{ "description": "User is a MySQL user", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "properties": { "aadUser": { "description": "AADUser contains details for creating an AAD user.", "properties": { "alias": { "description": "Alias is the short name associated with the user. This is required if the AzureName is longer than 32 characters.\nNote that Alias denotes the name used to manage the SQL user in MySQL, NOT the name used to log in to the SQL server.\nWhen logging in to the SQL server and prompted to provider the username, supply the AzureName.", "maxLength": 32, "type": "string" }, "serverAdminUsername": { "description": "ServerAdminUsername is the username of the Server administrator. If your server admin was configured with\nAzure Service Operator, this should match the value of the Administrator's $.spec.login field. If the\nadministrator is a group, the ServerAdminUsername should be the group name, not the actual username of the\nidentity to log in with. For example if the administrator group is \"admin-group\" and identity \"my-identity\" is\na member of that group, the ServerAdminUsername should be \"admin-group\"", "type": "string" } }, "required": [ "serverAdminUsername" ], "type": "object", "additionalProperties": false }, "azureName": { "description": "AzureName: The name of the resource in Azure. This is often the same as the name of the resource in Kubernetes but it\ndoesn't have to be.\nIf not specified, the default is the name of the Kubernetes object.\nWhen creating a local user, this will be the name of the user created.\nWhen creating an AAD user, this must have a specific format depending on the type of AAD user being created.\nFor managed identity: \"my-managed-identity-name\"\nFor standard AAD user: \"myuser@mydomain.onmicrosoft.com\"\nFor AAD group: \"my-group\"", "type": "string" }, "databasePrivileges": { "additionalProperties": { "items": { "type": "string" }, "type": "array" }, "description": "The database-level roles assigned to the user (keyed by\ndatabase name). Privileges include the following: SELECT,\nINSERT, UPDATE, DELETE, CREATE, DROP, REFERENCES, INDEX,\nALTER, CREATE TEMPORARY TABLES, LOCK TABLES, EXECUTE, CREATE\nVIEW, SHOW VIEW, CREATE ROUTINE, ALTER ROUTINE, EVENT, TRIGGER", "type": "object" }, "hostname": { "description": "Hostname is the host the user will connect from. If omitted, the default is to allow connection from any hostname.", "type": "string" }, "localUser": { "description": "LocalUser contains details for creating a standard (non-aad) MySQL User", "properties": { "password": { "description": "Password is the password to use for the user", "properties": { "key": { "description": "Key is the key in the Kubernetes secret being referenced", "type": "string" }, "name": { "description": "Name is the name of the Kubernetes secret being referenced.\nThe secret must be in the same namespace as the resource", "type": "string" } }, "required": [ "key", "name" ], "type": "object", "additionalProperties": false }, "serverAdminPassword": { "description": "ServerAdminPassword is a reference to a secret containing the servers administrator password.\nIf specified, the operator uses the ServerAdminUsername and ServerAdminPassword to log into the server\nas a local administrator.\nIf NOT specified, the operator uses its identity to log into the server. The operator can only successfully\nlog into the server if its identity is the administrator of the server or if its identity is a member of a\ngroup which is the administrator of the server. If the\nadministrator is a group, the ServerAdminUsername should be the group name, not the actual username of the\nidentity to log in with. For example if the administrator group is \"admin-group\" and identity \"my-identity\" is\na member of that group, the ServerAdminUsername should be \"admin-group\"", "properties": { "key": { "description": "Key is the key in the Kubernetes secret being referenced", "type": "string" }, "name": { "description": "Name is the name of the Kubernetes secret being referenced.\nThe secret must be in the same namespace as the resource", "type": "string" } }, "required": [ "key", "name" ], "type": "object", "additionalProperties": false }, "serverAdminUsername": { "description": "ServerAdminUsername is the username of the Server administrator. If the\nadministrator is a group, the ServerAdminUsername should be the group name, not the actual username of the\nidentity to log in with. For example if the administrator group is \"admin-group\" and identity \"my-identity\" is\na member of that group, the ServerAdminUsername should be \"admin-group\".", "type": "string" } }, "required": [ "password", "serverAdminUsername" ], "type": "object", "additionalProperties": false }, "owner": { "description": "Owner: The owner of the resource. The owner controls where the resource goes when it is deployed. The owner also\ncontrols the resources lifecycle. When the owner is deleted the resource will also be deleted. Owner is expected to be a\nreference to a dbformysql.azure.com/FlexibleServer resource", "properties": { "name": { "description": "This is the name of the Kubernetes resource to reference.", "type": "string" } }, "required": [ "name" ], "type": "object", "additionalProperties": false }, "privileges": { "description": "The server-level roles assigned to the user.\nPrivileges include the following: RELOAD, PROCESS, SHOW\nDATABASES, REPLICATION SLAVE, REPLICATION CLIENT, CREATE USER", "items": { "type": "string" }, "type": "array" } }, "required": [ "owner" ], "type": "object", "additionalProperties": false }, "status": { "properties": { "conditions": { "description": "Conditions: The observed state of the resource", "items": { "description": "Condition defines an extension to status (an observation) of a resource", "properties": { "lastTransitionTime": { "description": "LastTransitionTime is the last time the condition transitioned from one status to another.", "format": "date-time", "type": "string" }, "message": { "description": "Message is a human readable message indicating details about the transition. This field may be empty.", "type": "string" }, "observedGeneration": { "description": "ObservedGeneration is the .metadata.generation that the condition was set based upon. For instance, if\n.metadata.generation is currently 12, but the .status.condition[x].observedGeneration is 9, the condition is out of date\nwith respect to the current state of the instance.", "format": "int64", "type": "integer" }, "reason": { "description": "Reason for the condition's last transition.\nReasons are upper CamelCase (PascalCase) with no spaces. A reason is always provided, this field will not be empty.", "type": "string" }, "severity": { "description": "Severity with which to treat failures of this type of condition.\nFor conditions which have positive polarity (Status == True is their normal/healthy state), this will be omitted when Status == True\nFor conditions which have negative polarity (Status == False is their normal/healthy state), this will be omitted when Status == False.\nThis is omitted in all cases when Status == Unknown", "type": "string" }, "status": { "description": "Status of the condition, one of True, False, or Unknown.", "type": "string" }, "type": { "description": "Type of condition.", "type": "string" } }, "required": [ "lastTransitionTime", "reason", "status", "type" ], "type": "object", "additionalProperties": false }, "type": "array" } }, "type": "object", "additionalProperties": false } }, "type": "object" }