apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: controller-gen.kubebuilder.io/version: v0.13.0 name: meshtrafficpermissions.kuma.io spec: group: kuma.io names: categories: - kuma kind: MeshTrafficPermission listKind: MeshTrafficPermissionList plural: meshtrafficpermissions singular: meshtrafficpermission scope: Namespaced versions:
- additionalPrinterColumns:
- jsonPath: .spec.targetRef.kind name: TargetRef Kind type: string
- jsonPath: .spec.targetRef.name
name: TargetRef Name
type: string
name: v1alpha1
schema:
openAPIV3Schema:
properties:
apiVersion:
description: ‘APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources’
type: string
kind:
description: ‘Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds’
type: string
metadata:
type: object
spec:
description: Spec is the specification of the Kuma MeshTrafficPermission
resource.
properties:
from:
description: From list makes a match between clients and corresponding
configurations
items:
properties:
default:
description: Default is a configuration specific to the group
of clients referenced in ‘targetRef’
properties:
action:
description: ‘Action defines a behavior for the specified
group of clients:’
enum:
- Allow
- Deny
- AllowWithShadowDeny
type: string
type: object
targetRef:
description: TargetRef is a reference to the resource that represents
a group of clients.
properties:
kind:
description: Kind of the referenced resource
enum:
- Mesh
- MeshSubset
- MeshGateway
- MeshService
- MeshServiceSubset
- MeshHTTPRoute
type: string
mesh:
description: Mesh is reserved for future use to identify
cross mesh resources.
type: string
name:
description: ‘Name of the referenced resource. Can only
be used with kinds:
MeshService
,MeshServiceSubset
andMeshGatewayRoute
’ type: string tags: additionalProperties: type: string description: Tags used to select a subset of proxies by tags. Can only be used with kindsMeshSubset
andMeshServiceSubset
type: object type: object required: - targetRef type: object type: array targetRef: description: TargetRef is a reference to the resource the policy takes an effect on. The resource could be either a real store object or virtual resource defined inplace. properties: kind: description: Kind of the referenced resource enum: - Mesh - MeshSubset - MeshGateway - MeshService - MeshServiceSubset - MeshHTTPRoute type: string mesh: description: Mesh is reserved for future use to identify cross mesh resources. type: string name: description: ‘Name of the referenced resource. Can only be used with kinds:MeshService
,MeshServiceSubset
andMeshGatewayRoute
’ type: string tags: additionalProperties: type: string description: Tags used to select a subset of proxies by tags. Can only be used with kindsMeshSubset
andMeshServiceSubset
type: object type: object required: - targetRef type: object type: object served: true storage: true subresources: {}