versions;
+
+ [OutputConstructor]
+ private APIGroup(
+ string @apiVersion,
+ string @kind,
+ string @name,
+ Meta.V1.GroupVersionForDiscovery @preferredVersion,
+ ImmutableArray @serverAddressByClientCIDRs,
+ ImmutableArray @versions)
+ {
+ this.ApiVersion = @apiVersion;
+ this.Kind = @kind;
+ this.Name = @name;
+ this.PreferredVersion = @preferredVersion;
+ this.ServerAddressByClientCIDRs = @serverAddressByClientCIDRs;
+ this.Versions = @versions;
+ }
+
+ }
+ ///
+ /// APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis.
+ ///
+ [OutputType]
+ public sealed class APIGroupList
+ {
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ public readonly string ApiVersion;
+
+ ///
+ /// groups is a list of APIGroup.
+ ///
+ public readonly ImmutableArray Groups;
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ public readonly string Kind;
+
+ [OutputConstructor]
+ private APIGroupList(
+ string @apiVersion,
+ ImmutableArray @groups,
+ string @kind)
+ {
+ this.ApiVersion = @apiVersion;
+ this.Groups = @groups;
+ this.Kind = @kind;
+ }
+
+ }
+ ///
+ /// APIResource specifies the name of a resource and whether it is namespaced.
+ ///
+ [OutputType]
+ public sealed class APIResource
+ {
+ ///
+ /// categories is a list of the grouped resources this resource belongs to (e.g. 'all')
+ ///
+ public readonly ImmutableArray Categories;
+
+ ///
+ /// group is the preferred group of the resource. Empty implies the group of the containing
+ /// resource list. For subresources, this may have a different value, for example: Scale".
+ ///
+ public readonly string Group;
+
+ ///
+ /// kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')
+ ///
+ public readonly string Kind;
+
+ ///
+ /// name is the plural name of the resource.
+ ///
+ public readonly string Name;
+
+ ///
+ /// namespaced indicates if a resource is namespaced or not.
+ ///
+ public readonly bool Namespaced;
+
+ ///
+ /// shortNames is a list of suggested short names of the resource.
+ ///
+ public readonly ImmutableArray ShortNames;
+
+ ///
+ /// singularName is the singular name of the resource. This allows clients to handle plural
+ /// and singular opaquely. The singularName is more correct for reporting status on a single
+ /// item and both singular and plural are allowed from the kubectl CLI interface.
+ ///
+ public readonly string SingularName;
+
+ ///
+ /// The hash value of the storage version, the version this resource is converted to when
+ /// written to the data store. Value must be treated as opaque by clients. Only equality
+ /// comparison on the value is valid. This is an alpha feature and may change or be removed
+ /// in the future. The field is populated by the apiserver only if the StorageVersionHash
+ /// feature gate is enabled. This field will remain optional even if it graduates.
+ ///
+ public readonly string StorageVersionHash;
+
+ ///
+ /// verbs is a list of supported kube verbs (this includes get, list, watch, create, update,
+ /// patch, delete, deletecollection, and proxy)
+ ///
+ public readonly ImmutableArray Verbs;
+
+ ///
+ /// version is the preferred version of the resource. Empty implies the version of the
+ /// containing resource list For subresources, this may have a different value, for example:
+ /// v1 (while inside a v1beta1 version of the core resource's group)".
+ ///
+ public readonly string Version;
+
+ [OutputConstructor]
+ private APIResource(
+ ImmutableArray @categories,
+ string @group,
+ string @kind,
+ string @name,
+ bool @namespaced,
+ ImmutableArray @shortNames,
+ string @singularName,
+ string @storageVersionHash,
+ ImmutableArray @verbs,
+ string @version)
+ {
+ this.Categories = @categories;
+ this.Group = @group;
+ this.Kind = @kind;
+ this.Name = @name;
+ this.Namespaced = @namespaced;
+ this.ShortNames = @shortNames;
+ this.SingularName = @singularName;
+ this.StorageVersionHash = @storageVersionHash;
+ this.Verbs = @verbs;
+ this.Version = @version;
+ }
+
+ }
+ ///
+ /// APIResourceList is a list of APIResource, it is used to expose the name of the resources
+ /// supported in a specific group and version, and if the resource is namespaced.
+ ///
+ [OutputType]
+ public sealed class APIResourceList
+ {
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ public readonly string ApiVersion;
+
+ ///
+ /// groupVersion is the group and version this APIResourceList is for.
+ ///
+ public readonly string GroupVersion;
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ public readonly string Kind;
+
+ ///
+ /// resources contains the name of the resources and if they are namespaced.
+ ///
+ public readonly ImmutableArray Resources;
+
+ [OutputConstructor]
+ private APIResourceList(
+ string @apiVersion,
+ string @groupVersion,
+ string @kind,
+ ImmutableArray @resources)
+ {
+ this.ApiVersion = @apiVersion;
+ this.GroupVersion = @groupVersion;
+ this.Kind = @kind;
+ this.Resources = @resources;
+ }
+
+ }
+ ///
+ /// APIVersions lists the versions that are available, to allow clients to discover the API at
+ /// /api, which is the root path of the legacy v1 API.
+ ///
+ [OutputType]
+ public sealed class APIVersions
+ {
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ public readonly string ApiVersion;
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ public readonly string Kind;
+
+ ///
+ /// a map of client CIDR to server address that is serving this group. This is to help
+ /// clients reach servers in the most network-efficient way possible. Clients can use the
+ /// appropriate server address as per the CIDR that they match. In case of multiple matches,
+ /// clients should use the longest matching CIDR. The server returns only those CIDRs that
+ /// it thinks that the client can match. For example: the master will return an internal IP
+ /// CIDR only, if the client reaches the server using an internal IP. Server looks at
+ /// X-Forwarded-For header or X-Real-Ip header or request.RemoteAddr (in that order) to get
+ /// the client IP.
+ ///
+ public readonly ImmutableArray ServerAddressByClientCIDRs;
+
+ ///
+ /// versions are the api versions that are available.
+ ///
+ public readonly ImmutableArray Versions;
+
+ [OutputConstructor]
+ private APIVersions(
+ string @apiVersion,
+ string @kind,
+ ImmutableArray @serverAddressByClientCIDRs,
+ ImmutableArray @versions)
+ {
+ this.ApiVersion = @apiVersion;
+ this.Kind = @kind;
+ this.ServerAddressByClientCIDRs = @serverAddressByClientCIDRs;
+ this.Versions = @versions;
+ }
+
+ }
+ ///
+ /// DeleteOptions may be provided when deleting an API object.
+ ///
+ [OutputType]
+ public sealed class DeleteOptions
+ {
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
/// unrecognized values. More info:
/// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
///
@@ -26449,7 +27397,14 @@ public sealed class ObjectMeta
/// Must be empty before the object is deleted from the registry. Each entry is an
/// identifier for the responsible component that will remove the entry from the list. If
/// the deletionTimestamp of the object is non-nil, entries in this list can only be
- /// removed.
+ /// removed. Finalizers may be processed and removed in any order. Order is NOT enforced
+ /// because it introduces significant risk of stuck finalizers. finalizers is a shared
+ /// field, any actor with permission can reorder it. If the finalizer list is processed in
+ /// order, then this can lead to a situation in which the component responsible for the
+ /// first finalizer in the list is waiting for a signal (field value, external system, or
+ /// other) produced by a component responsible for a finalizer later in the list, resulting
+ /// in a deadlock. Without enforced ordering finalizers are free to order amongst themselves
+ /// and are not vulnerable to ordering changes in the list.
///
public readonly ImmutableArray Finalizers;
@@ -28401,7 +29356,7 @@ public sealed class PodDisruptionBudgetStatus
///
/// Most recent generation observed when updating this PDB status. PodDisruptionsAllowed and
- /// other status informatio is valid only if observedGeneration equals to PDB's object
+ /// other status information is valid only if observedGeneration equals to PDB's object
/// generation.
///
public readonly int ObservedGeneration;
@@ -29476,7 +30431,8 @@ private AggregationRule(
}
///
/// ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a
- /// unit by a RoleBinding or ClusterRoleBinding.
+ /// unit by a RoleBinding or ClusterRoleBinding. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 ClusterRole, and will no longer be served in v1.20.
///
[OutputType]
public sealed class ClusterRole
@@ -29532,7 +30488,9 @@ private ClusterRole(
}
///
/// ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a
- /// ClusterRole in the global namespace, and adds who information via Subject.
+ /// ClusterRole in the global namespace, and adds who information via Subject. Deprecated in
+ /// v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoleBinding, and will no longer be
+ /// served in v1.20.
///
[OutputType]
public sealed class ClusterRoleBinding
@@ -29586,7 +30544,8 @@ private ClusterRoleBinding(
}
///
- /// ClusterRoleBindingList is a collection of ClusterRoleBindings
+ /// ClusterRoleBindingList is a collection of ClusterRoleBindings. Deprecated in v1.17 in favor
+ /// of rbac.authorization.k8s.io/v1 ClusterRoleBindings, and will no longer be served in v1.20.
///
[OutputType]
public sealed class ClusterRoleBindingList
@@ -29632,7 +30591,8 @@ private ClusterRoleBindingList(
}
///
- /// ClusterRoleList is a collection of ClusterRoles
+ /// ClusterRoleList is a collection of ClusterRoles. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 ClusterRoles, and will no longer be served in v1.20.
///
[OutputType]
public sealed class ClusterRoleList
@@ -29738,7 +30698,8 @@ private PolicyRule(
}
///
/// Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a
- /// RoleBinding.
+ /// RoleBinding. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 Role, and will no
+ /// longer be served in v1.20.
///
[OutputType]
public sealed class Role
@@ -29787,7 +30748,8 @@ private Role(
/// RoleBinding references a role, but does not contain it. It can reference a Role in the same
/// namespace or a ClusterRole in the global namespace. It adds who information via Subjects and
/// namespace information by which namespace it exists in. RoleBindings in a given namespace
- /// only have effect in that namespace.
+ /// only have effect in that namespace. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleBinding, and will no longer be served in v1.20.
///
[OutputType]
public sealed class RoleBinding
@@ -29841,7 +30803,8 @@ private RoleBinding(
}
///
- /// RoleBindingList is a collection of RoleBindings
+ /// RoleBindingList is a collection of RoleBindings Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleBindingList, and will no longer be served in v1.20.
///
[OutputType]
public sealed class RoleBindingList
@@ -29887,7 +30850,8 @@ private RoleBindingList(
}
///
- /// RoleList is a collection of Roles
+ /// RoleList is a collection of Roles. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleList, and will no longer be served in v1.20.
///
[OutputType]
public sealed class RoleList
@@ -30039,7 +31003,8 @@ private AggregationRule(
}
///
/// ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a
- /// unit by a RoleBinding or ClusterRoleBinding.
+ /// unit by a RoleBinding or ClusterRoleBinding. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 ClusterRole, and will no longer be served in v1.20.
///
[OutputType]
public sealed class ClusterRole
@@ -30095,7 +31060,9 @@ private ClusterRole(
}
///
/// ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a
- /// ClusterRole in the global namespace, and adds who information via Subject.
+ /// ClusterRole in the global namespace, and adds who information via Subject. Deprecated in
+ /// v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoleBinding, and will no longer be
+ /// served in v1.20.
///
[OutputType]
public sealed class ClusterRoleBinding
@@ -30149,7 +31116,9 @@ private ClusterRoleBinding(
}
///
- /// ClusterRoleBindingList is a collection of ClusterRoleBindings
+ /// ClusterRoleBindingList is a collection of ClusterRoleBindings. Deprecated in v1.17 in favor
+ /// of rbac.authorization.k8s.io/v1 ClusterRoleBindingList, and will no longer be served in
+ /// v1.20.
///
[OutputType]
public sealed class ClusterRoleBindingList
@@ -30195,7 +31164,8 @@ private ClusterRoleBindingList(
}
///
- /// ClusterRoleList is a collection of ClusterRoles
+ /// ClusterRoleList is a collection of ClusterRoles. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 ClusterRoles, and will no longer be served in v1.20.
///
[OutputType]
public sealed class ClusterRoleList
@@ -30300,7 +31270,8 @@ private PolicyRule(
}
///
/// Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a
- /// RoleBinding.
+ /// RoleBinding. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 Role, and will no
+ /// longer be served in v1.20.
///
[OutputType]
public sealed class Role
@@ -30349,7 +31320,8 @@ private Role(
/// RoleBinding references a role, but does not contain it. It can reference a Role in the same
/// namespace or a ClusterRole in the global namespace. It adds who information via Subjects and
/// namespace information by which namespace it exists in. RoleBindings in a given namespace
- /// only have effect in that namespace.
+ /// only have effect in that namespace. Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleBinding, and will no longer be served in v1.20.
///
[OutputType]
public sealed class RoleBinding
@@ -30403,7 +31375,8 @@ private RoleBinding(
}
///
- /// RoleBindingList is a collection of RoleBindings
+ /// RoleBindingList is a collection of RoleBindings Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleBindingList, and will no longer be served in v1.20.
///
[OutputType]
public sealed class RoleBindingList
@@ -30449,7 +31422,8 @@ private RoleBindingList(
}
///
- /// RoleList is a collection of Roles
+ /// RoleList is a collection of Roles Deprecated in v1.17 in favor of
+ /// rbac.authorization.k8s.io/v1 RoleList, and will no longer be served in v1.20.
///
[OutputType]
public sealed class RoleList
@@ -31119,6 +32093,181 @@ namespace Pulumi.Kubernetes.Types.Outputs.Storage
{
namespace V1
{
+ ///
+ /// CSINode holds information about all CSI drivers installed on a node. CSI drivers do not need
+ /// to create the CSINode object directly. As long as they use the node-driver-registrar sidecar
+ /// container, the kubelet will automatically populate the CSINode object for the CSI driver as
+ /// part of kubelet plugin registration. CSINode has the same name as a node. If the object is
+ /// missing, it means either there are no CSI Drivers available on the node, or the Kubelet
+ /// version is low enough that it doesn't create this object. CSINode has an OwnerReference that
+ /// points to the corresponding node object.
+ ///
+ [OutputType]
+ public sealed class CSINode
+ {
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ public readonly string ApiVersion;
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ public readonly string Kind;
+
+ ///
+ /// metadata.name must be the Kubernetes node name.
+ ///
+ public readonly Meta.V1.ObjectMeta Metadata;
+
+ ///
+ /// spec is the specification of CSINode
+ ///
+ public readonly Storage.V1.CSINodeSpec Spec;
+
+ [OutputConstructor]
+ private CSINode(
+ string @apiVersion,
+ string @kind,
+ Meta.V1.ObjectMeta @metadata,
+ Storage.V1.CSINodeSpec @spec)
+ {
+ this.ApiVersion = @apiVersion;
+ this.Kind = @kind;
+ this.Metadata = @metadata;
+ this.Spec = @spec;
+ }
+
+ }
+ ///
+ /// CSINodeDriver holds information about the specification of one CSI driver installed on a
+ /// node
+ ///
+ [OutputType]
+ public sealed class CSINodeDriver
+ {
+ ///
+ /// allocatable represents the volume resources of a node that are available for scheduling.
+ /// This field is beta.
+ ///
+ public readonly Storage.V1.VolumeNodeResources Allocatable;
+
+ ///
+ /// This is the name of the CSI driver that this object refers to. This MUST be the same
+ /// name returned by the CSI GetPluginName() call for that driver.
+ ///
+ public readonly string Name;
+
+ ///
+ /// nodeID of the node from the driver point of view. This field enables Kubernetes to
+ /// communicate with storage systems that do not share the same nomenclature for nodes. For
+ /// example, Kubernetes may refer to a given node as "node1", but the storage system may
+ /// refer to the same node as "nodeA". When Kubernetes issues a command to the storage
+ /// system to attach a volume to a specific node, it can use this field to refer to the node
+ /// name using the ID that the storage system will understand, e.g. "nodeA" instead of
+ /// "node1". This field is required.
+ ///
+ public readonly string NodeID;
+
+ ///
+ /// topologyKeys is the list of keys supported by the driver. When a driver is initialized
+ /// on a cluster, it provides a set of topology keys that it understands (e.g.
+ /// "company.com/zone", "company.com/region"). When a driver is initialized on a node, it
+ /// provides the same topology keys along with values. Kubelet will expose these topology
+ /// keys as labels on its own node object. When Kubernetes does topology aware provisioning,
+ /// it can use this list to determine which labels it should retrieve from the node object
+ /// and pass back to the driver. It is possible for different nodes to use different
+ /// topology keys. This can be empty if driver does not support topology.
+ ///
+ public readonly ImmutableArray TopologyKeys;
+
+ [OutputConstructor]
+ private CSINodeDriver(
+ Storage.V1.VolumeNodeResources @allocatable,
+ string @name,
+ string @nodeID,
+ ImmutableArray @topologyKeys)
+ {
+ this.Allocatable = @allocatable;
+ this.Name = @name;
+ this.NodeID = @nodeID;
+ this.TopologyKeys = @topologyKeys;
+ }
+
+ }
+ ///
+ /// CSINodeList is a collection of CSINode objects.
+ ///
+ [OutputType]
+ public sealed class CSINodeList
+ {
+ ///
+ /// APIVersion defines the versioned schema of this representation of an object. Servers
+ /// should convert recognized schemas to the latest internal value, and may reject
+ /// unrecognized values. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ ///
+ public readonly string ApiVersion;
+
+ ///
+ /// items is the list of CSINode
+ ///
+ public readonly ImmutableArray Items;
+
+ ///
+ /// Kind is a string value representing the REST resource this object represents. Servers
+ /// may infer this from the endpoint the client submits requests to. Cannot be updated. In
+ /// CamelCase. More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ ///
+ public readonly string Kind;
+
+ ///
+ /// Standard list metadata More info:
+ /// https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ ///
+ public readonly Meta.V1.ListMeta Metadata;
+
+ [OutputConstructor]
+ private CSINodeList(
+ string @apiVersion,
+ ImmutableArray @items,
+ string @kind,
+ Meta.V1.ListMeta @metadata)
+ {
+ this.ApiVersion = @apiVersion;
+ this.Items = @items;
+ this.Kind = @kind;
+ this.Metadata = @metadata;
+ }
+
+ }
+ ///
+ /// CSINodeSpec holds information about the specification of all CSI drivers installed on a node
+ ///
+ [OutputType]
+ public sealed class CSINodeSpec
+ {
+ ///
+ /// drivers is a list of information of all CSI Drivers existing on a node. If all drivers
+ /// in the list are uninstalled, this can become empty.
+ ///
+ public readonly ImmutableArray Drivers;
+
+ [OutputConstructor]
+ private CSINodeSpec(
+ ImmutableArray @drivers)
+ {
+ this.Drivers = @drivers;
+ }
+
+ }
///
/// StorageClass describes the parameters for a class of storage for which PersistentVolumes can
/// be dynamically provisioned.
@@ -31513,6 +32662,29 @@ private VolumeError(
}
}
+ ///
+ /// VolumeNodeResources is a set of resource limits for scheduling of volumes.
+ ///
+ [OutputType]
+ public sealed class VolumeNodeResources
+ {
+ ///
+ /// Maximum number of unique volumes managed by the CSI driver that can be used on a node. A
+ /// volume that is both attached and mounted on a node is considered to be used once, not
+ /// twice. The same rule applies for a unique volume that is shared among multiple pods on
+ /// the same node. If this field is not specified, then the supported number of volumes on
+ /// this node is unbounded.
+ ///
+ public readonly int Count;
+
+ [OutputConstructor]
+ private VolumeNodeResources(
+ int @count)
+ {
+ this.Count = @count;
+ }
+
+ }
}
namespace V1Alpha1
@@ -31937,6 +33109,9 @@ private CSIDriverSpec(
}
///
+ /// DEPRECATED - storage/v1beta1/CSINode is not supported by Kubernetes 1.16+ clusters. Use
+ /// storage/v1beta1/CSINode instead.
+ ///
/// CSINode holds information about all CSI drivers installed on a node. CSI drivers do not need
/// to create the CSINode object directly. As long as they use the node-driver-registrar sidecar
/// container, the kubelet will automatically populate the CSINode object for the CSI driver as
diff --git a/sdk/nodejs/discovery/index.ts b/sdk/nodejs/discovery/index.ts
index 01c68a2410..f5a9caa917 100755
--- a/sdk/nodejs/discovery/index.ts
+++ b/sdk/nodejs/discovery/index.ts
@@ -2,8 +2,8 @@
// *** Do not edit by hand unless you're certain you know what you are doing! ***
// Import versions:
-import * as v1alpha1 from "./v1alpha1/index";
+import * as v1beta1 from "./v1beta1/index";
// Export sub-modules
-export { v1alpha1, };
+export { v1beta1, };
diff --git a/sdk/nodejs/discovery/v1alpha1/EndpointSlice.ts b/sdk/nodejs/discovery/v1beta1/EndpointSlice.ts
similarity index 86%
rename from sdk/nodejs/discovery/v1alpha1/EndpointSlice.ts
rename to sdk/nodejs/discovery/v1beta1/EndpointSlice.ts
index bb6fcd301e..daa1438cb1 100755
--- a/sdk/nodejs/discovery/v1alpha1/EndpointSlice.ts
+++ b/sdk/nodejs/discovery/v1beta1/EndpointSlice.ts
@@ -15,7 +15,9 @@ import { getVersion } from "../../version";
export class EndpointSlice extends pulumi.CustomResource {
/**
* addressType specifies the type of address carried by this EndpointSlice. All addresses in
- * this slice must be the same type. Default is IP
+ * this slice must be the same type. This field is immutable after creation. The following
+ * address types are currently supported: * IPv4: Represents an IPv4 Address. * IPv6:
+ * Represents an IPv6 Address. * FQDN: Represents a Fully Qualified Domain Name.
*/
public readonly addressType: pulumi.Output;
@@ -25,13 +27,13 @@ import { getVersion } from "../../version";
* values. More info:
* https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
*/
- public readonly apiVersion: pulumi.Output<"discovery.k8s.io/v1alpha1">;
+ public readonly apiVersion: pulumi.Output<"discovery.k8s.io/v1beta1">;
/**
* endpoints is a list of unique endpoints in this slice. Each slice may include a maximum of
* 1000 endpoints.
*/
- public readonly endpoints: pulumi.Output;
+ public readonly endpoints: pulumi.Output;
/**
* Kind is a string value representing the REST resource this object represents. Servers may
@@ -52,7 +54,7 @@ import { getVersion } from "../../version";
* When a port is defined with a nil port value, it indicates "all ports". Each slice may
* include a maximum of 100 ports.
*/
- public readonly ports: pulumi.Output;
+ public readonly ports: pulumi.Output;
/**
* Get the state of an existing `EndpointSlice` resource, as identified by `id`.
@@ -70,7 +72,7 @@ import { getVersion } from "../../version";
}
/** @internal */
- private static readonly __pulumiType = "kubernetes:discovery.k8s.io/v1alpha1:EndpointSlice";
+ private static readonly __pulumiType = "kubernetes:discovery.k8s.io/v1beta1:EndpointSlice";
/**
* Returns true if the given object is an instance of EndpointSlice. This is designed to work even
@@ -85,18 +87,18 @@ import { getVersion } from "../../version";
}
/**
- * Create a discovery.v1alpha1.EndpointSlice resource with the given unique name, arguments, and options.
+ * Create a discovery.v1beta1.EndpointSlice resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
- constructor(name: string, args?: inputs.discovery.v1alpha1.EndpointSlice, opts?: pulumi.CustomResourceOptions) {
+ constructor(name: string, args?: inputs.discovery.v1beta1.EndpointSlice, opts?: pulumi.CustomResourceOptions) {
const props: pulumi.Inputs = {};
+ props["addressType"] = args && args.addressType || undefined;
props["endpoints"] = args && args.endpoints || undefined;
- props["addressType"] = args && args.addressType || undefined;
- props["apiVersion"] = "discovery.k8s.io/v1alpha1";
+ props["apiVersion"] = "discovery.k8s.io/v1beta1";
props["kind"] = "EndpointSlice";
props["metadata"] = args && args.metadata || undefined;
props["ports"] = args && args.ports || undefined;
diff --git a/sdk/nodejs/discovery/v1alpha1/EndpointSliceList.ts b/sdk/nodejs/discovery/v1beta1/EndpointSliceList.ts
similarity index 89%
rename from sdk/nodejs/discovery/v1alpha1/EndpointSliceList.ts
rename to sdk/nodejs/discovery/v1beta1/EndpointSliceList.ts
index 7b8e51db5c..30782dbdb0 100755
--- a/sdk/nodejs/discovery/v1alpha1/EndpointSliceList.ts
+++ b/sdk/nodejs/discovery/v1beta1/EndpointSliceList.ts
@@ -17,12 +17,12 @@ import { getVersion } from "../../version";
* values. More info:
* https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
*/
- public readonly apiVersion: pulumi.Output<"discovery.k8s.io/v1alpha1">;
+ public readonly apiVersion: pulumi.Output<"discovery.k8s.io/v1beta1">;
/**
* List of endpoint slices
*/
- public readonly items: pulumi.Output;
+ public readonly items: pulumi.Output;
/**
* Kind is a string value representing the REST resource this object represents. Servers may
@@ -53,7 +53,7 @@ import { getVersion } from "../../version";
}
/** @internal */
- private static readonly __pulumiType = "kubernetes:discovery.k8s.io/v1alpha1:EndpointSliceList";
+ private static readonly __pulumiType = "kubernetes:discovery.k8s.io/v1beta1:EndpointSliceList";
/**
* Returns true if the given object is an instance of EndpointSliceList. This is designed to work even
@@ -68,17 +68,17 @@ import { getVersion } from "../../version";
}
/**
- * Create a discovery.v1alpha1.EndpointSliceList resource with the given unique name, arguments, and options.
+ * Create a discovery.v1beta1.EndpointSliceList resource with the given unique name, arguments, and options.
*
* @param name The _unique_ name of the resource.
* @param args The arguments to use to populate this resource's properties.
* @param opts A bag of options that control this resource's behavior.
*/
- constructor(name: string, args?: inputs.discovery.v1alpha1.EndpointSliceList, opts?: pulumi.CustomResourceOptions) {
+ constructor(name: string, args?: inputs.discovery.v1beta1.EndpointSliceList, opts?: pulumi.CustomResourceOptions) {
const props: pulumi.Inputs = {};
props["items"] = args && args.items || undefined;
- props["apiVersion"] = "discovery.k8s.io/v1alpha1";
+ props["apiVersion"] = "discovery.k8s.io/v1beta1";
props["kind"] = "EndpointSliceList";
props["metadata"] = args && args.metadata || undefined;
diff --git a/sdk/nodejs/discovery/v1alpha1/index.ts b/sdk/nodejs/discovery/v1beta1/index.ts
similarity index 100%
rename from sdk/nodejs/discovery/v1alpha1/index.ts
rename to sdk/nodejs/discovery/v1beta1/index.ts
diff --git a/sdk/nodejs/flowcontrol/index.ts b/sdk/nodejs/flowcontrol/index.ts
new file mode 100755
index 0000000000..01c68a2410
--- /dev/null
+++ b/sdk/nodejs/flowcontrol/index.ts
@@ -0,0 +1,9 @@
+// *** WARNING: this file was generated by the Pulumi Kubernetes codegen tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+// Import versions:
+import * as v1alpha1 from "./v1alpha1/index";
+
+// Export sub-modules
+export { v1alpha1, };
+
diff --git a/sdk/nodejs/flowcontrol/v1alpha1/FlowSchema.ts b/sdk/nodejs/flowcontrol/v1alpha1/FlowSchema.ts
new file mode 100755
index 0000000000..c57003ffed
--- /dev/null
+++ b/sdk/nodejs/flowcontrol/v1alpha1/FlowSchema.ts
@@ -0,0 +1,107 @@
+// *** WARNING: this file was generated by the Pulumi Kubernetes codegen tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import * as pulumi from "@pulumi/pulumi";
+import { core } from "../..";
+import * as inputs from "../../types/input";
+import * as outputs from "../../types/output";
+import { getVersion } from "../../version";
+
+ /**
+ * FlowSchema defines the schema of a group of flows. Note that a flow is made up of a set of
+ * inbound API requests with similar attributes and is identified by a pair of strings: the name
+ * of the FlowSchema and a "flow distinguisher".
+ */
+ export class FlowSchema extends pulumi.CustomResource {
+ /**
+ * APIVersion defines the versioned schema of this representation of an object. Servers should
+ * convert recognized schemas to the latest internal value, and may reject unrecognized
+ * values. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ */
+ public readonly apiVersion: pulumi.Output<"flowcontrol.apiserver.k8s.io/v1alpha1">;
+
+ /**
+ * Kind is a string value representing the REST resource this object represents. Servers may
+ * infer this from the endpoint the client submits requests to. Cannot be updated. In
+ * CamelCase. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ */
+ public readonly kind: pulumi.Output<"FlowSchema">;
+
+ /**
+ * `metadata` is the standard object's metadata. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ */
+ public readonly metadata: pulumi.Output;
+
+ /**
+ * `spec` is the specification of the desired behavior of a FlowSchema. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ */
+ public readonly spec: pulumi.Output;
+
+ /**
+ * `status` is the current status of a FlowSchema. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ */
+ public readonly status: pulumi.Output;
+
+ /**
+ * Get the state of an existing `FlowSchema` resource, as identified by `id`.
+ * The ID is of the form `[namespace]/`; if `namespace` is omitted, then (per
+ * Kubernetes convention) the ID becomes `default/`.
+ *
+ * Pulumi will keep track of this resource using `name` as the Pulumi ID.
+ *
+ * @param name _Unique_ name used to register this resource with Pulumi.
+ * @param id An ID for the Kubernetes resource to retrieve. Takes the form `[namespace]/`.
+ * @param opts Uniquely specifies a CustomResource to select.
+ */
+ public static get(name: string, id: pulumi.Input, opts?: pulumi.CustomResourceOptions): FlowSchema {
+ return new FlowSchema(name, undefined, { ...opts, id: id });
+ }
+
+ /** @internal */
+ private static readonly __pulumiType = "kubernetes:flowcontrol.apiserver.k8s.io/v1alpha1:FlowSchema";
+
+ /**
+ * Returns true if the given object is an instance of FlowSchema. This is designed to work even
+ * when multiple copies of the Pulumi SDK have been loaded into the same process.
+ */
+ public static isInstance(obj: any): obj is FlowSchema {
+ if (obj === undefined || obj === null) {
+ return false;
+ }
+
+ return obj["__pulumiType"] === FlowSchema.__pulumiType;
+ }
+
+ /**
+ * Create a flowcontrol.v1alpha1.FlowSchema resource with the given unique name, arguments, and options.
+ *
+ * @param name The _unique_ name of the resource.
+ * @param args The arguments to use to populate this resource's properties.
+ * @param opts A bag of options that control this resource's behavior.
+ */
+ constructor(name: string, args?: inputs.flowcontrol.v1alpha1.FlowSchema, opts?: pulumi.CustomResourceOptions) {
+ const props: pulumi.Inputs = {};
+
+ props["apiVersion"] = "flowcontrol.apiserver.k8s.io/v1alpha1";
+ props["kind"] = "FlowSchema";
+ props["metadata"] = args && args.metadata || undefined;
+ props["spec"] = args && args.spec || undefined;
+
+ props["status"] = undefined;
+
+ if (!opts) {
+ opts = {};
+ }
+
+ if (!opts.version) {
+ opts.version = getVersion();
+ }
+
+ super(FlowSchema.__pulumiType, name, props, opts);
+ }
+ }
diff --git a/sdk/nodejs/flowcontrol/v1alpha1/FlowSchemaList.ts b/sdk/nodejs/flowcontrol/v1alpha1/FlowSchemaList.ts
new file mode 100755
index 0000000000..2f11fe2016
--- /dev/null
+++ b/sdk/nodejs/flowcontrol/v1alpha1/FlowSchemaList.ts
@@ -0,0 +1,98 @@
+// *** WARNING: this file was generated by the Pulumi Kubernetes codegen tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import * as pulumi from "@pulumi/pulumi";
+import { core } from "../..";
+import * as inputs from "../../types/input";
+import * as outputs from "../../types/output";
+import { getVersion } from "../../version";
+
+ /**
+ * FlowSchemaList is a list of FlowSchema objects.
+ */
+ export class FlowSchemaList extends pulumi.CustomResource {
+ /**
+ * APIVersion defines the versioned schema of this representation of an object. Servers should
+ * convert recognized schemas to the latest internal value, and may reject unrecognized
+ * values. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ */
+ public readonly apiVersion: pulumi.Output<"flowcontrol.apiserver.k8s.io/v1alpha1">;
+
+ /**
+ * `items` is a list of FlowSchemas.
+ */
+ public readonly items: pulumi.Output;
+
+ /**
+ * Kind is a string value representing the REST resource this object represents. Servers may
+ * infer this from the endpoint the client submits requests to. Cannot be updated. In
+ * CamelCase. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ */
+ public readonly kind: pulumi.Output<"FlowSchemaList">;
+
+ /**
+ * `metadata` is the standard list metadata. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ */
+ public readonly metadata: pulumi.Output;
+
+ /**
+ * Get the state of an existing `FlowSchemaList` resource, as identified by `id`.
+ * The ID is of the form `[namespace]/`; if `namespace` is omitted, then (per
+ * Kubernetes convention) the ID becomes `default/`.
+ *
+ * Pulumi will keep track of this resource using `name` as the Pulumi ID.
+ *
+ * @param name _Unique_ name used to register this resource with Pulumi.
+ * @param id An ID for the Kubernetes resource to retrieve. Takes the form `[namespace]/`.
+ * @param opts Uniquely specifies a CustomResource to select.
+ */
+ public static get(name: string, id: pulumi.Input, opts?: pulumi.CustomResourceOptions): FlowSchemaList {
+ return new FlowSchemaList(name, undefined, { ...opts, id: id });
+ }
+
+ /** @internal */
+ private static readonly __pulumiType = "kubernetes:flowcontrol.apiserver.k8s.io/v1alpha1:FlowSchemaList";
+
+ /**
+ * Returns true if the given object is an instance of FlowSchemaList. This is designed to work even
+ * when multiple copies of the Pulumi SDK have been loaded into the same process.
+ */
+ public static isInstance(obj: any): obj is FlowSchemaList {
+ if (obj === undefined || obj === null) {
+ return false;
+ }
+
+ return obj["__pulumiType"] === FlowSchemaList.__pulumiType;
+ }
+
+ /**
+ * Create a flowcontrol.v1alpha1.FlowSchemaList resource with the given unique name, arguments, and options.
+ *
+ * @param name The _unique_ name of the resource.
+ * @param args The arguments to use to populate this resource's properties.
+ * @param opts A bag of options that control this resource's behavior.
+ */
+ constructor(name: string, args?: inputs.flowcontrol.v1alpha1.FlowSchemaList, opts?: pulumi.CustomResourceOptions) {
+ const props: pulumi.Inputs = {};
+ props["items"] = args && args.items || undefined;
+
+ props["apiVersion"] = "flowcontrol.apiserver.k8s.io/v1alpha1";
+ props["kind"] = "FlowSchemaList";
+ props["metadata"] = args && args.metadata || undefined;
+
+ props["status"] = undefined;
+
+ if (!opts) {
+ opts = {};
+ }
+
+ if (!opts.version) {
+ opts.version = getVersion();
+ }
+
+ super(FlowSchemaList.__pulumiType, name, props, opts);
+ }
+ }
diff --git a/sdk/nodejs/flowcontrol/v1alpha1/PriorityLevelConfiguration.ts b/sdk/nodejs/flowcontrol/v1alpha1/PriorityLevelConfiguration.ts
new file mode 100755
index 0000000000..f51615319b
--- /dev/null
+++ b/sdk/nodejs/flowcontrol/v1alpha1/PriorityLevelConfiguration.ts
@@ -0,0 +1,105 @@
+// *** WARNING: this file was generated by the Pulumi Kubernetes codegen tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import * as pulumi from "@pulumi/pulumi";
+import { core } from "../..";
+import * as inputs from "../../types/input";
+import * as outputs from "../../types/output";
+import { getVersion } from "../../version";
+
+ /**
+ * PriorityLevelConfiguration represents the configuration of a priority level.
+ */
+ export class PriorityLevelConfiguration extends pulumi.CustomResource {
+ /**
+ * APIVersion defines the versioned schema of this representation of an object. Servers should
+ * convert recognized schemas to the latest internal value, and may reject unrecognized
+ * values. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ */
+ public readonly apiVersion: pulumi.Output<"flowcontrol.apiserver.k8s.io/v1alpha1">;
+
+ /**
+ * Kind is a string value representing the REST resource this object represents. Servers may
+ * infer this from the endpoint the client submits requests to. Cannot be updated. In
+ * CamelCase. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ */
+ public readonly kind: pulumi.Output<"PriorityLevelConfiguration">;
+
+ /**
+ * `metadata` is the standard object's metadata. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ */
+ public readonly metadata: pulumi.Output;
+
+ /**
+ * `spec` is the specification of the desired behavior of a "request-priority". More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ */
+ public readonly spec: pulumi.Output;
+
+ /**
+ * `status` is the current status of a "request-priority". More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ */
+ public readonly status: pulumi.Output;
+
+ /**
+ * Get the state of an existing `PriorityLevelConfiguration` resource, as identified by `id`.
+ * The ID is of the form `[namespace]/`; if `namespace` is omitted, then (per
+ * Kubernetes convention) the ID becomes `default/`.
+ *
+ * Pulumi will keep track of this resource using `name` as the Pulumi ID.
+ *
+ * @param name _Unique_ name used to register this resource with Pulumi.
+ * @param id An ID for the Kubernetes resource to retrieve. Takes the form `[namespace]/`.
+ * @param opts Uniquely specifies a CustomResource to select.
+ */
+ public static get(name: string, id: pulumi.Input, opts?: pulumi.CustomResourceOptions): PriorityLevelConfiguration {
+ return new PriorityLevelConfiguration(name, undefined, { ...opts, id: id });
+ }
+
+ /** @internal */
+ private static readonly __pulumiType = "kubernetes:flowcontrol.apiserver.k8s.io/v1alpha1:PriorityLevelConfiguration";
+
+ /**
+ * Returns true if the given object is an instance of PriorityLevelConfiguration. This is designed to work even
+ * when multiple copies of the Pulumi SDK have been loaded into the same process.
+ */
+ public static isInstance(obj: any): obj is PriorityLevelConfiguration {
+ if (obj === undefined || obj === null) {
+ return false;
+ }
+
+ return obj["__pulumiType"] === PriorityLevelConfiguration.__pulumiType;
+ }
+
+ /**
+ * Create a flowcontrol.v1alpha1.PriorityLevelConfiguration resource with the given unique name, arguments, and options.
+ *
+ * @param name The _unique_ name of the resource.
+ * @param args The arguments to use to populate this resource's properties.
+ * @param opts A bag of options that control this resource's behavior.
+ */
+ constructor(name: string, args?: inputs.flowcontrol.v1alpha1.PriorityLevelConfiguration, opts?: pulumi.CustomResourceOptions) {
+ const props: pulumi.Inputs = {};
+
+ props["apiVersion"] = "flowcontrol.apiserver.k8s.io/v1alpha1";
+ props["kind"] = "PriorityLevelConfiguration";
+ props["metadata"] = args && args.metadata || undefined;
+ props["spec"] = args && args.spec || undefined;
+
+ props["status"] = undefined;
+
+ if (!opts) {
+ opts = {};
+ }
+
+ if (!opts.version) {
+ opts.version = getVersion();
+ }
+
+ super(PriorityLevelConfiguration.__pulumiType, name, props, opts);
+ }
+ }
diff --git a/sdk/nodejs/flowcontrol/v1alpha1/PriorityLevelConfigurationList.ts b/sdk/nodejs/flowcontrol/v1alpha1/PriorityLevelConfigurationList.ts
new file mode 100755
index 0000000000..e360e09959
--- /dev/null
+++ b/sdk/nodejs/flowcontrol/v1alpha1/PriorityLevelConfigurationList.ts
@@ -0,0 +1,98 @@
+// *** WARNING: this file was generated by the Pulumi Kubernetes codegen tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import * as pulumi from "@pulumi/pulumi";
+import { core } from "../..";
+import * as inputs from "../../types/input";
+import * as outputs from "../../types/output";
+import { getVersion } from "../../version";
+
+ /**
+ * PriorityLevelConfigurationList is a list of PriorityLevelConfiguration objects.
+ */
+ export class PriorityLevelConfigurationList extends pulumi.CustomResource {
+ /**
+ * APIVersion defines the versioned schema of this representation of an object. Servers should
+ * convert recognized schemas to the latest internal value, and may reject unrecognized
+ * values. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ */
+ public readonly apiVersion: pulumi.Output<"flowcontrol.apiserver.k8s.io/v1alpha1">;
+
+ /**
+ * `items` is a list of request-priorities.
+ */
+ public readonly items: pulumi.Output;
+
+ /**
+ * Kind is a string value representing the REST resource this object represents. Servers may
+ * infer this from the endpoint the client submits requests to. Cannot be updated. In
+ * CamelCase. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ */
+ public readonly kind: pulumi.Output<"PriorityLevelConfigurationList">;
+
+ /**
+ * `metadata` is the standard object's metadata. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ */
+ public readonly metadata: pulumi.Output;
+
+ /**
+ * Get the state of an existing `PriorityLevelConfigurationList` resource, as identified by `id`.
+ * The ID is of the form `[namespace]/`; if `namespace` is omitted, then (per
+ * Kubernetes convention) the ID becomes `default/`.
+ *
+ * Pulumi will keep track of this resource using `name` as the Pulumi ID.
+ *
+ * @param name _Unique_ name used to register this resource with Pulumi.
+ * @param id An ID for the Kubernetes resource to retrieve. Takes the form `[namespace]/`.
+ * @param opts Uniquely specifies a CustomResource to select.
+ */
+ public static get(name: string, id: pulumi.Input, opts?: pulumi.CustomResourceOptions): PriorityLevelConfigurationList {
+ return new PriorityLevelConfigurationList(name, undefined, { ...opts, id: id });
+ }
+
+ /** @internal */
+ private static readonly __pulumiType = "kubernetes:flowcontrol.apiserver.k8s.io/v1alpha1:PriorityLevelConfigurationList";
+
+ /**
+ * Returns true if the given object is an instance of PriorityLevelConfigurationList. This is designed to work even
+ * when multiple copies of the Pulumi SDK have been loaded into the same process.
+ */
+ public static isInstance(obj: any): obj is PriorityLevelConfigurationList {
+ if (obj === undefined || obj === null) {
+ return false;
+ }
+
+ return obj["__pulumiType"] === PriorityLevelConfigurationList.__pulumiType;
+ }
+
+ /**
+ * Create a flowcontrol.v1alpha1.PriorityLevelConfigurationList resource with the given unique name, arguments, and options.
+ *
+ * @param name The _unique_ name of the resource.
+ * @param args The arguments to use to populate this resource's properties.
+ * @param opts A bag of options that control this resource's behavior.
+ */
+ constructor(name: string, args?: inputs.flowcontrol.v1alpha1.PriorityLevelConfigurationList, opts?: pulumi.CustomResourceOptions) {
+ const props: pulumi.Inputs = {};
+ props["items"] = args && args.items || undefined;
+
+ props["apiVersion"] = "flowcontrol.apiserver.k8s.io/v1alpha1";
+ props["kind"] = "PriorityLevelConfigurationList";
+ props["metadata"] = args && args.metadata || undefined;
+
+ props["status"] = undefined;
+
+ if (!opts) {
+ opts = {};
+ }
+
+ if (!opts.version) {
+ opts.version = getVersion();
+ }
+
+ super(PriorityLevelConfigurationList.__pulumiType, name, props, opts);
+ }
+ }
diff --git a/sdk/nodejs/flowcontrol/v1alpha1/index.ts b/sdk/nodejs/flowcontrol/v1alpha1/index.ts
new file mode 100755
index 0000000000..2bc86074b4
--- /dev/null
+++ b/sdk/nodejs/flowcontrol/v1alpha1/index.ts
@@ -0,0 +1,9 @@
+// *** WARNING: this file was generated by the Pulumi Kubernetes codegen tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+// Export members:
+export * from "./FlowSchema";
+export * from "./FlowSchemaList";
+export * from "./PriorityLevelConfiguration";
+export * from "./PriorityLevelConfigurationList";
+
diff --git a/sdk/nodejs/index.ts b/sdk/nodejs/index.ts
index 4ea2a8ae81..0245960fd3 100644
--- a/sdk/nodejs/index.ts
+++ b/sdk/nodejs/index.ts
@@ -22,6 +22,7 @@ import * as core from "./core/index";
import * as discovery from "./discovery/index";
import * as events from "./events/index";
import * as extensions from "./extensions/index";
+import * as flowcontrol from "./flowcontrol/index";
import * as meta from "./meta/index";
import * as networking from "./networking/index";
import * as node from "./node/index";
@@ -32,7 +33,7 @@ import * as settings from "./settings/index";
import * as storage from "./storage/index";
// Export sub-modules
-export { admissionregistration, apiextensions, apiregistration, apps, auditregistration, authentication, authorization, autoscaling, batch, certificates, coordination, core, discovery, events, extensions, meta, networking, node, policy, rbac, scheduling, settings, storage, };
+export { admissionregistration, apiextensions, apiregistration, apps, auditregistration, authentication, authorization, autoscaling, batch, certificates, coordination, core, discovery, events, extensions, flowcontrol, meta, networking, node, policy, rbac, scheduling, settings, storage, };
// Import and export sub-modules for all Kubernetes types.
import * as types from "./types";
diff --git a/sdk/nodejs/rbac/v1alpha1/ClusterRole.ts b/sdk/nodejs/rbac/v1alpha1/ClusterRole.ts
index 7a8f9635d9..0c442b9766 100755
--- a/sdk/nodejs/rbac/v1alpha1/ClusterRole.ts
+++ b/sdk/nodejs/rbac/v1alpha1/ClusterRole.ts
@@ -9,7 +9,8 @@ import { getVersion } from "../../version";
/**
* ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a
- * unit by a RoleBinding or ClusterRoleBinding.
+ * unit by a RoleBinding or ClusterRoleBinding. Deprecated in v1.17 in favor of
+ * rbac.authorization.k8s.io/v1 ClusterRole, and will no longer be served in v1.20.
*/
export class ClusterRole extends pulumi.CustomResource {
/**
diff --git a/sdk/nodejs/rbac/v1alpha1/ClusterRoleBinding.ts b/sdk/nodejs/rbac/v1alpha1/ClusterRoleBinding.ts
index 8c199b3236..34b3b97aa1 100755
--- a/sdk/nodejs/rbac/v1alpha1/ClusterRoleBinding.ts
+++ b/sdk/nodejs/rbac/v1alpha1/ClusterRoleBinding.ts
@@ -9,7 +9,9 @@ import { getVersion } from "../../version";
/**
* ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a
- * ClusterRole in the global namespace, and adds who information via Subject.
+ * ClusterRole in the global namespace, and adds who information via Subject. Deprecated in
+ * v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoleBinding, and will no longer be
+ * served in v1.20.
*/
export class ClusterRoleBinding extends pulumi.CustomResource {
/**
diff --git a/sdk/nodejs/rbac/v1alpha1/ClusterRoleBindingList.ts b/sdk/nodejs/rbac/v1alpha1/ClusterRoleBindingList.ts
index 836cfcd096..1c0cb6baef 100755
--- a/sdk/nodejs/rbac/v1alpha1/ClusterRoleBindingList.ts
+++ b/sdk/nodejs/rbac/v1alpha1/ClusterRoleBindingList.ts
@@ -8,7 +8,8 @@ import * as outputs from "../../types/output";
import { getVersion } from "../../version";
/**
- * ClusterRoleBindingList is a collection of ClusterRoleBindings
+ * ClusterRoleBindingList is a collection of ClusterRoleBindings. Deprecated in v1.17 in favor
+ * of rbac.authorization.k8s.io/v1 ClusterRoleBindings, and will no longer be served in v1.20.
*/
export class ClusterRoleBindingList extends pulumi.CustomResource {
/**
diff --git a/sdk/nodejs/rbac/v1alpha1/ClusterRoleList.ts b/sdk/nodejs/rbac/v1alpha1/ClusterRoleList.ts
index 2509004aa9..668fb6a0e4 100755
--- a/sdk/nodejs/rbac/v1alpha1/ClusterRoleList.ts
+++ b/sdk/nodejs/rbac/v1alpha1/ClusterRoleList.ts
@@ -8,7 +8,8 @@ import * as outputs from "../../types/output";
import { getVersion } from "../../version";
/**
- * ClusterRoleList is a collection of ClusterRoles
+ * ClusterRoleList is a collection of ClusterRoles. Deprecated in v1.17 in favor of
+ * rbac.authorization.k8s.io/v1 ClusterRoles, and will no longer be served in v1.20.
*/
export class ClusterRoleList extends pulumi.CustomResource {
/**
diff --git a/sdk/nodejs/rbac/v1alpha1/Role.ts b/sdk/nodejs/rbac/v1alpha1/Role.ts
index 7421b71723..166f0320a6 100755
--- a/sdk/nodejs/rbac/v1alpha1/Role.ts
+++ b/sdk/nodejs/rbac/v1alpha1/Role.ts
@@ -9,7 +9,8 @@ import { getVersion } from "../../version";
/**
* Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a
- * RoleBinding.
+ * RoleBinding. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 Role, and will no
+ * longer be served in v1.20.
*/
export class Role extends pulumi.CustomResource {
/**
diff --git a/sdk/nodejs/rbac/v1alpha1/RoleBinding.ts b/sdk/nodejs/rbac/v1alpha1/RoleBinding.ts
index 03348ae627..7ad2a1c16a 100755
--- a/sdk/nodejs/rbac/v1alpha1/RoleBinding.ts
+++ b/sdk/nodejs/rbac/v1alpha1/RoleBinding.ts
@@ -11,7 +11,8 @@ import { getVersion } from "../../version";
* RoleBinding references a role, but does not contain it. It can reference a Role in the same
* namespace or a ClusterRole in the global namespace. It adds who information via Subjects and
* namespace information by which namespace it exists in. RoleBindings in a given namespace
- * only have effect in that namespace.
+ * only have effect in that namespace. Deprecated in v1.17 in favor of
+ * rbac.authorization.k8s.io/v1 RoleBinding, and will no longer be served in v1.20.
*/
export class RoleBinding extends pulumi.CustomResource {
/**
diff --git a/sdk/nodejs/rbac/v1alpha1/RoleBindingList.ts b/sdk/nodejs/rbac/v1alpha1/RoleBindingList.ts
index 8ceebead2b..8de3039551 100755
--- a/sdk/nodejs/rbac/v1alpha1/RoleBindingList.ts
+++ b/sdk/nodejs/rbac/v1alpha1/RoleBindingList.ts
@@ -8,7 +8,8 @@ import * as outputs from "../../types/output";
import { getVersion } from "../../version";
/**
- * RoleBindingList is a collection of RoleBindings
+ * RoleBindingList is a collection of RoleBindings Deprecated in v1.17 in favor of
+ * rbac.authorization.k8s.io/v1 RoleBindingList, and will no longer be served in v1.20.
*/
export class RoleBindingList extends pulumi.CustomResource {
/**
diff --git a/sdk/nodejs/rbac/v1alpha1/RoleList.ts b/sdk/nodejs/rbac/v1alpha1/RoleList.ts
index 1169b0ee07..2ad12cc3d8 100755
--- a/sdk/nodejs/rbac/v1alpha1/RoleList.ts
+++ b/sdk/nodejs/rbac/v1alpha1/RoleList.ts
@@ -8,7 +8,8 @@ import * as outputs from "../../types/output";
import { getVersion } from "../../version";
/**
- * RoleList is a collection of Roles
+ * RoleList is a collection of Roles. Deprecated in v1.17 in favor of
+ * rbac.authorization.k8s.io/v1 RoleList, and will no longer be served in v1.20.
*/
export class RoleList extends pulumi.CustomResource {
/**
diff --git a/sdk/nodejs/rbac/v1beta1/ClusterRole.ts b/sdk/nodejs/rbac/v1beta1/ClusterRole.ts
index c97a2fc3da..a00c849c55 100755
--- a/sdk/nodejs/rbac/v1beta1/ClusterRole.ts
+++ b/sdk/nodejs/rbac/v1beta1/ClusterRole.ts
@@ -9,7 +9,8 @@ import { getVersion } from "../../version";
/**
* ClusterRole is a cluster level, logical grouping of PolicyRules that can be referenced as a
- * unit by a RoleBinding or ClusterRoleBinding.
+ * unit by a RoleBinding or ClusterRoleBinding. Deprecated in v1.17 in favor of
+ * rbac.authorization.k8s.io/v1 ClusterRole, and will no longer be served in v1.20.
*/
export class ClusterRole extends pulumi.CustomResource {
/**
diff --git a/sdk/nodejs/rbac/v1beta1/ClusterRoleBinding.ts b/sdk/nodejs/rbac/v1beta1/ClusterRoleBinding.ts
index 6fe8540ccf..ca8b106a54 100755
--- a/sdk/nodejs/rbac/v1beta1/ClusterRoleBinding.ts
+++ b/sdk/nodejs/rbac/v1beta1/ClusterRoleBinding.ts
@@ -9,7 +9,9 @@ import { getVersion } from "../../version";
/**
* ClusterRoleBinding references a ClusterRole, but not contain it. It can reference a
- * ClusterRole in the global namespace, and adds who information via Subject.
+ * ClusterRole in the global namespace, and adds who information via Subject. Deprecated in
+ * v1.17 in favor of rbac.authorization.k8s.io/v1 ClusterRoleBinding, and will no longer be
+ * served in v1.20.
*/
export class ClusterRoleBinding extends pulumi.CustomResource {
/**
diff --git a/sdk/nodejs/rbac/v1beta1/ClusterRoleBindingList.ts b/sdk/nodejs/rbac/v1beta1/ClusterRoleBindingList.ts
index a8525bfb6d..9bac8296c8 100755
--- a/sdk/nodejs/rbac/v1beta1/ClusterRoleBindingList.ts
+++ b/sdk/nodejs/rbac/v1beta1/ClusterRoleBindingList.ts
@@ -8,7 +8,9 @@ import * as outputs from "../../types/output";
import { getVersion } from "../../version";
/**
- * ClusterRoleBindingList is a collection of ClusterRoleBindings
+ * ClusterRoleBindingList is a collection of ClusterRoleBindings. Deprecated in v1.17 in favor
+ * of rbac.authorization.k8s.io/v1 ClusterRoleBindingList, and will no longer be served in
+ * v1.20.
*/
export class ClusterRoleBindingList extends pulumi.CustomResource {
/**
diff --git a/sdk/nodejs/rbac/v1beta1/ClusterRoleList.ts b/sdk/nodejs/rbac/v1beta1/ClusterRoleList.ts
index 40122f0836..0c78055346 100755
--- a/sdk/nodejs/rbac/v1beta1/ClusterRoleList.ts
+++ b/sdk/nodejs/rbac/v1beta1/ClusterRoleList.ts
@@ -8,7 +8,8 @@ import * as outputs from "../../types/output";
import { getVersion } from "../../version";
/**
- * ClusterRoleList is a collection of ClusterRoles
+ * ClusterRoleList is a collection of ClusterRoles. Deprecated in v1.17 in favor of
+ * rbac.authorization.k8s.io/v1 ClusterRoles, and will no longer be served in v1.20.
*/
export class ClusterRoleList extends pulumi.CustomResource {
/**
diff --git a/sdk/nodejs/rbac/v1beta1/Role.ts b/sdk/nodejs/rbac/v1beta1/Role.ts
index 3f57ad590a..6d7919f2dd 100755
--- a/sdk/nodejs/rbac/v1beta1/Role.ts
+++ b/sdk/nodejs/rbac/v1beta1/Role.ts
@@ -9,7 +9,8 @@ import { getVersion } from "../../version";
/**
* Role is a namespaced, logical grouping of PolicyRules that can be referenced as a unit by a
- * RoleBinding.
+ * RoleBinding. Deprecated in v1.17 in favor of rbac.authorization.k8s.io/v1 Role, and will no
+ * longer be served in v1.20.
*/
export class Role extends pulumi.CustomResource {
/**
diff --git a/sdk/nodejs/rbac/v1beta1/RoleBinding.ts b/sdk/nodejs/rbac/v1beta1/RoleBinding.ts
index 7c5a40b522..d1fa052fcc 100755
--- a/sdk/nodejs/rbac/v1beta1/RoleBinding.ts
+++ b/sdk/nodejs/rbac/v1beta1/RoleBinding.ts
@@ -11,7 +11,8 @@ import { getVersion } from "../../version";
* RoleBinding references a role, but does not contain it. It can reference a Role in the same
* namespace or a ClusterRole in the global namespace. It adds who information via Subjects and
* namespace information by which namespace it exists in. RoleBindings in a given namespace
- * only have effect in that namespace.
+ * only have effect in that namespace. Deprecated in v1.17 in favor of
+ * rbac.authorization.k8s.io/v1 RoleBinding, and will no longer be served in v1.20.
*/
export class RoleBinding extends pulumi.CustomResource {
/**
diff --git a/sdk/nodejs/rbac/v1beta1/RoleBindingList.ts b/sdk/nodejs/rbac/v1beta1/RoleBindingList.ts
index c0df6e3686..0890b8f031 100755
--- a/sdk/nodejs/rbac/v1beta1/RoleBindingList.ts
+++ b/sdk/nodejs/rbac/v1beta1/RoleBindingList.ts
@@ -8,7 +8,8 @@ import * as outputs from "../../types/output";
import { getVersion } from "../../version";
/**
- * RoleBindingList is a collection of RoleBindings
+ * RoleBindingList is a collection of RoleBindings Deprecated in v1.17 in favor of
+ * rbac.authorization.k8s.io/v1 RoleBindingList, and will no longer be served in v1.20.
*/
export class RoleBindingList extends pulumi.CustomResource {
/**
diff --git a/sdk/nodejs/rbac/v1beta1/RoleList.ts b/sdk/nodejs/rbac/v1beta1/RoleList.ts
index 886f35cb70..342fc61cce 100755
--- a/sdk/nodejs/rbac/v1beta1/RoleList.ts
+++ b/sdk/nodejs/rbac/v1beta1/RoleList.ts
@@ -8,7 +8,8 @@ import * as outputs from "../../types/output";
import { getVersion } from "../../version";
/**
- * RoleList is a collection of Roles
+ * RoleList is a collection of Roles Deprecated in v1.17 in favor of
+ * rbac.authorization.k8s.io/v1 RoleList, and will no longer be served in v1.20.
*/
export class RoleList extends pulumi.CustomResource {
/**
diff --git a/sdk/nodejs/storage/v1/CSINode.ts b/sdk/nodejs/storage/v1/CSINode.ts
new file mode 100755
index 0000000000..eb5b3f5f49
--- /dev/null
+++ b/sdk/nodejs/storage/v1/CSINode.ts
@@ -0,0 +1,103 @@
+// *** WARNING: this file was generated by the Pulumi Kubernetes codegen tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import * as pulumi from "@pulumi/pulumi";
+import { core } from "../..";
+import * as inputs from "../../types/input";
+import * as outputs from "../../types/output";
+import { getVersion } from "../../version";
+
+ /**
+ * CSINode holds information about all CSI drivers installed on a node. CSI drivers do not need
+ * to create the CSINode object directly. As long as they use the node-driver-registrar sidecar
+ * container, the kubelet will automatically populate the CSINode object for the CSI driver as
+ * part of kubelet plugin registration. CSINode has the same name as a node. If the object is
+ * missing, it means either there are no CSI Drivers available on the node, or the Kubelet
+ * version is low enough that it doesn't create this object. CSINode has an OwnerReference that
+ * points to the corresponding node object.
+ */
+ export class CSINode extends pulumi.CustomResource {
+ /**
+ * APIVersion defines the versioned schema of this representation of an object. Servers should
+ * convert recognized schemas to the latest internal value, and may reject unrecognized
+ * values. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ */
+ public readonly apiVersion: pulumi.Output<"storage.k8s.io/v1">;
+
+ /**
+ * Kind is a string value representing the REST resource this object represents. Servers may
+ * infer this from the endpoint the client submits requests to. Cannot be updated. In
+ * CamelCase. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ */
+ public readonly kind: pulumi.Output<"CSINode">;
+
+ /**
+ * metadata.name must be the Kubernetes node name.
+ */
+ public readonly metadata: pulumi.Output;
+
+ /**
+ * spec is the specification of CSINode
+ */
+ public readonly spec: pulumi.Output;
+
+ /**
+ * Get the state of an existing `CSINode` resource, as identified by `id`.
+ * The ID is of the form `[namespace]/`; if `namespace` is omitted, then (per
+ * Kubernetes convention) the ID becomes `default/`.
+ *
+ * Pulumi will keep track of this resource using `name` as the Pulumi ID.
+ *
+ * @param name _Unique_ name used to register this resource with Pulumi.
+ * @param id An ID for the Kubernetes resource to retrieve. Takes the form `[namespace]/`.
+ * @param opts Uniquely specifies a CustomResource to select.
+ */
+ public static get(name: string, id: pulumi.Input, opts?: pulumi.CustomResourceOptions): CSINode {
+ return new CSINode(name, undefined, { ...opts, id: id });
+ }
+
+ /** @internal */
+ private static readonly __pulumiType = "kubernetes:storage.k8s.io/v1:CSINode";
+
+ /**
+ * Returns true if the given object is an instance of CSINode. This is designed to work even
+ * when multiple copies of the Pulumi SDK have been loaded into the same process.
+ */
+ public static isInstance(obj: any): obj is CSINode {
+ if (obj === undefined || obj === null) {
+ return false;
+ }
+
+ return obj["__pulumiType"] === CSINode.__pulumiType;
+ }
+
+ /**
+ * Create a storage.v1.CSINode resource with the given unique name, arguments, and options.
+ *
+ * @param name The _unique_ name of the resource.
+ * @param args The arguments to use to populate this resource's properties.
+ * @param opts A bag of options that control this resource's behavior.
+ */
+ constructor(name: string, args?: inputs.storage.v1.CSINode, opts?: pulumi.CustomResourceOptions) {
+ const props: pulumi.Inputs = {};
+ props["spec"] = args && args.spec || undefined;
+
+ props["apiVersion"] = "storage.k8s.io/v1";
+ props["kind"] = "CSINode";
+ props["metadata"] = args && args.metadata || undefined;
+
+ props["status"] = undefined;
+
+ if (!opts) {
+ opts = {};
+ }
+
+ if (!opts.version) {
+ opts.version = getVersion();
+ }
+
+ super(CSINode.__pulumiType, name, props, opts);
+ }
+ }
diff --git a/sdk/nodejs/storage/v1/CSINodeList.ts b/sdk/nodejs/storage/v1/CSINodeList.ts
new file mode 100755
index 0000000000..a70c61141e
--- /dev/null
+++ b/sdk/nodejs/storage/v1/CSINodeList.ts
@@ -0,0 +1,98 @@
+// *** WARNING: this file was generated by the Pulumi Kubernetes codegen tool. ***
+// *** Do not edit by hand unless you're certain you know what you are doing! ***
+
+import * as pulumi from "@pulumi/pulumi";
+import { core } from "../..";
+import * as inputs from "../../types/input";
+import * as outputs from "../../types/output";
+import { getVersion } from "../../version";
+
+ /**
+ * CSINodeList is a collection of CSINode objects.
+ */
+ export class CSINodeList extends pulumi.CustomResource {
+ /**
+ * APIVersion defines the versioned schema of this representation of an object. Servers should
+ * convert recognized schemas to the latest internal value, and may reject unrecognized
+ * values. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ */
+ public readonly apiVersion: pulumi.Output<"storage.k8s.io/v1">;
+
+ /**
+ * items is the list of CSINode
+ */
+ public readonly items: pulumi.Output;
+
+ /**
+ * Kind is a string value representing the REST resource this object represents. Servers may
+ * infer this from the endpoint the client submits requests to. Cannot be updated. In
+ * CamelCase. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ */
+ public readonly kind: pulumi.Output<"CSINodeList">;
+
+ /**
+ * Standard list metadata More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ */
+ public readonly metadata: pulumi.Output;
+
+ /**
+ * Get the state of an existing `CSINodeList` resource, as identified by `id`.
+ * The ID is of the form `[namespace]/`; if `namespace` is omitted, then (per
+ * Kubernetes convention) the ID becomes `default/`.
+ *
+ * Pulumi will keep track of this resource using `name` as the Pulumi ID.
+ *
+ * @param name _Unique_ name used to register this resource with Pulumi.
+ * @param id An ID for the Kubernetes resource to retrieve. Takes the form `[namespace]/`.
+ * @param opts Uniquely specifies a CustomResource to select.
+ */
+ public static get(name: string, id: pulumi.Input, opts?: pulumi.CustomResourceOptions): CSINodeList {
+ return new CSINodeList(name, undefined, { ...opts, id: id });
+ }
+
+ /** @internal */
+ private static readonly __pulumiType = "kubernetes:storage.k8s.io/v1:CSINodeList";
+
+ /**
+ * Returns true if the given object is an instance of CSINodeList. This is designed to work even
+ * when multiple copies of the Pulumi SDK have been loaded into the same process.
+ */
+ public static isInstance(obj: any): obj is CSINodeList {
+ if (obj === undefined || obj === null) {
+ return false;
+ }
+
+ return obj["__pulumiType"] === CSINodeList.__pulumiType;
+ }
+
+ /**
+ * Create a storage.v1.CSINodeList resource with the given unique name, arguments, and options.
+ *
+ * @param name The _unique_ name of the resource.
+ * @param args The arguments to use to populate this resource's properties.
+ * @param opts A bag of options that control this resource's behavior.
+ */
+ constructor(name: string, args?: inputs.storage.v1.CSINodeList, opts?: pulumi.CustomResourceOptions) {
+ const props: pulumi.Inputs = {};
+ props["items"] = args && args.items || undefined;
+
+ props["apiVersion"] = "storage.k8s.io/v1";
+ props["kind"] = "CSINodeList";
+ props["metadata"] = args && args.metadata || undefined;
+
+ props["status"] = undefined;
+
+ if (!opts) {
+ opts = {};
+ }
+
+ if (!opts.version) {
+ opts.version = getVersion();
+ }
+
+ super(CSINodeList.__pulumiType, name, props, opts);
+ }
+ }
diff --git a/sdk/nodejs/storage/v1/index.ts b/sdk/nodejs/storage/v1/index.ts
index f1f69ba362..6f3726737a 100755
--- a/sdk/nodejs/storage/v1/index.ts
+++ b/sdk/nodejs/storage/v1/index.ts
@@ -2,6 +2,8 @@
// *** Do not edit by hand unless you're certain you know what you are doing! ***
// Export members:
+export * from "./CSINode";
+export * from "./CSINodeList";
export * from "./StorageClass";
export * from "./StorageClassList";
export * from "./VolumeAttachment";
diff --git a/sdk/nodejs/storage/v1beta1/CSINode.ts b/sdk/nodejs/storage/v1beta1/CSINode.ts
index df08194681..dcff186707 100755
--- a/sdk/nodejs/storage/v1beta1/CSINode.ts
+++ b/sdk/nodejs/storage/v1beta1/CSINode.ts
@@ -8,6 +8,9 @@ import * as outputs from "../../types/output";
import { getVersion } from "../../version";
/**
+ * @deprecated storage/v1beta1/CSINode is not supported by Kubernetes 1.16+ clusters. Use
+ * storage/v1beta1/CSINode instead.
+ *
* CSINode holds information about all CSI drivers installed on a node. CSI drivers do not need
* to create the CSINode object directly. As long as they use the node-driver-registrar sidecar
* container, the kubelet will automatically populate the CSINode object for the CSI driver as
diff --git a/sdk/nodejs/types/input.ts b/sdk/nodejs/types/input.ts
index c1034e3584..8ca45dcaed 100755
--- a/sdk/nodejs/types/input.ts
+++ b/sdk/nodejs/types/input.ts
@@ -710,7 +710,7 @@ export namespace admissionregistration {
rules?: pulumi.Input[]>
/**
- * SideEffects states whether this webhookk has side effects. Acceptable values are: Unknown,
+ * SideEffects states whether this webhook has side effects. Acceptable values are: Unknown,
* None, Some, NoneOnDryRun Webhooks with side effects MUST implement a reconciliation system,
* since a request may be rejected by a future step in the admission change and the side
* effects therefore need to be undone. Requests with the dryRun attribute will be
@@ -999,7 +999,7 @@ export namespace admissionregistration {
rules?: pulumi.Input[]>
/**
- * SideEffects states whether this webhookk has side effects. Acceptable values are: Unknown,
+ * SideEffects states whether this webhook has side effects. Acceptable values are: Unknown,
* None, Some, NoneOnDryRun Webhooks with side effects MUST implement a reconciliation system,
* since a request may be rejected by a future step in the admission change and the side
* effects therefore need to be undone. Requests with the dryRun attribute will be
@@ -1378,7 +1378,7 @@ export namespace apiextensions {
/**
* scope indicates whether the defined custom resource is cluster- or namespace-scoped.
- * Allowed values are `Cluster` and `Namespaced`. Default is `Namespaced`.
+ * Allowed values are `Cluster` and `Namespaced`.
*/
scope: pulumi.Input
@@ -1610,7 +1610,37 @@ export namespace apiextensions {
externalDocs?: pulumi.Input
-
+ /**
+ * format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats
+ * are validated:
+ *
+ * - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed
+ * by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang
+ * net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as
+ * defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang
+ * net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by
+ * Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID
+ * that allows uppercase defined by the regex
+ * (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3
+ * that allows uppercase defined by the regex
+ * (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4
+ * that allows uppercase defined by the regex
+ * (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an
+ * UUID5 that allows uppercase defined by the regex
+ * (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an
+ * ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" - isbn10: an ISBN10
+ * number string like "0321751043" - isbn13: an ISBN13 number string like "978-0321751041" -
+ * creditcard: a credit card number defined by the regex
+ * ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\d{3})\d{11})$
+ * with any non digit characters mixed in - ssn: a U.S. social security number following the
+ * regex ^\d{3}[- ]?\d{2}[- ]?\d{4}$ - hexcolor: an hexadecimal color code like "#FFFFFF:
+ * following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like
+ * rgb like "rgb(255,255,2559" - byte: base64 encoded binary data - password: any kind of
+ * string - date: a date string like "2006-01-02" as defined by full-date in RFC3339 -
+ * duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or
+ * compatible with Scala duration format - datetime: a date time string like
+ * "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
+ */
format?: pulumi.Input
@@ -1720,7 +1750,8 @@ export namespace apiextensions {
* may be used on any type of list (struct, scalar, ...).
* 2) `set`:
* Sets are lists that must not have multiple items with the same value. Each
- * value must be a scalar (or another atomic type).
+ * value must be a scalar, an object with x-kubernetes-map-type `atomic` or an
+ * array with x-kubernetes-list-type `atomic`.
* 3) `map`:
* These lists are like maps in that their elements have a non-index key
* used to identify them. Order is preserved upon merge. The map tag
@@ -1729,6 +1760,19 @@ export namespace apiextensions {
*/
x_kubernetes_list_type?: pulumi.Input
+ /**
+ * x-kubernetes-map-type annotates an object to further describe its topology. This extension
+ * must only be used when type is object and may have 2 possible values:
+ *
+ * 1) `granular`:
+ * These maps are actual maps (key-value pairs) and each fields are independent
+ * from each other (they can each be manipulated by separate actors). This is
+ * the default behaviour for all maps.
+ * 2) `atomic`: the list is treated as a single entity, like a scalar.
+ * Atomic maps will be entirely replaced when updated.
+ */
+ x_kubernetes_map_type?: pulumi.Input
+
/**
* x-kubernetes-preserve-unknown-fields stops the API server decoding step from pruning fields
* which are not specified in the validation schema. This affects fields recursively, but
@@ -2355,7 +2399,37 @@ export namespace apiextensions {
externalDocs?: pulumi.Input
-
+ /**
+ * format is an OpenAPI v3 format string. Unknown formats are ignored. The following formats
+ * are validated:
+ *
+ * - bsonobjectid: a bson object ID, i.e. a 24 characters hex string - uri: an URI as parsed
+ * by Golang net/url.ParseRequestURI - email: an email address as parsed by Golang
+ * net/mail.ParseAddress - hostname: a valid representation for an Internet host name, as
+ * defined by RFC 1034, section 3.1 [RFC1034]. - ipv4: an IPv4 IP as parsed by Golang
+ * net.ParseIP - ipv6: an IPv6 IP as parsed by Golang net.ParseIP - cidr: a CIDR as parsed by
+ * Golang net.ParseCIDR - mac: a MAC address as parsed by Golang net.ParseMAC - uuid: an UUID
+ * that allows uppercase defined by the regex
+ * (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid3: an UUID3
+ * that allows uppercase defined by the regex
+ * (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?3[0-9a-f]{3}-?[0-9a-f]{4}-?[0-9a-f]{12}$ - uuid4: an UUID4
+ * that allows uppercase defined by the regex
+ * (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?4[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - uuid5: an
+ * UUID5 that allows uppercase defined by the regex
+ * (?i)^[0-9a-f]{8}-?[0-9a-f]{4}-?5[0-9a-f]{3}-?[89ab][0-9a-f]{3}-?[0-9a-f]{12}$ - isbn: an
+ * ISBN10 or ISBN13 number string like "0321751043" or "978-0321751041" - isbn10: an ISBN10
+ * number string like "0321751043" - isbn13: an ISBN13 number string like "978-0321751041" -
+ * creditcard: a credit card number defined by the regex
+ * ^(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|6(?:011|5[0-9][0-9])[0-9]{12}|3[47][0-9]{13}|3(?:0[0-5]|[68][0-9])[0-9]{11}|(?:2131|1800|35\d{3})\d{11})$
+ * with any non digit characters mixed in - ssn: a U.S. social security number following the
+ * regex ^\d{3}[- ]?\d{2}[- ]?\d{4}$ - hexcolor: an hexadecimal color code like "#FFFFFF:
+ * following the regex ^#?([0-9a-fA-F]{3}|[0-9a-fA-F]{6})$ - rgbcolor: an RGB color code like
+ * rgb like "rgb(255,255,2559" - byte: base64 encoded binary data - password: any kind of
+ * string - date: a date string like "2006-01-02" as defined by full-date in RFC3339 -
+ * duration: a duration string like "22 ns" as parsed by Golang time.ParseDuration or
+ * compatible with Scala duration format - datetime: a date time string like
+ * "2014-12-15T19:30:20.000Z" as defined by date-time in RFC3339.
+ */
format?: pulumi.Input
@@ -2465,7 +2539,8 @@ export namespace apiextensions {
* may be used on any type of list (struct, scalar, ...).
* 2) `set`:
* Sets are lists that must not have multiple items with the same value. Each
- * value must be a scalar (or another atomic type).
+ * value must be a scalar, an object with x-kubernetes-map-type `atomic` or an
+ * array with x-kubernetes-list-type `atomic`.
* 3) `map`:
* These lists are like maps in that their elements have a non-index key
* used to identify them. Order is preserved upon merge. The map tag
@@ -2474,6 +2549,19 @@ export namespace apiextensions {
*/
x_kubernetes_list_type?: pulumi.Input
+ /**
+ * x-kubernetes-map-type annotates an object to further describe its topology. This extension
+ * must only be used when type is object and may have 2 possible values:
+ *
+ * 1) `granular`:
+ * These maps are actual maps (key-value pairs) and each fields are independent
+ * from each other (they can each be manipulated by separate actors). This is
+ * the default behaviour for all maps.
+ * 2) `atomic`: the list is treated as a single entity, like a scalar.
+ * Atomic maps will be entirely replaced when updated.
+ */
+ x_kubernetes_map_type?: pulumi.Input
+
/**
* x-kubernetes-preserve-unknown-fields stops the API server decoding step from pruning fields
* which are not specified in the validation schema. This affects fields recursively, but
@@ -11167,7 +11255,8 @@ export namespace core {
/**
* Selects a field of the pod: supports metadata.name, metadata.namespace, metadata.labels,
- * metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP.
+ * metadata.annotations, spec.nodeName, spec.serviceAccountName, status.hostIP, status.podIP,
+ * status.podIPs.
*/
fieldRef?: pulumi.Input
@@ -14106,8 +14195,7 @@ export namespace core {
* Share a single process namespace between all of the containers in a pod. When this is set
* containers will be able to view and signal processes from other containers in the same pod,
* and the first process in each container will not be assigned PID 1. HostPID and
- * ShareProcessNamespace cannot both be set. Optional: Default to false. This field is
- * beta-level and may be disabled with the PodShareProcessNamespace feature.
+ * ShareProcessNamespace cannot both be set. Optional: Default to false.
*/
shareProcessNamespace?: pulumi.Input
@@ -15831,6 +15919,19 @@ export namespace core {
*/
sessionAffinityConfig?: pulumi.Input
+ /**
+ * topologyKeys is a preference-order list of topology keys which implementations of services
+ * should use to preferentially sort endpoints when accessing this Service, it can not be used
+ * at the same time as externalTrafficPolicy=Local. Topology keys must be valid label keys and
+ * at most 16 keys may be specified. Endpoints are chosen based on the first topology key with
+ * available backends. If this field is specified and all entries have no backends that match
+ * the topology of the client, the service has no backends for that client and connections
+ * should fail. The special value "*" may be used to mean "any topology". This catch-all
+ * value, if used, only makes sense as the last value in the list. If this is not specified or
+ * empty, no topology constraints will be applied.
+ */
+ topologyKeys?: pulumi.Input[]>
+
/**
* type determines how the Service is exposed. Defaults to ClusterIP. Valid options are
* ExternalName, ClusterIP, NodePort, and LoadBalancer. "ExternalName" maps to the specified
@@ -16391,7 +16492,7 @@ export namespace core {
* Expanded path within the volume from which the container's volume should be mounted.
* Behaves similarly to SubPath but environment variable references $(VAR_NAME) are expanded
* using the container's environment. Defaults to "" (volume's root). SubPathExpr and SubPath
- * are mutually exclusive. This field is beta in 1.15.
+ * are mutually exclusive.
*/
subPathExpr?: pulumi.Input
@@ -16506,8 +16607,8 @@ export namespace core {
* The UserName in Windows to run the entrypoint of the container process. Defaults to the
* user specified in image metadata if unspecified. May also be set in PodSecurityContext. If
* set in both SecurityContext and PodSecurityContext, the value specified in SecurityContext
- * takes precedence. This field is alpha-level and it is only honored by servers that enable
- * the WindowsRunAsUserName feature flag.
+ * takes precedence. This field is beta-level and may be disabled with the
+ * WindowsRunAsUserName feature flag.
*/
runAsUserName?: pulumi.Input
@@ -16519,24 +16620,23 @@ export namespace core {
}
export namespace discovery {
- export namespace v1alpha1 {
+ export namespace v1beta1 {
/**
* Endpoint represents a single logical "backend" implementing a service.
*/
export interface Endpoint {
/**
* addresses of this endpoint. The contents of this field are interpreted according to the
- * corresponding EndpointSlice addressType field. This allows for cases like dual-stack (IPv4
- * and IPv6) networking. Consumers (e.g. kube-proxy) must handle different types of addresses
- * in the context of their own capabilities. This must contain at least one address but no
- * more than 100.
+ * corresponding EndpointSlice addressType field. Consumers must handle different types of
+ * addresses in the context of their own capabilities. This must contain at least one address
+ * but no more than 100.
*/
addresses: pulumi.Input[]>
/**
* conditions contains information about the current status of the endpoint.
*/
- conditions?: pulumi.Input
+ conditions?: pulumi.Input
/**
* hostname of this endpoint. This field may be used by consumers of endpoints to distinguish
@@ -16587,13 +16687,21 @@ export namespace discovery {
* EndpointPort represents a Port used by an EndpointSlice
*/
export interface EndpointPort {
+ /**
+ * The application protocol for this port. This field follows standard Kubernetes label
+ * syntax. Un-prefixed names are reserved for IANA standard service names (as per RFC-6335 and
+ * http://www.iana.org/assignments/service-names). Non-standard protocols should use prefixed
+ * names. Default is empty string.
+ */
+ appProtocol?: pulumi.Input
+
/**
* The name of this port. All ports in an EndpointSlice must have a unique name. If the
* EndpointSlice is dervied from a Kubernetes service, this corresponds to the
- * Service.ports[].name. Name must either be an empty string or pass IANA_SVC_NAME validation:
- * * must be no more than 15 characters long * may contain only [-a-z0-9] * must contain at
- * least one letter [a-z] * it must not start or end with a hyphen, nor contain adjacent
- * hyphens Default is empty string.
+ * Service.ports[].name. Name must either be an empty string or pass DNS_LABEL validation: *
+ * must be no more than 63 characters long. * must consist of lower case alphanumeric
+ * characters or '-'. * must start and end with an alphanumeric character. Default is empty
+ * string.
*/
name?: pulumi.Input
@@ -16618,16 +16726,18 @@ export namespace discovery {
*/
export interface EndpointSlice {
/**
- * endpoints is a list of unique endpoints in this slice. Each slice may include a maximum of
- * 1000 endpoints.
+ * addressType specifies the type of address carried by this EndpointSlice. All addresses in
+ * this slice must be the same type. This field is immutable after creation. The following
+ * address types are currently supported: * IPv4: Represents an IPv4 Address. * IPv6:
+ * Represents an IPv6 Address. * FQDN: Represents a Fully Qualified Domain Name.
*/
- endpoints: pulumi.Input[]>
+ addressType: pulumi.Input
/**
- * addressType specifies the type of address carried by this EndpointSlice. All addresses in
- * this slice must be the same type. Default is IP
+ * endpoints is a list of unique endpoints in this slice. Each slice may include a maximum of
+ * 1000 endpoints.
*/
- addressType?: pulumi.Input
+ endpoints: pulumi.Input[]>
/**
* APIVersion defines the versioned schema of this representation of an object. Servers should
@@ -16635,7 +16745,7 @@ export namespace discovery {
* values. More info:
* https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
*/
- apiVersion?: pulumi.Input<"discovery.k8s.io/v1alpha1">
+ apiVersion?: pulumi.Input<"discovery.k8s.io/v1beta1">
/**
* Kind is a string value representing the REST resource this object represents. Servers may
@@ -16656,12 +16766,12 @@ export namespace discovery {
* When a port is defined with a nil port value, it indicates "all ports". Each slice may
* include a maximum of 100 ports.
*/
- ports?: pulumi.Input[]>
+ ports?: pulumi.Input[]>
}
export function isEndpointSlice(o: any): o is EndpointSlice {
- return o.apiVersion == "discovery.k8s.io/v1alpha1" && o.kind == "EndpointSlice";
+ return o.apiVersion == "discovery.k8s.io/v1beta1" && o.kind == "EndpointSlice";
}
/**
@@ -16671,7 +16781,7 @@ export namespace discovery {
/**
* List of endpoint slices
*/
- items: pulumi.Input[]>
+ items: pulumi.Input[]>
/**
* APIVersion defines the versioned schema of this representation of an object. Servers should
@@ -16679,7 +16789,7 @@ export namespace discovery {
* values. More info:
* https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
*/
- apiVersion?: pulumi.Input<"discovery.k8s.io/v1alpha1">
+ apiVersion?: pulumi.Input<"discovery.k8s.io/v1beta1">
/**
* Kind is a string value representing the REST resource this object represents. Servers may
@@ -16697,7 +16807,7 @@ export namespace discovery {
}
export function isEndpointSliceList(o: any): o is EndpointSliceList {
- return o.apiVersion == "discovery.k8s.io/v1alpha1" && o.kind == "EndpointSliceList";
+ return o.apiVersion == "discovery.k8s.io/v1beta1" && o.kind == "EndpointSliceList";
}
}
@@ -18660,29 +18770,34 @@ export namespace extensions {
}
-export namespace meta {
- export namespace v1 {
+export namespace flowcontrol {
+ export namespace v1alpha1 {
/**
- * APIGroup contains the name, the supported versions, and the preferred version of a group.
+ * FlowDistinguisherMethod specifies the method of a flow distinguisher.
*/
- export interface APIGroup {
+ export interface FlowDistinguisherMethod {
/**
- * name is the name of the group.
+ * `type` is the type of flow distinguisher method The supported types are "ByUser" and
+ * "ByNamespace". Required.
*/
- name: pulumi.Input
+ type: pulumi.Input
+
+ }
- /**
- * versions are the versions supported in this group.
- */
- versions: pulumi.Input[]>
+ /**
+ * FlowSchema defines the schema of a group of flows. Note that a flow is made up of a set of
+ * inbound API requests with similar attributes and is identified by a pair of strings: the name
+ * of the FlowSchema and a "flow distinguisher".
+ */
+ export interface FlowSchema {
/**
* APIVersion defines the versioned schema of this representation of an object. Servers should
* convert recognized schemas to the latest internal value, and may reject unrecognized
* values. More info:
* https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
*/
- apiVersion?: pulumi.Input
+ apiVersion?: pulumi.Input<"flowcontrol.apiserver.k8s.io/v1alpha1">
/**
* Kind is a string value representing the REST resource this object represents. Servers may
@@ -18690,39 +18805,62 @@ export namespace meta {
* CamelCase. More info:
* https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
*/
- kind?: pulumi.Input
+ kind?: pulumi.Input<"FlowSchema">
/**
- * preferredVersion is the version preferred by the API server, which probably is the storage
- * version.
+ * `metadata` is the standard object's metadata. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
*/
- preferredVersion?: pulumi.Input
+ metadata?: pulumi.Input
/**
- * a map of client CIDR to server address that is serving this group. This is to help clients
- * reach servers in the most network-efficient way possible. Clients can use the appropriate
- * server address as per the CIDR that they match. In case of multiple matches, clients should
- * use the longest matching CIDR. The server returns only those CIDRs that it thinks that the
- * client can match. For example: the master will return an internal IP CIDR only, if the
- * client reaches the server using an internal IP. Server looks at X-Forwarded-For header or
- * X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.
+ * `spec` is the specification of the desired behavior of a FlowSchema. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
*/
- serverAddressByClientCIDRs?: pulumi.Input[]>
+ spec?: pulumi.Input
}
- export function isAPIGroup(o: any): o is APIGroup {
- return o.apiVersion == "v1" && o.kind == "APIGroup";
+ export function isFlowSchema(o: any): o is FlowSchema {
+ return o.apiVersion == "flowcontrol.apiserver.k8s.io/v1alpha1" && o.kind == "FlowSchema";
}
/**
- * APIGroupList is a list of APIGroup, to allow clients to discover the API at /apis.
+ * FlowSchemaCondition describes conditions for a FlowSchema.
*/
- export interface APIGroupList {
+ export interface FlowSchemaCondition {
/**
- * groups is a list of APIGroup.
+ * `lastTransitionTime` is the last time the condition transitioned from one status to
+ * another.
*/
- groups: pulumi.Input[]>
+ lastTransitionTime?: pulumi.Input
+
+ /**
+ * `message` is a human-readable message indicating details about last transition.
+ */
+ message?: pulumi.Input
+
+ /**
+ * `reason` is a unique, one-word, CamelCase reason for the condition's last transition.
+ */
+ reason?: pulumi.Input
+
+ /**
+ * `type` is the type of the condition. Required.
+ */
+ type?: pulumi.Input
+
+ }
+
+
+ /**
+ * FlowSchemaList is a list of FlowSchema objects.
+ */
+ export interface FlowSchemaList {
+ /**
+ * `items` is a list of FlowSchemas.
+ */
+ items: pulumi.Input[]>
/**
* APIVersion defines the versioned schema of this representation of an object. Servers should
@@ -18730,7 +18868,7 @@ export namespace meta {
* values. More info:
* https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
*/
- apiVersion?: pulumi.Input
+ apiVersion?: pulumi.Input<"flowcontrol.apiserver.k8s.io/v1alpha1">
/**
* Kind is a string value representing the REST resource this object represents. Servers may
@@ -18738,103 +18876,203 @@ export namespace meta {
* CamelCase. More info:
* https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
*/
- kind?: pulumi.Input
+ kind?: pulumi.Input<"FlowSchemaList">
+
+ /**
+ * `metadata` is the standard list metadata. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ */
+ metadata?: pulumi.Input
}
- export function isAPIGroupList(o: any): o is APIGroupList {
- return o.apiVersion == "v1" && o.kind == "APIGroupList";
+ export function isFlowSchemaList(o: any): o is FlowSchemaList {
+ return o.apiVersion == "flowcontrol.apiserver.k8s.io/v1alpha1" && o.kind == "FlowSchemaList";
}
/**
- * APIResource specifies the name of a resource and whether it is namespaced.
+ * FlowSchemaSpec describes how the FlowSchema's specification looks like.
*/
- export interface APIResource {
+ export interface FlowSchemaSpec {
/**
- * kind is the kind for the resource (e.g. 'Foo' is the kind for a resource 'foo')
+ * `priorityLevelConfiguration` should reference a PriorityLevelConfiguration in the cluster.
+ * If the reference cannot be resolved, the FlowSchema will be ignored and marked as invalid
+ * in its status. Required.
*/
- kind: pulumi.Input
+ priorityLevelConfiguration: pulumi.Input
/**
- * name is the plural name of the resource.
+ * `distinguisherMethod` defines how to compute the flow distinguisher for requests that match
+ * this schema. `nil` specifies that the distinguisher is disabled and thus will always be the
+ * empty string.
*/
- name: pulumi.Input
+ distinguisherMethod?: pulumi.Input
/**
- * namespaced indicates if a resource is namespaced or not.
+ * `matchingPrecedence` is used to choose among the FlowSchemas that match a given request.
+ * The chosen FlowSchema is among those with the numerically lowest (which we take to be
+ * logically highest) MatchingPrecedence. Each MatchingPrecedence value must be non-negative.
+ * Note that if the precedence is not specified or zero, it will be set to 1000 as default.
*/
- namespaced: pulumi.Input
+ matchingPrecedence?: pulumi.Input
/**
- * singularName is the singular name of the resource. This allows clients to handle plural
- * and singular opaquely. The singularName is more correct for reporting status on a single
- * item and both singular and plural are allowed from the kubectl CLI interface.
+ * `rules` describes which requests will match this flow schema. This FlowSchema matches a
+ * request if and only if at least one member of rules matches the request. if it is an empty
+ * slice, there will be no requests matching the FlowSchema.
*/
- singularName: pulumi.Input
+ rules?: pulumi.Input[]>
+ }
+
+
+ /**
+ * FlowSchemaStatus represents the current state of a FlowSchema.
+ */
+ export interface FlowSchemaStatus {
/**
- * verbs is a list of supported kube verbs (this includes get, list, watch, create, update,
- * patch, delete, deletecollection, and proxy)
+ * `conditions` is a list of the current states of FlowSchema.
*/
- verbs: pulumi.Input[]>
+ conditions?: pulumi.Input[]>
+ }
+
+
+ /**
+ * GroupSubject holds detailed information for group-kind subject.
+ */
+ export interface GroupSubject {
/**
- * categories is a list of the grouped resources this resource belongs to (e.g. 'all')
+ * name is the user group that matches, or "*" to match all user groups. See
+ * https://github.com/kubernetes/apiserver/blob/master/pkg/authentication/user/user.go for
+ * some well-known group names. Required.
*/
- categories?: pulumi.Input[]>
+ name: pulumi.Input
+ }
+
+
+ /**
+ * LimitResponse defines how to handle requests that can not be executed right now.
+ */
+ export interface LimitResponse {
/**
- * group is the preferred group of the resource. Empty implies the group of the containing
- * resource list. For subresources, this may have a different value, for example: Scale".
+ * `type` is "Queue" or "Reject". "Queue" means that requests that can not be executed upon
+ * arrival are held in a queue until they can be executed or a queuing limit is reached.
+ * "Reject" means that requests that can not be executed upon arrival are rejected. Required.
*/
- group?: pulumi.Input
+ type: pulumi.Input
/**
- * shortNames is a list of suggested short names of the resource.
+ * `queuing` holds the configuration parameters for queuing. This field may be non-empty only
+ * if `type` is `"Queue"`.
*/
- shortNames?: pulumi.Input[]>
+ queuing?: pulumi.Input
+
+ }
+
+ /**
+ * LimitedPriorityLevelConfiguration specifies how to handle requests that are subject to
+ * limits. It addresses two issues:
+ * * How are requests for this priority level limited?
+ * * What should be done with requests that exceed the limit?
+ */
+ export interface LimitedPriorityLevelConfiguration {
/**
- * The hash value of the storage version, the version this resource is converted to when
- * written to the data store. Value must be treated as opaque by clients. Only equality
- * comparison on the value is valid. This is an alpha feature and may change or be removed in
- * the future. The field is populated by the apiserver only if the StorageVersionHash feature
- * gate is enabled. This field will remain optional even if it graduates.
+ * `assuredConcurrencyShares` (ACS) configures the execution limit, which is a limit on the
+ * number of requests of this priority level that may be exeucting at a given time. ACS must
+ * be a positive number. The server's concurrency limit (SCL) is divided among the
+ * concurrency-controlled priority levels in proportion to their assured concurrency shares.
+ * This produces the assured concurrency value (ACV) --- the number of requests that may be
+ * executing at a time --- for each such priority level:
+ *
+ * ACV(l) = ceil( SCL * ACS(l) / ( sum[priority levels k] ACS(k) ) )
+ *
+ * bigger numbers of ACS mean more reserved concurrent requests (at the expense of every other
+ * PL). This field has a default value of 30.
*/
- storageVersionHash?: pulumi.Input
+ assuredConcurrencyShares?: pulumi.Input
/**
- * version is the preferred version of the resource. Empty implies the version of the
- * containing resource list For subresources, this may have a different value, for example: v1
- * (while inside a v1beta1 version of the core resource's group)".
+ * `limitResponse` indicates what to do with requests that can not be executed right now
*/
- version?: pulumi.Input
+ limitResponse?: pulumi.Input
}
/**
- * APIResourceList is a list of APIResource, it is used to expose the name of the resources
- * supported in a specific group and version, and if the resource is namespaced.
+ * NonResourcePolicyRule is a predicate that matches non-resource requests according to their
+ * verb and the target non-resource URL. A NonResourcePolicyRule matches a request if and only
+ * if both (a) at least one member of verbs matches the request and (b) at least one member of
+ * nonResourceURLs matches the request.
*/
- export interface APIResourceList {
+ export interface NonResourcePolicyRule {
/**
- * groupVersion is the group and version this APIResourceList is for.
+ * `nonResourceURLs` is a set of url prefixes that a user should have access to and may not be
+ * empty. For example:
+ * - "/healthz" is legal
+ * - "/hea*" is illegal
+ * - "/hea" is legal but matches nothing
+ * - "/hea/*" also matches nothing
+ * - "/healthz/*" matches all per-component health checks.
+ * "*" matches all non-resource urls. if it is present, it must be the only entry. Required.
*/
- groupVersion: pulumi.Input
+ nonResourceURLs: pulumi.Input[]>
/**
- * resources contains the name of the resources and if they are namespaced.
+ * `verbs` is a list of matching verbs and may not be empty. "*" matches all verbs. If it is
+ * present, it must be the only entry. Required.
*/
- resources: pulumi.Input[]>
+ verbs: pulumi.Input[]>
+
+ }
+
+
+ /**
+ * PolicyRulesWithSubjects prescribes a test that applies to a request to an apiserver. The test
+ * considers the subject making the request, the verb being requested, and the resource to be
+ * acted upon. This PolicyRulesWithSubjects matches a request if and only if both (a) at least
+ * one member of subjects matches the request and (b) at least one member of resourceRules or
+ * nonResourceRules matches the request.
+ */
+ export interface PolicyRulesWithSubjects {
+ /**
+ * subjects is the list of normal user, serviceaccount, or group that this rule cares about.
+ * There must be at least one member in this slice. A slice that includes both the
+ * system:authenticated and system:unauthenticated user groups matches every request.
+ * Required.
+ */
+ subjects: pulumi.Input[]>
+
+ /**
+ * `nonResourceRules` is a list of NonResourcePolicyRules that identify matching requests
+ * according to their verb and the target non-resource URL.
+ */
+ nonResourceRules?: pulumi.Input[]>
+ /**
+ * `resourceRules` is a slice of ResourcePolicyRules that identify matching requests according
+ * to their verb and the target resource. At least one of `resourceRules` and
+ * `nonResourceRules` has to be non-empty.
+ */
+ resourceRules?: pulumi.Input[]>
+
+ }
+
+
+ /**
+ * PriorityLevelConfiguration represents the configuration of a priority level.
+ */
+ export interface PriorityLevelConfiguration {
/**
* APIVersion defines the versioned schema of this representation of an object. Servers should
* convert recognized schemas to the latest internal value, and may reject unrecognized
* values. More info:
* https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
*/
- apiVersion?: pulumi.Input
+ apiVersion?: pulumi.Input<"flowcontrol.apiserver.k8s.io/v1alpha1">
/**
* Kind is a string value representing the REST resource this object represents. Servers may
@@ -18842,83 +19080,70 @@ export namespace meta {
* CamelCase. More info:
* https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
*/
- kind?: pulumi.Input
+ kind?: pulumi.Input<"PriorityLevelConfiguration">
+
+ /**
+ * `metadata` is the standard object's metadata. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
+ */
+ metadata?: pulumi.Input
+
+ /**
+ * `spec` is the specification of the desired behavior of a "request-priority". More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#spec-and-status
+ */
+ spec?: pulumi.Input
}
- export function isAPIResourceList(o: any): o is APIResourceList {
- return o.apiVersion == "v1" && o.kind == "APIResourceList";
+ export function isPriorityLevelConfiguration(o: any): o is PriorityLevelConfiguration {
+ return o.apiVersion == "flowcontrol.apiserver.k8s.io/v1alpha1" && o.kind == "PriorityLevelConfiguration";
}
/**
- * APIVersions lists the versions that are available, to allow clients to discover the API at
- * /api, which is the root path of the legacy v1 API.
+ * PriorityLevelConfigurationCondition defines the condition of priority level.
*/
- export interface APIVersions {
+ export interface PriorityLevelConfigurationCondition {
/**
- * a map of client CIDR to server address that is serving this group. This is to help clients
- * reach servers in the most network-efficient way possible. Clients can use the appropriate
- * server address as per the CIDR that they match. In case of multiple matches, clients should
- * use the longest matching CIDR. The server returns only those CIDRs that it thinks that the
- * client can match. For example: the master will return an internal IP CIDR only, if the
- * client reaches the server using an internal IP. Server looks at X-Forwarded-For header or
- * X-Real-Ip header or request.RemoteAddr (in that order) to get the client IP.
+ * `lastTransitionTime` is the last time the condition transitioned from one status to
+ * another.
*/
- serverAddressByClientCIDRs: pulumi.Input[]>
+ lastTransitionTime?: pulumi.Input
/**
- * versions are the api versions that are available.
+ * `message` is a human-readable message indicating details about last transition.
*/
- versions: pulumi.Input[]>
+ message?: pulumi.Input
/**
- * APIVersion defines the versioned schema of this representation of an object. Servers should
- * convert recognized schemas to the latest internal value, and may reject unrecognized
- * values. More info:
- * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ * `reason` is a unique, one-word, CamelCase reason for the condition's last transition.
*/
- apiVersion?: pulumi.Input
+ reason?: pulumi.Input
/**
- * Kind is a string value representing the REST resource this object represents. Servers may
- * infer this from the endpoint the client submits requests to. Cannot be updated. In
- * CamelCase. More info:
- * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ * `type` is the type of the condition. Required.
*/
- kind?: pulumi.Input
+ type?: pulumi.Input
}
- export function isAPIVersions(o: any): o is APIVersions {
- return o.apiVersion == "v1" && o.kind == "APIVersions";
- }
/**
- * DeleteOptions may be provided when deleting an API object.
+ * PriorityLevelConfigurationList is a list of PriorityLevelConfiguration objects.
*/
- export interface DeleteOptions {
+ export interface PriorityLevelConfigurationList {
+ /**
+ * `items` is a list of request-priorities.
+ */
+ items: pulumi.Input[]>
+
/**
* APIVersion defines the versioned schema of this representation of an object. Servers should
* convert recognized schemas to the latest internal value, and may reject unrecognized
* values. More info:
* https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
*/
- apiVersion?: pulumi.Input
-
- /**
- * When present, indicates that modifications should not be persisted. An invalid or
- * unrecognized dryRun directive will result in an error response and no further processing of
- * the request. Valid values are: - All: all dry run stages will be processed
- */
- dryRun?: pulumi.Input[]>
-
- /**
- * The duration in seconds before the object should be deleted. Value must be non-negative
- * integer. The value zero indicates delete immediately. If this value is nil, the default
- * grace period for the specified type will be used. Defaults to a per object value if not
- * specified. zero means delete immediately.
- */
- gracePeriodSeconds?: pulumi.Input
+ apiVersion?: pulumi.Input<"flowcontrol.apiserver.k8s.io/v1alpha1">
/**
* Kind is a string value representing the REST resource this object represents. Servers may
@@ -18926,15 +19151,480 @@ export namespace meta {
* CamelCase. More info:
* https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
*/
- kind?: pulumi.Input
+ kind?: pulumi.Input<"PriorityLevelConfigurationList">
/**
- * Deprecated: please use the PropagationPolicy, this field will be deprecated in 1.7. Should
- * the dependent objects be orphaned. If true/false, the "orphan" finalizer will be added
- * to/removed from the object's finalizers list. Either this field or PropagationPolicy may be
- * set, but not both.
+ * `metadata` is the standard object's metadata. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#metadata
*/
- orphanDependents?: pulumi.Input
+ metadata?: pulumi.Input
+
+ }
+
+ export function isPriorityLevelConfigurationList(o: any): o is PriorityLevelConfigurationList {
+ return o.apiVersion == "flowcontrol.apiserver.k8s.io/v1alpha1" && o.kind == "PriorityLevelConfigurationList";
+ }
+
+ /**
+ * PriorityLevelConfigurationReference contains information that points to the
+ * "request-priority" being used.
+ */
+ export interface PriorityLevelConfigurationReference {
+ /**
+ * `name` is the name of the priority level configuration being referenced Required.
+ */
+ name: pulumi.Input
+
+ }
+
+
+ /**
+ * PriorityLevelConfigurationSpec specifies the configuration of a priority level.
+ */
+ export interface PriorityLevelConfigurationSpec {
+ /**
+ * `type` indicates whether this priority level is subject to limitation on request execution.
+ * A value of `"Exempt"` means that requests of this priority level are not subject to a limit
+ * (and thus are never queued) and do not detract from the capacity made available to other
+ * priority levels. A value of `"Limited"` means that (a) requests of this priority level
+ * _are_ subject to limits and (b) some of the server's limited capacity is made available
+ * exclusively to this priority level. Required.
+ */
+ type: pulumi.Input
+
+ /**
+ * `limited` specifies how requests are handled for a Limited priority level. This field must
+ * be non-empty if and only if `type` is `"Limited"`.
+ */
+ limited?: pulumi.Input
+
+ }
+
+
+ /**
+ * PriorityLevelConfigurationStatus represents the current state of a "request-priority".
+ */
+ export interface PriorityLevelConfigurationStatus {
+ /**
+ * `conditions` is the current state of "request-priority".
+ */
+ conditions?: pulumi.Input[]>
+
+ }
+
+
+ /**
+ * QueuingConfiguration holds the configuration parameters for queuing
+ */
+ export interface QueuingConfiguration {
+ /**
+ * `handSize` is a small positive number that configures the shuffle sharding of requests into
+ * queues. When enqueuing a request at this priority level the request's flow identifier (a
+ * string pair) is hashed and the hash value is used to shuffle the list of queues and deal a
+ * hand of the size specified here. The request is put into one of the shortest queues in
+ * that hand. `handSize` must be no larger than `queues`, and should be significantly smaller
+ * (so that a few heavy flows do not saturate most of the queues). See the user-facing
+ * documentation for more extensive guidance on setting this field. This field has a default
+ * value of 8.
+ */
+ handSize?: pulumi.Input
+
+ /**
+ * `queueLengthLimit` is the maximum number of requests allowed to be waiting in a given queue
+ * of this priority level at a time; excess requests are rejected. This value must be
+ * positive. If not specified, it will be defaulted to 50.
+ */
+ queueLengthLimit?: pulumi.Input
+
+ /**
+ * `queues` is the number of queues for this priority level. The queues exist independently at
+ * each apiserver. The value must be positive. Setting it to 1 effectively precludes
+ * shufflesharding and thus makes the distinguisher method of associated flow schemas
+ * irrelevant. This field has a default value of 64.
+ */
+ queues?: pulumi.Input
+
+ }
+
+
+ /**
+ * ResourcePolicyRule is a predicate that matches some resource requests, testing the request's
+ * verb and the target resource. A ResourcePolicyRule matches a resource request if and only if:
+ * (a) at least one member of verbs matches the request, (b) at least one member of apiGroups
+ * matches the request, (c) at least one member of resources matches the request, and (d) least
+ * one member of namespaces matches the request.
+ */
+ export interface ResourcePolicyRule {
+ /**
+ * `apiGroups` is a list of matching API groups and may not be empty. "*" matches all API
+ * groups and, if present, must be the only entry. Required.
+ */
+ apiGroups: pulumi.Input[]>
+
+ /**
+ * `resources` is a list of matching resources (i.e., lowercase and plural) with, if desired,
+ * subresource. For example, [ "services", "nodes/status" ]. This list may not be empty. "*"
+ * matches all resources and, if present, must be the only entry. Required.
+ */
+ resources: pulumi.Input[]>
+
+ /**
+ * `verbs` is a list of matching verbs and may not be empty. "*" matches all verbs and, if
+ * present, must be the only entry. Required.
+ */
+ verbs: pulumi.Input[]>
+
+ /**
+ * `clusterScope` indicates whether to match requests that do not specify a namespace (which
+ * happens either because the resource is not namespaced or the request targets all
+ * namespaces). If this field is omitted or false then the `namespaces` field must contain a
+ * non-empty list.
+ */
+ clusterScope?: pulumi.Input
+
+ /**
+ * `namespaces` is a list of target namespaces that restricts matches. A request that
+ * specifies a target namespace matches only if either (a) this list contains that target
+ * namespace or (b) this list contains "*". Note that "*" matches any specified namespace but
+ * does not match a request that _does not specify_ a namespace (see the `clusterScope` field
+ * for that). This list may be empty, but only if `clusterScope` is true.
+ */
+ namespaces?: pulumi.Input[]>
+
+ }
+
+
+ /**
+ * ServiceAccountSubject holds detailed information for service-account-kind subject.
+ */
+ export interface ServiceAccountSubject {
+ /**
+ * `name` is the name of matching ServiceAccount objects, or "*" to match regardless of name.
+ * Required.
+ */
+ name: pulumi.Input
+
+ /**
+ * `namespace` is the namespace of matching ServiceAccount objects. Required.
+ */
+ namespace: pulumi.Input
+
+ }
+
+
+ /**
+ * Subject matches the originator of a request, as identified by the request authentication
+ * system. There are three ways of matching an originator; by user, group, or service account.
+ */
+ export interface Subject {
+ /**
+ * Required
+ */
+ kind: pulumi.Input
+
+
+ group?: pulumi.Input
+
+
+ serviceAccount?: pulumi.Input
+
+
+ user?: pulumi.Input
+
+ }
+
+
+ /**
+ * UserSubject holds detailed information for user-kind subject.
+ */
+ export interface UserSubject {
+ /**
+ * `name` is the username that matches, or "*" to match all usernames. Required.
+ */
+ name: pulumi.Input
+
+ }
+
+
+ }
+
+}
+
+export namespace meta {
+ export namespace v1 {
+ /**
+ * APIGroup contains the name, the supported versions, and the preferred version of a group.
+ */
+ export interface APIGroup {
+ /**
+ * name is the name of the group.
+ */
+ name: pulumi.Input
+
+ /**
+ * versions are the versions supported in this group.
+ */
+ versions: pulumi.Input[]>
+
+ /**
+ * APIVersion defines the versioned schema of this representation of an object. Servers should
+ * convert recognized schemas to the latest internal value, and may reject unrecognized
+ * values. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources
+ */
+ apiVersion?: pulumi.Input
+
+ /**
+ * Kind is a string value representing the REST resource this object represents. Servers may
+ * infer this from the endpoint the client submits requests to. Cannot be updated. In
+ * CamelCase. More info:
+ * https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds
+ */
+ kind?: pulumi.Input
+
+ /**
+ * preferredVersion is the version preferred by the API server, which probably is the storage
+ * version.
+ */
+ preferredVersion?: pulumi.Input