ceph.rook.io/v1/CephObjectStoreUser

string

.apiVersion

APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources

string

.kind

Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds

object required

.metadata

object required

.spec

ObjectStoreUserSpec represent the spec of an Objectstoreuser

object | null

.spec .capabilities

Additional admin-level capabilities for the Ceph object store user

string

.spec .capabilities .amz-cache

Add capabilities for user to send request to RGW Cache API header. Documented in https://docs.ceph.com/en/latest/radosgw/rgw-cache/#cache-api

string

.spec .capabilities .bilog

Add capabilities for user to change bucket index logging. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities

string

.spec .capabilities .bucket

Admin capabilities to read/write Ceph object store buckets. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities

string

.spec .capabilities .buckets

Admin capabilities to read/write Ceph object store buckets. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities

string

.spec .capabilities .datalog

Add capabilities for user to change data logging. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities

string

.spec .capabilities .info

Admin capabilities to read/write information about the user. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities

string

.spec .capabilities .mdlog

Add capabilities for user to change metadata logging. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities

string

.spec .capabilities .metadata

Admin capabilities to read/write Ceph object store metadata. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities

string

.spec .capabilities .oidc-provider

Add capabilities for user to change oidc provider. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities

string

.spec .capabilities .ratelimit

Add capabilities for user to set rate limiter for user and bucket. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities

string

.spec .capabilities .roles

Admin capabilities to read/write roles for user. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities

string

.spec .capabilities .usage

Admin capabilities to read/write Ceph object store usage. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities

string

.spec .capabilities .user

Admin capabilities to read/write Ceph object store users. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities

string

.spec .capabilities .user-policy

Add capabilities for user to change user policies. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities

string

.spec .capabilities .users

Admin capabilities to read/write Ceph object store users. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities

string

.spec .capabilities .zone

Admin capabilities to read/write Ceph object store zones. Documented in https://docs.ceph.com/en/latest/radosgw/admin/?#add-remove-admin-capabilities

string

.spec .clusterNamespace

The namespace where the parent CephCluster and CephObjectStore are found

string

.spec .displayName

The display name for the ceph users

array

.spec .keys

Allows specifying credentials for the user. If not provided, the operator will generate them.

object

.spec .keys[] .accessKeyRef

Secret key selector for the access_key (commonly referred to as AWS_ACCESS_KEY_ID).

string required

.spec .keys[] .accessKeyRef .key

The key of the secret to select from. Must be a valid secret key.

string

.spec .keys[] .accessKeyRef .name

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

boolean

.spec .keys[] .accessKeyRef .optional

Specify whether the Secret or its key must be defined

object

.spec .keys[] .secretKeyRef

Secret key selector for the secret_key (commonly referred to as AWS_SECRET_ACCESS_KEY).

string required

.spec .keys[] .secretKeyRef .key

The key of the secret to select from. Must be a valid secret key.

string

.spec .keys[] .secretKeyRef .name

Name of the referent. This field is effectively required, but due to backwards compatibility is allowed to be empty. Instances of this type with an empty value here are almost certainly wrong. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

boolean