{ "$schema": "http://json-schema.org/draft-07/schema#", "properties": { "apiVersion": { "type": "string" }, "kind": { "type": "string" }, "metadata": { "type": "object" }, "spec": { "properties": { "allowedNamespaces": { "items": { "type": "string" }, "type": "array" }, "appRole": { "properties": { "roleId": { "type": "string" }, "secretIDPath": { "type": "string" }, "secretRef": { "type": "string" } }, "type": "object" }, "aws": { "properties": { "headerValue": { "type": "string" }, "iamEndpoint": { "type": "string" }, "irsaServiceAccount": { "type": "string" }, "region": { "type": "string" }, "role": { "type": "string" }, "secretRef": { "type": "string" }, "sessionName": { "type": "string" }, "stsEndpoint": { "type": "string" } }, "type": "object" }, "gcp": { "properties": { "clusterName": { "type": "string" }, "projectID": { "type": "string" }, "region": { "type": "string" }, "role": { "type": "string" }, "workloadIdentityServiceAccount": { "type": "string" } }, "type": "object" }, "headers": { "additionalProperties": { "type": "string" }, "type": "object" }, "jwt": { "properties": { "audiences": { "items": { "type": "string" }, "type": "array" }, "role": { "type": "string" }, "secretRef": { "type": "string" }, "serviceAccount": { "type": "string" }, "tokenExpirationSeconds": { "default": 600, "format": "int64", "minimum": 600, "type": "integer" } }, "type": "object" }, "kubernetes": { "properties": { "audiences": { "items": { "type": "string" }, "type": "array" }, "role": { "type": "string" }, "serviceAccount": { "type": "string" }, "tokenExpirationSeconds": { "default": 600, "format": "int64", "minimum": 600, "type": "integer" } }, "type": "object" }, "method": { "enum": [ "kubernetes", "jwt", "appRole", "aws", "gcp" ], "type": "string" }, "mount": { "type": "string" }, "namespace": { "type": "string" }, "params": { "additionalProperties": { "type": "string" }, "type": "object" }, "storageEncryption": { "properties": { "keyName": { "type": "string" }, "mount": { "type": "string" } }, "required": [ "keyName", "mount" ], "type": "object" }, "vaultAuthGlobalRef": { "properties": { "allowDefault": { "type": "boolean" }, "mergeStrategy": { "properties": { "headers": { "enum": [ "union", "replace", "none" ], "type": "string" }, "params": { "enum": [ "union", "replace", "none" ], "type": "string" } }, "type": "object" }, "name": { "pattern": "^([a-z0-9.-]{1,253})$", "type": "string" }, "namespace": { "pattern": "^([a-z0-9-]{1,63})$", "type": "string" } }, "type": "object" }, "vaultConnectionRef": { "type": "string" } }, "type": "object" }, "status": { "properties": { "conditions": { "items": { "properties": { "lastTransitionTime": { "format": "date-time", "type": "string" }, "message": { "maxLength": 32768, "type": "string" }, "observedGeneration": { "format": "int64", "minimum": 0, "type": "integer" }, "reason": { "maxLength": 1024, "minLength": 1, "pattern": "^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$", "type": "string" }, "status": { "enum": [ "True", "False", "Unknown" ], "type": "string" }, "type": { "maxLength": 316, "pattern": "^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$", "type": "string" } }, "required": [ "lastTransitionTime", "message", "reason", "status", "type" ], "type": "object" }, "type": "array" }, "error": { "type": "string" }, "specHash": { "type": "string" }, "valid": { "type": "boolean" } }, "type": "object" } }, "type": "object" }