@kubernetes-models/gke

import { IObjectMeta } from "@kubernetes-models/apimachinery/apis/meta/v1/ObjectMeta"; import { Model, ModelData } from "@kubernetes-models/base"; export interface IAccessContextManagerServicePerimeter { /** * apiVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#resources */ "apiVersion": "accesscontextmanager.cnrm.cloud.google.com/v1beta1"; /** * kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/api-conventions.md#types-kinds */ "kind": "AccessContextManagerServicePerimeter"; "metadata"?: IObjectMeta; "spec": { /** * The AccessContextManagerAccessPolicy this * AccessContextManagerServicePerimeter lives in. */ "accessPolicyRef": { /** * Allowed value: string of the format `accessPolicies/{{value}}`, where {{value}} is the `name` field of an `AccessContextManagerAccessPolicy` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } & (Exclude<{ /** * Allowed value: string of the format `accessPolicies/{{value}}`, where {{value}} is the `name` field of an `AccessContextManagerAccessPolicy` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name": string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }, { /** * Allowed value: string of the format `accessPolicies/{{value}}`, where {{value}} is the `name` field of an `AccessContextManagerAccessPolicy` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }> | Exclude<{ /** * Allowed value: string of the format `accessPolicies/{{value}}`, where {{value}} is the `name` field of an `AccessContextManagerAccessPolicy` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }, { /** * Allowed value: string of the format `accessPolicies/{{value}}`, where {{value}} is the `name` field of an `AccessContextManagerAccessPolicy` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } & ({ /** * Allowed value: string of the format `accessPolicies/{{value}}`, where {{value}} is the `name` field of an `AccessContextManagerAccessPolicy` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name": string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } | { /** * Allowed value: string of the format `accessPolicies/{{value}}`, where {{value}} is the `name` field of an `AccessContextManagerAccessPolicy` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace": string; })>); /** * Description of the ServicePerimeter and its use. Does not affect * behavior. */ "description"?: string; /** * Immutable. Specifies the type of the Perimeter. There are two types: regular and * bridge. Regular Service Perimeter contains resources, access levels, * and restricted services. Every resource can be in at most * ONE regular Service Perimeter. * * In addition to being in a regular service perimeter, a resource can also * be in zero or more perimeter bridges. A perimeter bridge only contains * resources. Cross project operations are permitted if all effected * resources share some perimeter (whether bridge or regular). Perimeter * Bridge does not contain access levels or services: those are governed * entirely by the regular perimeter that resource is in. * * Perimeter Bridges are typically useful when building more complex * topologies with many independent perimeters that need to share some data * with a common perimeter, but should not be able to share data among * themselves. Default value: "PERIMETER_TYPE_REGULAR" Possible values: ["PERIMETER_TYPE_REGULAR", "PERIMETER_TYPE_BRIDGE"]. */ "perimeterType"?: string; /** * Immutable. Optional. The name of the resource. Used for creation and acquisition. When unset, the value of `metadata.name` is used as the default. */ "resourceID"?: string; /** * Proposed (or dry run) ServicePerimeter configuration. * This configuration allows to specify and test ServicePerimeter configuration * without enforcing actual access restrictions. Only allowed to be set when * the 'useExplicitDryRunSpec' flag is set. */ "spec"?: { "accessLevels"?: Array<{ /** * Allowed value: string of the format `{{parent}}/accessLevels/{{value}}`, where {{value}} is the `name` field of an `AccessContextManagerAccessLevel` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } & (Exclude<{ /** * Allowed value: string of the format `{{parent}}/accessLevels/{{value}}`, where {{value}} is the `name` field of an `AccessContextManagerAccessLevel` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name": string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }, { /** * Allowed value: string of the format `{{parent}}/accessLevels/{{value}}`, where {{value}} is the `name` field of an `AccessContextManagerAccessLevel` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }> | Exclude<{ /** * Allowed value: string of the format `{{parent}}/accessLevels/{{value}}`, where {{value}} is the `name` field of an `AccessContextManagerAccessLevel` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }, { /** * Allowed value: string of the format `{{parent}}/accessLevels/{{value}}`, where {{value}} is the `name` field of an `AccessContextManagerAccessLevel` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } & ({ /** * Allowed value: string of the format `{{parent}}/accessLevels/{{value}}`, where {{value}} is the `name` field of an `AccessContextManagerAccessLevel` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name": string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } | { /** * Allowed value: string of the format `{{parent}}/accessLevels/{{value}}`, where {{value}} is the `name` field of an `AccessContextManagerAccessLevel` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace": string; })>)>; /** * List of EgressPolicies to apply to the perimeter. A perimeter may * have multiple EgressPolicies, each of which is evaluated separately. * Access is granted if any EgressPolicy grants it. Must be empty for * a perimeter bridge. */ "egressPolicies"?: Array<{ /** * Defines conditions on the source of a request causing this 'EgressPolicy' to apply. */ "egressFrom"?: { "identities"?: Array<{ "serviceAccountRef"?: { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } & (Exclude<{ /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name": string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }, { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }> | Exclude<{ /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }, { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } & ({ /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name": string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } | { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace": string; })>); "user"?: string; } & ({ "serviceAccountRef": { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } & (Exclude<{ /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name": string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }, { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }> | Exclude<{ /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }, { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } & ({ /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name": string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } | { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace": string; })>); "user"?: string; } | { "serviceAccountRef"?: { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } & (Exclude<{ /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name": string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }, { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }> | Exclude<{ /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }, { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } & ({ /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name": string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } | { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace": string; })>); "user": string; })>; /** * Specifies the type of identities that are allowed access to outside the * perimeter. If left unspecified, then members of 'identities' field will * be allowed access. Possible values: ["IDENTITY_TYPE_UNSPECIFIED", "ANY_IDENTITY", "ANY_USER_ACCOUNT", "ANY_SERVICE_ACCOUNT"]. */ "identityType"?: string; }; /** * Defines the conditions on the 'ApiOperation' and destination resources that * cause this 'EgressPolicy' to apply. */ "egressTo"?: { /** * A list of external resources that are allowed to be accessed. A request * matches if it contains an external resource in this list (Example: * s3://bucket/path). Currently '\*' is not allowed. */ "externalResources"?: Array<string>; /** * A list of 'ApiOperations' that this egress rule applies to. A request matches * if it contains an operation/service in this list. */ "operations"?: Array<{ /** * API methods or permissions to allow. Method or permission must belong * to the service specified by 'serviceName' field. A single MethodSelector * entry with '\*' specified for the 'method' field will allow all methods * AND permissions for the service specified in 'serviceName'. */ "methodSelectors"?: Array<{ /** * Value for 'method' should be a valid method name for the corresponding * 'serviceName' in 'ApiOperation'. If '\*' used as value for method, * then ALL methods and permissions are allowed. */ "method"?: string; /** * Value for permission should be a valid Cloud IAM permission for the * corresponding 'serviceName' in 'ApiOperation'. */ "permission"?: string; }>; /** * The name of the API whose methods or permissions the 'IngressPolicy' or * 'EgressPolicy' want to allow. A single 'ApiOperation' with serviceName * field set to '\*' will allow all methods AND permissions for all services. */ "serviceName"?: string; }>; "resources"?: Array<{ "projectRef"?: { /** * Allowed value: string of the format `projects/{{value}}`, where {{value}} is the `number` field of a `Project` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } & (Exclude<{ /** * Allowed value: string of the format `projects/{{value}}`, where {{value}} is the `number` field of a `Project` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name": string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }, { /** * Allowed value: string of the format `projects/{{value}}`, where {{value}} is the `number` field of a `Project` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }> | Exclude<{ /** * Allowed value: string of the format `projects/{{value}}`, where {{value}} is the `number` field of a `Project` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }, { /** * Allowed value: string of the format `projects/{{value}}`, where {{value}} is the `number` field of a `Project` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } & ({ /** * Allowed value: string of the format `projects/{{value}}`, where {{value}} is the `number` field of a `Project` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name": string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } | { /** * Allowed value: string of the format `projects/{{value}}`, where {{value}} is the `number` field of a `Project` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace": string; })>); }>; }; }>; /** * List of 'IngressPolicies' to apply to the perimeter. A perimeter may * have multiple 'IngressPolicies', each of which is evaluated * separately. Access is granted if any 'Ingress Policy' grants it. * Must be empty for a perimeter bridge. */ "ingressPolicies"?: Array<{ /** * Defines the conditions on the source of a request causing this 'IngressPolicy' * to apply. */ "ingressFrom"?: { "identities"?: Array<{ "serviceAccountRef"?: { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } & (Exclude<{ /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name": string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }, { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }> | Exclude<{ /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }, { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } & ({ /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name": string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } | { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace": string; })>); "user"?: string; } & ({ "serviceAccountRef": { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; } & (Exclude<{ /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external"?: string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name": string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }, { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }> | Exclude<{ /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }, { /** * Allowed value: string of the format `serviceAccount:{{value}}`, where {{value}} is the `email` field of an `IAMServiceAccount` resource. */ "external": string; /** * Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names */ "name"?: string; /** * Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/ */ "namespace"?: string; }