CouchbaseGroup Resource

    +

    CouchbaseGroup allows the automation of Couchbase group management.

    The following is an example resource, depicting the overall structure and any defaults (consult the field reference for valid values for "empty" values, such as empty strings etc.):

    apiVersion: v2
    kind: CouchbaseGroup
    metadata:
      name: ""
    spec:
      ldapGroupRef: ""
      roles:
      - bucket: ""
        buckets:
          resources:
          - kind: CouchbaseBucket
            name: ""
          selector:
            matchExpressions:
            - key: ""
              operator: ""
              values:
              - ""
            matchLabels:
        collections:
          resources:
          - kind: CouchbaseCollection
            name: ""
          selector:
            matchExpressions:
            - key: ""
              operator: ""
              values:
              - ""
            matchLabels:
        name: ""
        scopes:
          resources:
          - kind: CouchbaseScope
            name: ""
          selector:
            matchExpressions:
            - key: ""
              operator: ""
              values:
              - ""
            matchLabels:

    couchbasegroups.apiVersion

    Constraints

    Type: string

    Description

    APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources.

    couchbasegroups.kind

    Constraints

    Type: string

    Description

    Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds.

    couchbasegroups.metadata

    Constraints

    Required

    Type: object

    Description

    Standard object metadata as defined for all Kubernetes types.

    For additional details see the Kubernetes reference documentation.

    couchbasegroups.metadata.name

    Constraints

    Type: string

    Description

    The name of a resource. This must be unique for the kind of resource within the namespace.

    All resources must have a name. The name may be omitted and metadata.generateName used instead to generate a unique resource name.

    For additional details on resource names, see the Kubernetes reference documentation.

    couchbasegroups.metadata.namespace

    Constraints

    Type: string

    Description

    The namespace the resource resides in. All resources reside in a namespace.

    The namespace is optional and may be specified in YAML configuration to override the namespace supplied by kubectl.

    For additional details on namespaces, see the Kubernetes reference documentation.

    couchbasegroups.metadata.labels

    Constraints

    Type: map[string]string

    Description

    Labels allow resources to be labeled with key/value pairs of data. Labels are indexed and allow resources to be selected based upon specified labels.

    Labels are relevant for certain types when using label selection within your resources.

    For additional details on labels and selectors, see the Kubernetes reference documentation.

    couchbasegroups.metadata.annotations

    Constraints

    Type: map[string]string

    Description

    Annotations allow resources to be annotated with key/value pairs of data. Annotations are arbitrary, and not indexed, so cannot be used to select resources, however may be used to add context or accounting to your resources.

    For additional details on annotations, see the Kubernetes reference documentation.

    couchbasegroups.spec

    Constraints

    Required

    Type: object

    Description

    CouchbaseGroupSpec allows the specification of Couchbase group configuration.

    couchbasegroups.spec.ldapGroupRef

    Constraints

    Type: string

    Description

    LDAPGroupRef is a reference to an LDAP group.

    couchbasegroups.spec.roles

    Constraints

    Required

    Type: []object

    Description

    Roles is a list of roles that this group is granted.

    couchbasegroups.spec.roles.bucket

    Constraints

    Type: string

    Pattern (Regular Expression): \\*$|[a-zA-Z0-9-_%\.]+$

    Description

    Bucket name for bucket admin roles. When not specified for a role that can be scoped to a specific bucket, the role will apply to all buckets in the cluster. Deprecated: Couchbase Autonomous Operator 2.3.

    couchbasegroups.spec.roles.buckets

    Constraints

    Type: object

    Description

    Bucket level access to apply to specified role. The bucket must exist. When not specified, the bucket field will be checked. If both are empty and the role can be scoped to a specific bucket, the role will apply to all buckets in the cluster.

    couchbasegroups.spec.roles.buckets.resources

    Constraints

    Type: []object

    Description

    Resources is an explicit list of named bucket resources that will be considered for inclusion in this role. If a resource reference doesn’t match a resource, then no error conditions are raised due to undefined resource creation ordering and eventual consistency.

    couchbasegroups.spec.roles.buckets.resources.kind

    Constraints

    Type: string

    Default: CouchbaseBucket

    Enumerations: CouchbaseBucket

    Description

    Kind indicates the kind of resource that is being referenced. A Role can only reference CouchbaseBucket kind. This field defaults to CouchbaseBucket if not specified.

    couchbasegroups.spec.roles.buckets.resources.name

    Constraints

    Required

    Type: string

    Description

    Name is the name of the Kubernetes resource name that is being referenced.

    couchbasegroups.spec.roles.buckets.selector

    Constraints

    Type: object

    Description

    Selector allows resources to be implicitly considered for inclusion in this role. More info: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#labelselector-v1-meta.

    couchbasegroups.spec.roles.buckets.selector.matchExpressions

    Constraints

    Type: []object

    Description

    matchExpressions is a list of label selector requirements. The requirements are ANDed.

    couchbasegroups.spec.roles.buckets.selector.matchExpressions.key

    Constraints

    Required

    Type: string

    Description

    key is the label key that the selector applies to.

    couchbasegroups.spec.roles.buckets.selector.matchExpressions.operator

    Constraints

    Required

    Type: string

    Description

    operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

    couchbasegroups.spec.roles.buckets.selector.matchExpressions.values

    Constraints

    Type: []string

    Description

    values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

    couchbasegroups.spec.roles.buckets.selector.matchLabels

    Constraints

    Type: map[string]string

    Description

    matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

    couchbasegroups.spec.roles.collections

    Constraints

    Type: object

    Description

    Collection level access to apply to the specified role. The collection must exist. When not specified, the role is subject to scope or bucket level access.

    couchbasegroups.spec.roles.collections.resources

    Constraints

    Type: []object

    Description

    Resources is an explicit list of named resources that will be considered for inclusion in this collection or collections. If a resource reference doesn’t match a resource, then no error conditions are raised due to undefined resource creation ordering and eventual consistency.

    couchbasegroups.spec.roles.collections.resources.kind

    Constraints

    Type: string

    Default: CouchbaseCollection

    Enumerations: CouchbaseCollection, CouchbaseCollectionGroup

    Description

    Kind indicates the kind of resource that is being referenced. A scope can only reference CouchbaseCollection and CouchbaseCollectionGroup resource kinds. This field defaults to CouchbaseCollection if not specified.

    couchbasegroups.spec.roles.collections.resources.name

    Constraints

    Required

    Type: string

    Minimum Length: 1

    Maximum Length: 251

    Pattern (Regular Expression): ^[a-zA-Z0-9\-][a-zA-Z0-9\-%_]\{0,250}$

    Description

    Name is the name of the Kubernetes resource name that is being referenced. Legal collection names have a maximum length of 251 characters and may be composed of any character from "a-z", "A-Z", "0-9" and "_-%".

    couchbasegroups.spec.roles.collections.selector

    Constraints

    Type: object

    Description

    Selector allows resources to be implicitly considered for inclusion in this collection or collections. More info: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#labelselector-v1-meta.

    couchbasegroups.spec.roles.collections.selector.matchExpressions

    Constraints

    Type: []object

    Description

    matchExpressions is a list of label selector requirements. The requirements are ANDed.

    couchbasegroups.spec.roles.collections.selector.matchExpressions.key

    Constraints

    Required

    Type: string

    Description

    key is the label key that the selector applies to.

    couchbasegroups.spec.roles.collections.selector.matchExpressions.operator

    Constraints

    Required

    Type: string

    Description

    operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

    couchbasegroups.spec.roles.collections.selector.matchExpressions.values

    Constraints

    Type: []string

    Description

    values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

    couchbasegroups.spec.roles.collections.selector.matchLabels

    Constraints

    Type: map[string]string

    Description

    matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.

    couchbasegroups.spec.roles.name

    Constraints

    Required

    Type: string

    Enumerations: admin, cluster_admin, security_admin, ro_admin, replication_admin, query_external_access, query_system_catalog, analytics_reader, bucket_admin, views_admin, fts_admin, bucket_full_access, data_reader, data_writer, data_dcp_reader, data_backup, data_monitoring, replication_target, analytics_manager, views_reader, fts_searcher, query_select, query_update, query_insert, query_delete, query_manage_index, mobile_sync_gateway

    Description

    Name of role.

    couchbasegroups.spec.roles.scopes

    Constraints

    Type: object

    Description

    Scope level access to apply to specified role. The scope must exist. When not specified, the role will apply to selected bucket or all buckets in the cluster.

    couchbasegroups.spec.roles.scopes.resources

    Constraints

    Type: []object

    Description

    Resources is an explicit list of named resources that will be considered for inclusion in this scope or scopes. If a resource reference doesn’t match a resource, then no error conditions are raised due to undefined resource creation ordering and eventual consistency.

    couchbasegroups.spec.roles.scopes.resources.kind

    Constraints

    Type: string

    Default: CouchbaseScope

    Enumerations: CouchbaseScope, CouchbaseScopeGroup

    Description

    Kind indicates the kind of resource that is being referenced. A scope can only reference CouchbaseScope and CouchbaseScopeGroup resource kinds. This field defaults to CouchbaseScope if not specified.

    couchbasegroups.spec.roles.scopes.resources.name

    Constraints

    Required

    Type: string

    Minimum Length: 1

    Maximum Length: 251

    Pattern (Regular Expression): ^[a-zA-Z0-9\-][a-zA-Z0-9\-%_]\{0,250}$

    Description

    Name is the name of the Kubernetes resource name that is being referenced. Legal scope names have a maximum length of 251 characters and may be composed of any character from "a-z", "A-Z", "0-9" and "_-%".

    couchbasegroups.spec.roles.scopes.selector

    Constraints

    Type: object

    Description

    Selector allows resources to be implicitly considered for inclusion in this scope or scopes. More info: https://kubernetes.io/docs/reference/generated/kubernetes-api/v1.21/#labelselector-v1-meta.

    couchbasegroups.spec.roles.scopes.selector.matchExpressions

    Constraints

    Type: []object

    Description

    matchExpressions is a list of label selector requirements. The requirements are ANDed.

    couchbasegroups.spec.roles.scopes.selector.matchExpressions.key

    Constraints

    Required

    Type: string

    Description

    key is the label key that the selector applies to.

    couchbasegroups.spec.roles.scopes.selector.matchExpressions.operator

    Constraints

    Required

    Type: string

    Description

    operator represents a key’s relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist.

    couchbasegroups.spec.roles.scopes.selector.matchExpressions.values

    Constraints

    Type: []string

    Description

    values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch.

    couchbasegroups.spec.roles.scopes.selector.matchLabels

    Constraints

    Type: map[string]string

    Description

    matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed.