{ "description": "AzureKeyVaultSecret is a specification for a AzureKeyVaultSecret resource", "properties": { "apiVersion": { "description": "APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources", "type": "string" }, "kind": { "description": "Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds", "type": "string" }, "metadata": { "type": "object" }, "spec": { "description": "AzureKeyVaultSecretSpec is the spec for a AzureKeyVaultSecret resource", "properties": { "output": { "description": "AzureKeyVaultOutput defines output sources, supports Secret and Configmap", "properties": { "configMap": { "description": "AzureKeyVaultOutputConfigMap has information needed to output a secret from Azure Key Vault to Kubertnetes as a ConfigMap resource", "properties": { "dataKey": { "description": "The key to use in Kubernetes ConfigMap when setting the value from Azure Keyv Vault object data", "type": "string" }, "name": { "description": "Name for Kubernetes ConfigMap", "type": "string" } }, "required": [ "dataKey", "name" ], "type": "object", "additionalProperties": false }, "secret": { "description": "AzureKeyVaultOutputSecret has information needed to output a secret from Azure Key Vault to Kubertnetes as a Secret resource", "properties": { "chainOrder": { "description": "By setting chainOrder to ensureserverfirst the server certificate will be moved first in the chain", "enum": [ "ensureserverfirst" ], "type": "string" }, "dataKey": { "description": "The key to use in Kubernetes secret when setting the value from Azure Keyv Vault object data", "type": "string" }, "name": { "description": "Name for Kubernetes secret", "type": "string" }, "type": { "description": "Type of Secret in Kubernetes", "type": "string" } }, "required": [ "name" ], "type": "object", "additionalProperties": false }, "transform": { "items": { "type": "string" }, "type": "array" } }, "type": "object", "additionalProperties": false }, "vault": { "description": "AzureKeyVault contains information needed to get the Azure Key Vault secret from Azure Key Vault", "properties": { "azureIdentity": { "description": "AzureIdentity has information about the azure identity used for Azure Key Vault authentication", "properties": { "name": { "description": "Name of the azureIdentity to use for Azure Key Vault authentication", "type": "string" } }, "required": [ "name" ], "type": "object", "additionalProperties": false }, "name": { "description": "Name of the Azure Key Vault", "type": "string" }, "object": { "description": "AzureKeyVaultObject has information about the Azure Key Vault object to get from Azure Key Vault", "properties": { "contentType": { "description": "AzureKeyVaultObjectContentType defines what content type a secret contains, only used when type is multi-key-value-secret", "enum": [ "application/x-json", "application/x-yaml" ], "type": "string" }, "name": { "description": "The object name in Azure Key Vault", "type": "string" }, "type": { "description": "AzureKeyVaultObjectType defines which Object type to get from Azure Key Vault", "enum": [ "secret", "certificate", "key", "multi-key-value-secret" ], "type": "string" }, "version": { "description": "The object version in Azure Key Vault", "type": "string" } }, "required": [ "name", "type" ], "type": "object", "additionalProperties": false } }, "required": [ "name", "object" ], "type": "object", "additionalProperties": false } }, "required": [ "vault" ], "type": "object", "additionalProperties": false }, "status": { "description": "AzureKeyVaultSecretStatus is the status for a AzureKeyVaultSecret resource", "properties": { "configMapHash": { "type": "string" }, "configMapName": { "type": "string" }, "lastAzureUpdate": { "format": "date-time", "type": "string" }, "secretHash": { "type": "string" }, "secretName": { "type": "string" } }, "type": "object", "additionalProperties": false } }, "required": [ "spec" ], "type": "object" }