SecurityPolicy
opensearchserverless.services.k8s.aws/v1alpha1
| Type | Link |
|---|---|
| GoDoc | opensearchserverless-controller/apis/v1alpha1#SecurityPolicy |
Metadata
| Property | Value |
|---|---|
| Scope | Namespaced |
| Kind | SecurityPolicy |
| ListKind | SecurityPolicyList |
| Plural | securitypolicies |
| Singular | securitypolicy |
Spec
description: string
name: string
policy: string
type: string
| Field | Description |
|---|---|
| description Optional | string A description of the policy. Typically used to store information about the permissions defined in the policy. |
| name Required | string The name of the policy. Regex Pattern: ^[a-z][a-z0-9-]+$ |
| policy Required | string The JSON policy document to use as the content for the new policy. Regex Pattern: [\u0009\u000A\u000D\u0020-\u007E\u00A1-\u00FF]+ |
| type Required | string The type of security policy. |
Status
ackResourceMetadata:
arn: string
ownerAccountID: string
region: string
conditions:
- lastTransitionTime: string
message: string
reason: string
status: string
type: string
createdDate: integer
lastModifiedDate: integer
policyVersion: string
| Field | Description |
|---|---|
| ackResourceMetadata Optional | object All CRs managed by ACK have a common Status.ACKResourceMetadata memberthat is used to contain resource sync state, account ownership, constructed ARN for the resource |
| ackResourceMetadata.arn Optional | string ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an “adopted” resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR’s Spec field values. https://github.com/aws/aws-controllers-k8s/issues/270 |
| ackResourceMetadata.ownerAccountID Required | string OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource. |
| ackResourceMetadata.region Required | string Region is the AWS region in which the resource exists or will exist. |
| conditions Optional | array All CRs managed by ACK have a common Status.Conditions member thatcontains a collection of ackv1alpha1.Condition objects that describethe various terminal states of the CR and its backend AWS service API resource |
| conditions.[] Required | object Condition is the common struct used by all CRDs managed by ACK service |
| controllers to indicate terminal states of the CR and its backend AWS | |
| service API resource | |
| conditions.[].message Optional | string A human readable message indicating details about the transition. |
| conditions.[].reason Optional | string The reason for the condition’s last transition. |
| conditions.[].status Optional | string Status of the condition, one of True, False, Unknown. |
| conditions.[].type Optional | string Type is the type of the Condition |
| createdDate Optional | integer The date the policy was created. |
| lastModifiedDate Optional | integer The timestamp of when the policy was last modified. |
| policyVersion Optional | string The version of the policy. Regex Pattern: `^([0-9a-zA-Z+/]{4})*(([0-9a-zA-Z+/]{2}==) |