This information is immutable after the request is created. Only the Request and Usages fields can be set on creation, other fields are derived by Kubernetes and cannot be modified by users.
This information is immutable after the request is created. Only the Request and Usages fields can be set on creation, other fields are derived by Kubernetes and cannot be modified by users.
- Value Params
- extra
Extra information about the requesting user. See user.Info interface for details.
- groups
Group information about the requesting user. See user.Info interface for details.
- request
Base64-encoded PKCS#10 CSR data
- signerName
Requested signer for the request. It is a qualified name in the form:
scope-hostname.io/name
. If empty, it will be defaulted:- If it's a kubelet client certificate, it is assigned "kubernetes.io/kube-apiserver-client-kubelet".
- If it's a kubelet serving certificate, it is assigned "kubernetes.io/kubelet-serving".
- Otherwise, it is assigned "kubernetes.io/legacy-unknown".
Distribution of trust for signers happens out of band. You can select on this field using
spec.signerName
.
- uid
UID information about the requesting user. See user.Info interface for details.
- usages
allowedUsages specifies a set of usage contexts the key will be valid for. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 Valid values are: "signing", "digital signature", "content commitment", "key encipherment", "key agreement", "data encipherment", "cert sign", "crl sign", "encipher only", "decipher only", "any", "server auth", "client auth", "code signing", "email protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec user", "timestamping", "ocsp signing", "microsoft sgc", "netscape sgc"
- username
Information about the requesting user. See user.Info interface for details.
- Companion
- object
Value members
Concrete methods
Extra information about the requesting user. See user.Info interface for details.
Extra information about the requesting user. See user.Info interface for details.
If the field is not present, fails with com.coralogix.zio.k8s.client.UndefinedField.
Group information about the requesting user. See user.Info interface for details.
Group information about the requesting user. See user.Info interface for details.
If the field is not present, fails with com.coralogix.zio.k8s.client.UndefinedField.
Base64-encoded PKCS#10 CSR data
Base64-encoded PKCS#10 CSR data
This effect always succeeds, it is safe to use the field request directly.
Requested signer for the request. It is a qualified name in the form: scope-hostname.io/name
. If empty, it will be defaulted:
Requested signer for the request. It is a qualified name in the form: scope-hostname.io/name
. If empty, it will be defaulted:
- If it's a kubelet client certificate, it is assigned "kubernetes.io/kube-apiserver-client-kubelet".
- If it's a kubelet serving certificate, it is assigned "kubernetes.io/kubelet-serving".
- Otherwise, it is assigned "kubernetes.io/legacy-unknown".
Distribution of trust for signers happens out of band. You can select on this field using
spec.signerName
.
If the field is not present, fails with com.coralogix.zio.k8s.client.UndefinedField.
UID information about the requesting user. See user.Info interface for details.
UID information about the requesting user. See user.Info interface for details.
If the field is not present, fails with com.coralogix.zio.k8s.client.UndefinedField.
allowedUsages specifies a set of usage contexts the key will be valid for. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 Valid values are: "signing", "digital signature", "content commitment", "key encipherment", "key agreement", "data encipherment", "cert sign", "crl sign", "encipher only", "decipher only", "any", "server auth", "client auth", "code signing", "email protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec user", "timestamping", "ocsp signing", "microsoft sgc", "netscape sgc"
allowedUsages specifies a set of usage contexts the key will be valid for. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3 https://tools.ietf.org/html/rfc5280#section-4.2.1.12 Valid values are: "signing", "digital signature", "content commitment", "key encipherment", "key agreement", "data encipherment", "cert sign", "crl sign", "encipher only", "decipher only", "any", "server auth", "client auth", "code signing", "email protection", "s/mime", "ipsec end system", "ipsec tunnel", "ipsec user", "timestamping", "ocsp signing", "microsoft sgc", "netscape sgc"
If the field is not present, fails with com.coralogix.zio.k8s.client.UndefinedField.
Information about the requesting user. See user.Info interface for details.
Information about the requesting user. See user.Info interface for details.
If the field is not present, fails with com.coralogix.zio.k8s.client.UndefinedField.