Creates a new workload identity
Creates a new workload identity
Path Parameters
Workspace to use
Query Parameters
Set to 'All' to perform a server-side dry run of creating this resource
Set an explicit owner for this resource
- application/json
Request Body required
The specification for the workload identity you are creating
property name*stringproperty name*stringproperty name*string
metadata
ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.
annotations object
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
labels object
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
managedFields undefined[]
ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object.
ownerReferences undefined[]
List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
spec
WorkloadIdentitySpec defines the specification of a workload identity which should be provisioned
cloudAccessConfigRef required
CloudAccessConfigRef defines which cloud access configuration to use to build this workload identity in
cluster required
Cluster is a reference to the cluster which this workload identity will be used in.
clusterServiceAccount
ClusterServiceAccount represents the identity inside the cluster that will use the workload identity
providerDetails
ProviderDetails provides additional fields which can be used for cloud-provider specific data needed to provision a workload identity
aws
AWS holds parameters specific to AWS workload identities. Present only if type is AWS.
azure
Azure holds parameters specific to Azure workload identity. Present only if type is Azure.
roleParameters object
RoleParameters are any parameters required for the specified role
status
WorkloadIdentityStatus defines the status of a cloud account
conditions undefined[]
lastReconcile
lastSuccess
obsoleteResources undefined[]
Responses
- 200
- 400
- 401
- 403
- 500
Contains the workload identity definition
- application/json
- Schema
- Example (from schema)
Schema
property name*stringproperty name*stringproperty name*string
metadata
ObjectMeta is metadata that all persisted resources must have, which includes all objects users must create.
annotations object
Annotations is an unstructured key value map stored with a resource that may be set by external tools to store and retrieve arbitrary metadata. They are not queryable and should be preserved when modifying objects. More info: http://kubernetes.io/docs/user-guide/annotations
labels object
Map of string keys and values that can be used to organize and categorize (scope and select) objects. May match selectors of replication controllers and services. More info: http://kubernetes.io/docs/user-guide/labels
managedFields undefined[]
ManagedFields maps workflow-id and version to the set of fields that are managed by that workflow. This is mostly for internal housekeeping, and users typically shouldn't need to set or understand this field. A workflow can be the user's name, a controller's name, or the name of a specific apply path like "ci-cd". The set of fields is always in the version that the workflow used when modifying the object.
ownerReferences undefined[]
List of objects depended by this object. If ALL objects in the list have been deleted, this object will be garbage collected. If this object is managed by a controller, then an entry in this list will point to this controller, with the controller field set to true. There cannot be more than one managing controller.
spec
WorkloadIdentitySpec defines the specification of a workload identity which should be provisioned
cloudAccessConfigRef
CloudAccessConfigRef defines which cloud access configuration to use to build this workload identity in
cluster
Cluster is a reference to the cluster which this workload identity will be used in.
clusterServiceAccount
ClusterServiceAccount represents the identity inside the cluster that will use the workload identity
providerDetails
ProviderDetails provides additional fields which can be used for cloud-provider specific data needed to provision a workload identity
aws
AWS holds parameters specific to AWS workload identities. Present only if type is AWS.
azure
Azure holds parameters specific to Azure workload identity. Present only if type is Azure.
roleParameters object
RoleParameters are any parameters required for the specified role
status
WorkloadIdentityStatus defines the status of a cloud account
conditions undefined[]
lastReconcile
lastSuccess
obsoleteResources undefined[]
{
"apiVersion": "string",
"kind": "string",
"metadata": {
"annotations": {},
"clusterName": "string",
"creationTimestamp": "string",
"deletionGracePeriodSeconds": 0,
"deletionTimestamp": "string",
"finalizers": [
"string"
],
"generateName": "string",
"generation": 0,
"labels": {},
"managedFields": [
{
"apiVersion": "string",
"fieldsType": "string",
"fieldsV1": "string",
"manager": "string",
"operation": "string",
"subresource": "string",
"time": "string"
}
],
"name": "string",
"namespace": "string",
"ownerReferences": [
{
"apiVersion": "string",
"blockOwnerDeletion": true,
"controller": true,
"kind": "string",
"name": "string",
"uid": "string"
}
],
"resourceVersion": "string",
"selfLink": "string",
"uid": "string"
},
"spec": {
"cloud": "string",
"cloudAccessConfigRef": {
"name": "string",
"namespace": "string"
},
"cloudResourceName": "string",
"cluster": {
"group": "string",
"kind": "string",
"name": "string",
"namespace": "string",
"version": "string"
},
"clusterServiceAccount": {
"name": "string",
"namespace": "string"
},
"identityOnly": true,
"providerDetails": {
"aws": {
"customIAMPolicy": {},
"iamPolicies": [
"string"
]
},
"azure": {
"podSelector": "string"
},
"type": "string"
},
"role": "string",
"roleParameters": {}
},
"status": {
"cloudResourcesCreated": true,
"conditions": [
{
"detail": "string",
"lastTransitionTime": "string",
"message": "string",
"name": "string",
"negativePolarity": true,
"observedGeneration": 0,
"reason": "string",
"status": "string",
"type": "string"
}
],
"detail": "string",
"identity": "string",
"lastReconcile": {
"generation": 0,
"time": "string"
},
"lastSuccess": {
"generation": 0,
"time": "string"
},
"message": "string",
"obsoleteResources": [
{
"kind": "string",
"name": "string"
}
],
"status": "string",
"wayfinderVersion": "string"
}
}
Validation error of supplied parameters/body
- application/json
- Schema
- Example (from schema)
Schema
fieldErrors undefined[]
{
"code": 0,
"fieldErrors": [
{
"errCode": "string",
"field": "string",
"message": "string"
}
],
"message": "string"
}
If not authenticated
If authenticated but not authorized
A generic API error containing the cause of the error
- application/json
- Schema
- Example (from schema)
Schema
{
"code": 0,
"detail": "string",
"message": "string",
"uri": "string",
"verb": "string"
}