CouchbaseGroup Resource

      +

      CouchbaseGroup allows the automation of Couchbase group management.

      The following is an example resource, depicting the overall structure and any defaults (consult the field reference for valid values for "empty" values, such as empty strings etc.):

      apiVersion: v2
      kind: CouchbaseGroup
      metadata:
        name: ""
      spec:
        ldapGroupRef: ""
        roles:
        - bucket: ""
          buckets:
            resources:
            - kind: CouchbaseBucket
              name: ""
            selector:
              matchExpressions:
              - key: ""
                operator: ""
                values:
                - ""
              matchLabels:
          collections:
            resources:
            - kind: CouchbaseCollection
              name: ""
            selector:
              matchExpressions:
              - key: ""
                operator: ""
                values:
                - ""
              matchLabels:
          name: ""
          scopes:
            resources:
            - kind: CouchbaseScope
              name: ""
            selector:
              matchExpressions:
              - key: ""
                operator: ""
                values:
                - ""
              matchLabels:

      couchbasegroups.apiVersion

      Constraints

      Type: string

      Description

      APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources.

      couchbasegroups.kind

      Constraints

      Type: string

      Description

      Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds.

      couchbasegroups.metadata

      Constraints

      Required

      Type: object

      Description

      Standard object metadata as defined for all Kubernetes types.

      For additional details see the Kubernetes reference documentation.

      couchbasegroups.metadata.name

      Constraints

      Type: string

      Description

      The name of a resource. This must be unique for the kind of resource within the namespace.

      All resources must have a name. The name may be omitted and metadata.generateName used instead to generate a unique resource name.

      For additional details on resource names, see the Kubernetes reference documentation.

      couchbasegroups.metadata.namespace

      Constraints

      Type: string

      Description

      The namespace the resource resides in. All resources reside in a namespace.

      The namespace is optional and may be specified in YAML configuration to override the namespace supplied by kubectl.

      For additional details on namespaces, see the Kubernetes reference documentation.

      couchbasegroups.metadata.labels

      Constraints

      Type: map[string]string

      Description

      Labels allow resources to be labeled with key/value pairs of data. Labels are indexed and allow resources to be selected based upon specified labels.

      Labels are relevant for certain types when using label selection within your resources.

      For additional details on labels and selectors, see the Kubernetes reference documentation.

      couchbasegroups.metadata.annotations

      Constraints

      Type: map[string]string

      Description

      Annotations allow resources to be annotated with key/value pairs of data. Annotations are arbitrary, and not indexed, so cannot be used to select resources, however may be used to add context or accounting to your resources.

      For additional details on annotations, see the Kubernetes reference documentation.

      couchbasegroups.spec

      Constraints

      Required

      Type: object

      Description

      CouchbaseGroupSpec allows the specification of Couchbase group configuration.

      couchbasegroups.spec.ldapGroupRef

      Constraints

      Type: string

      Description

      LDAPGroupRef is a reference to an LDAP group.

      couchbasegroups.spec.roles

      Constraints

      Required

      Type: []object

      Description

      Roles is a list of roles that this group is granted.

      couchbasegroups.spec.roles.bucket

      Constraints

      Type: string

      Pattern (Regular Expression): \\*$|[a-zA-Z0-9-_%\.]+$

      Description

      Bucket name for bucket admin roles. When not specified for a role that can be scoped to a specific bucket, the role will apply to all buckets in the cluster. Deprecated: Couchbase Autonomous Operator 2.3.

      couchbasegroups.spec.roles.buckets

      Constraints

      Type: object

      Description

      Bucket level access to apply to specified role. The bucket must exist. When not specified, the bucket field will be checked. If both are empty and the role can be scoped to a specific bucket, the role will apply to all buckets in the cluster.

      couchbasegroups.spec.roles.buckets.resources

      Constraints

      Type: []object

      Description

      Resources is an explicit list of named bucket resources that will be considered for inclusion in this role. If a resource reference doesn’t match a resource, then no error conditions are raised due to undefined resource creation ordering and eventual consistency.

      couchbasegroups.spec.roles.buckets.resources.kind

      Constraints

      Type: string

      Default: CouchbaseBucket

      Enumerations: CouchbaseBucket

      Description

      Kind indicates the kind of resource that is being referenced. A Role can only reference CouchbaseBucket kind. This field defaults to CouchbaseBucket if not specified.

      couchbasegroups.spec.roles.buckets.resources.name

      Constraints

      Required

      Type: string

      Description

      Name is the name of the Kubernetes resource name that is being referenced.

      couchbasegroups.spec.roles.buckets.selector

      Constraints

      Type: object

      Description

      Selector allows resources to be implicitly considered for inclusion in this role. More info: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#labelselector-v1-meta.

      couchbasegroups.spec.roles.buckets.selector.matchExpressions

      Constraints

      Type: []object

      Description

      matchExpressions is a list of label selector requirements. The requirements are ANDed.

      couchbasegroups.spec.roles.buckets.selector.matchExpressions.key

      Constraints

      Required

      Type: string

      Description

      key is the label key that the selector applies to.

      couchbasegroups.spec.roles.buckets.selector.matchExpressions.operator

      Constraints

      Required

      Type: string

      Description

      operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

      couchbasegroups.spec.roles.buckets.selector.matchExpressions.values

      Constraints

      Type: []string

      Description

      values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

      couchbasegroups.spec.roles.buckets.selector.matchLabels

      Constraints

      Type: map[string]string

      Description

      matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

      couchbasegroups.spec.roles.collections

      Constraints

      Type: object

      Description

      Collection level access to apply to the specified role. The collection must exist. When not specified, the role is subject to scope or bucket level access.

      couchbasegroups.spec.roles.collections.resources

      Constraints

      Type: []object

      Description

      Resources is an explicit list of named resources that will be considered for inclusion in this collection or collections. If a resource reference doesn’t match a resource, then no error conditions are raised due to undefined resource creation ordering and eventual consistency.

      couchbasegroups.spec.roles.collections.resources.kind

      Constraints

      Type: string

      Default: CouchbaseCollection

      Enumerations: CouchbaseCollection, CouchbaseCollectionGroup

      Description

      Kind indicates the kind of resource that is being referenced. A scope can only reference CouchbaseCollection and CouchbaseCollectionGroup resource kinds. This field defaults to CouchbaseCollection if not specified.

      couchbasegroups.spec.roles.collections.resources.name

      Constraints

      Required

      Type: string

      Minimum Length: 1

      Maximum Length: 251

      Pattern (Regular Expression): ^[a-zA-Z0-9\-][a-zA-Z0-9\-%_]{0,250}$

      Description

      Name is the name of the Kubernetes resource name that is being referenced. Legal collection names have a maximum length of 251 characters and may be composed of any character from "a-z", "A-Z", "0-9" and "_-%".

      couchbasegroups.spec.roles.collections.selector

      Constraints

      Type: object

      Description

      Selector allows resources to be implicitly considered for inclusion in this collection or collections. More info: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#labelselector-v1-meta.

      couchbasegroups.spec.roles.collections.selector.matchExpressions

      Constraints

      Type: []object

      Description

      matchExpressions is a list of label selector requirements. The requirements are ANDed.

      couchbasegroups.spec.roles.collections.selector.matchExpressions.key

      Constraints

      Required

      Type: string

      Description

      key is the label key that the selector applies to.

      couchbasegroups.spec.roles.collections.selector.matchExpressions.operator

      Constraints

      Required

      Type: string

      Description

      operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

      couchbasegroups.spec.roles.collections.selector.matchExpressions.values

      Constraints

      Type: []string

      Description

      values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

      couchbasegroups.spec.roles.collections.selector.matchLabels

      Constraints

      Type: map[string]string

      Description

      matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

      couchbasegroups.spec.roles.name

      Constraints

      Required

      Type: string

      Enumerations: admin, analytics_admin, analytics_manager, analytics_reader, analytics_select, backup_admin, bucket_admin, bucket_full_access, cluster_admin, data_backup, data_dcp_reader, data_monitoring, data_reader, data_writer, eventing_admin, external_stats_reader, fts_admin, fts_searcher, mobile_sync_gateway, mobile_sync_gateway_application, mobile_sync_gateway_application_read_only, mobile_sync_gateway_architect, mobile_sync_gateway_dev_ops, mobile_sync_gateway_replicator, query_delete, query_execute_external_functions, query_execute_functions, query_execute_global_external_functions, query_execute_global_functions, query_external_access, query_insert, query_manage_external_functions, query_manage_functions, query_manage_global_external_functions, query_manage_global_functions, query_manage_index, query_select, query_system_catalog, query_update, replication_admin, replication_target, ro_admin, scope_admin, security_admin, security_admin_external, security_admin_local, views_admin, views_reader

      Description

      Name of role.

      couchbasegroups.spec.roles.scopes

      Constraints

      Type: object

      Description

      Scope level access to apply to specified role. The scope must exist. When not specified, the role will apply to selected bucket or all buckets in the cluster.

      couchbasegroups.spec.roles.scopes.resources

      Constraints

      Type: []object

      Description

      Resources is an explicit list of named resources that will be considered for inclusion in this scope or scopes. If a resource reference doesn’t match a resource, then no error conditions are raised due to undefined resource creation ordering and eventual consistency.

      couchbasegroups.spec.roles.scopes.resources.kind

      Constraints

      Type: string

      Default: CouchbaseScope

      Enumerations: CouchbaseScope, CouchbaseScopeGroup

      Description

      Kind indicates the kind of resource that is being referenced. A scope can only reference CouchbaseScope and CouchbaseScopeGroup resource kinds. This field defaults to CouchbaseScope if not specified.

      couchbasegroups.spec.roles.scopes.resources.name

      Constraints

      Required

      Type: string

      Minimum Length: 1

      Maximum Length: 251

      Pattern (Regular Expression): ^[a-zA-Z0-9\-][a-zA-Z0-9\-%_]{0,250}$

      Description

      Name is the name of the Kubernetes resource name that is being referenced. Legal scope names have a maximum length of 251 characters and may be composed of any character from "a-z", "A-Z", "0-9" and "_-%".

      couchbasegroups.spec.roles.scopes.selector

      Constraints

      Type: object

      Description

      Selector allows resources to be implicitly considered for inclusion in this scope or scopes. More info: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.28/#labelselector-v1-meta.

      couchbasegroups.spec.roles.scopes.selector.matchExpressions

      Constraints

      Type: []object

      Description

      matchExpressions is a list of label selector requirements. The requirements are ANDed.

      couchbasegroups.spec.roles.scopes.selector.matchExpressions.key

      Constraints

      Required

      Type: string

      Description

      key is the label key that the selector applies to.

      couchbasegroups.spec.roles.scopes.selector.matchExpressions.operator

      Constraints

      Required

      Type: string

      Description

      operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

      couchbasegroups.spec.roles.scopes.selector.matchExpressions.values

      Constraints

      Type: []string

      Description

      values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

      couchbasegroups.spec.roles.scopes.selector.matchLabels

      Constraints

      Type: map[string]string

      Description

      matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.