{
  "description": "VaultConnection is the Schema for the vaultconnections API",
  "properties": {
    "apiVersion": {
      "description": "APIVersion defines the versioned schema of this representation of an object.\nServers should convert recognized schemas to the latest internal value, and\nmay reject unrecognized values.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources",
      "type": "string"
    },
    "kind": {
      "description": "Kind is a string value representing the REST resource this object represents.\nServers may infer this from the endpoint the client submits requests to.\nCannot be updated.\nIn CamelCase.\nMore info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds",
      "type": "string"
    },
    "metadata": {
      "type": "object"
    },
    "spec": {
      "description": "VaultConnectionSpec defines the desired state of VaultConnection",
      "properties": {
        "address": {
          "description": "Address of the Vault server",
          "type": "string"
        },
        "caCertSecretRef": {
          "description": "CACertSecretRef is the name of a Kubernetes secret containing the trusted PEM encoded CA certificate chain as `ca.crt`.",
          "type": "string"
        },
        "headers": {
          "additionalProperties": {
            "type": "string"
          },
          "description": "Headers to be included in all Vault requests.",
          "type": "object"
        },
        "skipTLSVerify": {
          "default": false,
          "description": "SkipTLSVerify for TLS connections.",
          "type": "boolean"
        },
        "timeout": {
          "description": "Timeout applied to all Vault requests for this connection. If not set, the\ndefault timeout from the Vault API client config is used.",
          "pattern": "^([0-9]+(\\.[0-9]+)?(s|m|h))$",
          "type": "string"
        },
        "tlsServerName": {
          "description": "TLSServerName to use as the SNI host for TLS connections.",
          "type": "string"
        }
      },
      "required": [
        "address",
        "skipTLSVerify"
      ],
      "type": "object",
      "additionalProperties": false
    },
    "status": {
      "description": "VaultConnectionStatus defines the observed state of VaultConnection",
      "properties": {
        "valid": {
          "description": "Valid auth mechanism.",
          "type": "boolean"
        }
      },
      "required": [
        "valid"
      ],
      "type": "object",
      "additionalProperties": false
    }
  },
  "type": "object"
}