RecaptchaEnterpriseKey


Property Value
Google Cloud Service Name reCAPTCHA Enterprise
Google Cloud Service Documentation /recaptcha-enterprise/docs/
Google Cloud REST Resource Name v1.projects.keys
Google Cloud REST Resource Documentation /recaptcha-enterprise/docs/reference/rest/v1/projects.keys
Config Connector Resource Short Names gcprecaptchaenterprisekey
gcprecaptchaenterprisekeys
recaptchaenterprisekey
Config Connector Service Name recaptchaenterprise.googleapis.com
Config Connector Resource Fully Qualified Name recaptchaenterprisekeys.recaptchaenterprise.cnrm.cloud.google.com
Can Be Referenced by IAMPolicy/IAMPolicyMember No
Config Connector Default Average Reconcile Interval In Seconds 600

Custom Resource Definition Properties

Spec

Schema

androidSettings:
  allowAllPackageNames: boolean
  allowedPackageNames:
  - string
displayName: string
iosSettings:
  allowAllBundleIds: boolean
  allowedBundleIds:
  - string
projectRef:
  external: string
  name: string
  namespace: string
resourceID: string
testingOptions:
  testingChallenge: string
  testingScore: float
wafSettings:
  wafFeature: string
  wafService: string
webSettings:
  allowAllDomains: boolean
  allowAmpTraffic: boolean
  allowedDomains:
  - string
  challengeSecurityPreference: string
  integrationType: string
Fields

androidSettings

Optional

object

Settings for keys that can be used by Android apps.

androidSettings.allowAllPackageNames

Optional

boolean

If set to true, it means allowed_package_names will not be enforced.

androidSettings.allowedPackageNames

Optional

list (string)

Android package names of apps allowed to use the key. Example: 'com.companyname.appname'

androidSettings.allowedPackageNames[]

Optional

string

displayName

Required

string

Human-readable display name of this key. Modifiable by user.

iosSettings

Optional

object

Settings for keys that can be used by iOS apps.

iosSettings.allowAllBundleIds

Optional

boolean

If set to true, it means allowed_bundle_ids will not be enforced.

iosSettings.allowedBundleIds

Optional

list (string)

iOS bundle ids of apps allowed to use the key. Example: 'com.companyname.productname.appname'

iosSettings.allowedBundleIds[]

Optional

string

projectRef

Required

object

Immutable. The Project that this resource belongs to.

projectRef.external

Optional

string

The project for the resource Allowed value: The Google Cloud resource name of a `Project` resource (format: `projects/{{name}}`).

projectRef.name

Optional

string

Name of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names

projectRef.namespace

Optional

string

Namespace of the referent. More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/

resourceID

Optional

string

Immutable. Optional. The service-generated name of the resource. Used for acquisition only. Leave unset to create a new resource.

testingOptions

Optional

object

Immutable. Options for user acceptance testing.

testingOptions.testingChallenge

Optional

string

Immutable. For challenge-based keys only (CHECKBOX, INVISIBLE), all challenge requests for this site will return nocaptcha if NOCAPTCHA, or an unsolvable challenge if UNSOLVABLE_CHALLENGE. Possible values: TESTING_CHALLENGE_UNSPECIFIED, NOCAPTCHA, UNSOLVABLE_CHALLENGE

testingOptions.testingScore

Optional

float

Immutable. All assessments for this Key will return this score. Must be between 0 (likely not legitimate) and 1 (likely legitimate) inclusive.

wafSettings

Optional

object

Immutable. Settings specific to keys that can be used for WAF (Web Application Firewall).

wafSettings.wafFeature

Required*

string

Immutable. Supported WAF features. For more information, see https://cloud.google.com/recaptcha-enterprise/docs/usecase#comparison_of_features. Possible values: CHALLENGE_PAGE, SESSION_TOKEN, ACTION_TOKEN, EXPRESS

wafSettings.wafService

Required*

string

Immutable. The WAF service that uses this key. Possible values: CA, FASTLY

webSettings

Optional

object

Settings for keys that can be used by websites.

webSettings.allowAllDomains

Optional

boolean

If set to true, it means allowed_domains will not be enforced.

webSettings.allowAmpTraffic

Optional

boolean

If set to true, the key can be used on AMP (Accelerated Mobile Pages) websites. This is supported only for the SCORE integration type.

webSettings.allowedDomains

Optional

list (string)

Domains or subdomains of websites allowed to use the key. All subdomains of an allowed domain are automatically allowed. A valid domain requires a host and must not include any path, port, query or fragment. Examples: 'example.com' or 'subdomain.example.com'

webSettings.allowedDomains[]

Optional

string

webSettings.challengeSecurityPreference

Optional

string

Settings for the frequency and difficulty at which this key triggers captcha challenges. This should only be specified for IntegrationTypes CHECKBOX and INVISIBLE. Possible values: CHALLENGE_SECURITY_PREFERENCE_UNSPECIFIED, USABILITY, BALANCE, SECURITY

webSettings.integrationType

Required*

string

Immutable. Required. Describes how this key is integrated with the website. Possible values: SCORE, CHECKBOX, INVISIBLE

* Field is required when parent field is specified

Status

Schema

conditions:
- lastTransitionTime: string
  message: string
  reason: string
  status: string
  type: string
createTime: string
observedGeneration: integer
Fields
conditions

list (object)

Conditions represent the latest available observation of the resource's current state.

conditions[]

object

conditions[].lastTransitionTime

string

Last time the condition transitioned from one status to another.

conditions[].message

string

Human-readable message indicating details about last transition.

conditions[].reason

string

Unique, one-word, CamelCase reason for the condition's last transition.

conditions[].status

string

Status is the status of the condition. Can be True, False, Unknown.

conditions[].type

string

Type is the type of the condition.

createTime

string

The timestamp corresponding to the creation of this Key.

observedGeneration

integer

ObservedGeneration is the generation of the resource that was most recently observed by the Config Connector controller. If this is equal to metadata.generation, then that means that the current reported status reflects the most recent desired state of the resource.

Sample YAML(s)

Android Recaptcha Enterprise Key

# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: recaptchaenterprise.cnrm.cloud.google.com/v1beta1
kind: RecaptchaEnterpriseKey
metadata:
  name: recaptchaenterprisekey-sample-android
  labels:
    label-one: value-one
spec:
  projectRef:
     # Replace ${PROJECT_ID?} with your project ID
     external: "projects/${PROJECT_ID?}"
  displayName: display-name-one
  androidSettings:
    allowAllPackageNames: true
  testingOptions:
    testingScore: 0.8

Challenge Based Web Recaptcha Enterprise Key

# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: recaptchaenterprise.cnrm.cloud.google.com/v1beta1
kind: RecaptchaEnterpriseKey
metadata:
  name: recaptchaenterprisekey-sample-challengebasedweb
  labels:
    label-one: value-one
spec:
  projectRef:
     # Replace ${PROJECT_ID?} with your project ID
     external: "projects/${PROJECT_ID?}"
  displayName: display-name-one
  webSettings:
    allowAllDomains: true
    integrationType: CHECKBOX
    challengeSecurityPreference: USABILITY
  testingOptions:
    testingScore: 0.5
    testingChallenge: NOCAPTCHA

Ios Recaptcha Enterprise Key

# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: recaptchaenterprise.cnrm.cloud.google.com/v1beta1
kind: RecaptchaEnterpriseKey
metadata:
  name: recaptchaenterprisekey-sample-ios
  labels:
    label-one: value-one
spec:
  projectRef:
     # Replace ${PROJECT_ID?} with your project ID
     external: "projects/${PROJECT_ID?}"
  displayName: display-name-one
  iosSettings:
    allowAllBundleIds: true
  testingOptions: 
    testingScore: 1

Score Based Web Recaptcha Enterprise Key

# Copyright 2021 Google LLC
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

apiVersion: recaptchaenterprise.cnrm.cloud.google.com/v1beta1
kind: RecaptchaEnterpriseKey
metadata:
  name: recaptchaenterprisekey-sample-scorebasedweb
  labels:
    label-one: value-one
spec:
  projectRef:
     # Replace ${PROJECT_ID?} with your project ID
     external: "projects/${PROJECT_ID?}"
  displayName: display-name-one
  webSettings:
    allowAllDomains: true
    allowAmpTraffic: false
    integrationType: SCORE
  testingOptions:
    testingScore: 0.5