istio/src/requestauthentications.security.istio.io-crd.yaml - k8s-gerrit - Git at Google

 apiVersion: apiextensions.k8s.io/v1beta1
 kind: CustomResourceDefinition
 metadata:
   annotations:
     "helm.sh/resource-policy": keep
   labels:
     app: istio-pilot
     chart: istio
     heritage: Tiller
     istio: security
     release: istio
   name: requestauthentications.security.istio.io
 spec:
   group: security.istio.io
   names:
     categories:
     - istio-io
     - security-istio-io
     kind: RequestAuthentication
     listKind: RequestAuthenticationList
     plural: requestauthentications
     shortNames:
     - ra
     singular: requestauthentication
   preserveUnknownFields: false
   scope: Namespaced
   subresources:
     status: {}
   validation:
     openAPIV3Schema:
       properties:
         spec:
           description: RequestAuthentication defines what request authentication methods
             are supported by a workload.
           properties:
             jwtRules:
               description: Define the list of JWTs that can be validated at the selected
                 workloads' proxy.
               items:
                 properties:
                   audiences:
                     items:
                       format: string
                       type: string
                     type: array
                   forwardOriginalToken:
                     description: If set to true, the orginal token will be kept for
                       the ustream request.
                     type: boolean
                   fromHeaders:
                     description: List of header locations from which JWT is expected.
                     items:
                       properties:
                         name:
                           description: The HTTP header name.
                           format: string
                           type: string
                         prefix:
                           description: The prefix that should be stripped before decoding
                             the token.
                           format: string
                           type: string
                       type: object
                     type: array
                   fromParams:
                     description: List of query parameters from which JWT is expected.
                     items:
                       format: string
                       type: string
                     type: array
                   issuer:
                     description: Identifies the issuer that issued the JWT.
                     format: string
                     type: string
                   jwks:
                     description: JSON Web Key Set of public keys to validate signature
                       of the JWT.
                     format: string
                     type: string
                   jwks_uri:
                     format: string
                     type: string
                   jwksUri:
                     format: string
                     type: string
                   outputPayloadToHeader:
                     format: string
                     type: string
                 type: object
               type: array
             selector:
               description: The selector determines the workloads to apply the RequestAuthentication
                 on.
               properties:
                 matchLabels:
                   additionalProperties:
                     format: string
                     type: string
                   type: object
               type: object
           type: object
         status:
           type: object
           x-kubernetes-preserve-unknown-fields: true
       type: object
   versions:
   - name: v1beta1
     served: true
     storage: true
	apiVersion: apiextensions.k8s.io/v1beta1
	kind: CustomResourceDefinition
	metadata:
	annotations:
	"helm.sh/resource-policy": keep
	labels:
	app: istio-pilot
	chart: istio
	heritage: Tiller
	istio: security
	release: istio
	name: requestauthentications.security.istio.io
	spec:
	group: security.istio.io
	names:
	categories:
	- istio-io
	- security-istio-io
	kind: RequestAuthentication
	listKind: RequestAuthenticationList
	plural: requestauthentications
	shortNames:
	- ra
	singular: requestauthentication
	preserveUnknownFields: false
	scope: Namespaced
	subresources:
	status: {}
	validation:
	openAPIV3Schema:
	properties:
	spec:
	description: RequestAuthentication defines what request authentication methods
	are supported by a workload.
	properties:
	jwtRules:
	description: Define the list of JWTs that can be validated at the selected
	workloads' proxy.
	items:
	properties:
	audiences:
	items:
	format: string
	type: string
	type: array
	forwardOriginalToken:
	description: If set to true, the orginal token will be kept for
	the ustream request.
	type: boolean
	fromHeaders:
	description: List of header locations from which JWT is expected.
	items:
	properties:
	name:
	description: The HTTP header name.
	format: string
	type: string
	prefix:
	description: The prefix that should be stripped before decoding
	the token.
	format: string
	type: string
	type: object
	type: array
	fromParams:
	description: List of query parameters from which JWT is expected.
	items:
	format: string
	type: string
	type: array
	issuer:
	description: Identifies the issuer that issued the JWT.
	format: string
	type: string
	jwks:
	description: JSON Web Key Set of public keys to validate signature
	of the JWT.
	format: string
	type: string
	jwks_uri:
	format: string
	type: string
	jwksUri:
	format: string
	type: string
	outputPayloadToHeader:
	format: string
	type: string
	type: object
	type: array
	selector:
	description: The selector determines the workloads to apply the RequestAuthentication
	on.
	properties:
	matchLabels:
	additionalProperties:
	format: string
	type: string
	type: object
	type: object
	type: object
	status:
	type: object
	x-kubernetes-preserve-unknown-fields: true
	type: object
	versions:
	- name: v1beta1
	served: true
	storage: true