KRM API constraints.gatekeeper.sh/v1beta1

constraints.gatekeeper.sh/v1beta1

GDCHRestrictedService

GDCHRestrictedService lets you restrict which service can be used on Distributed Cloud. When applied, the policy prevents the use of the APIs that it references.

Field	Description
`apiVersion` string	`constraints.gatekeeper.sh/v1beta1`
`kind` string	`GDCHRestrictedService`
`metadata` ObjectMeta	Refer to Kubernetes API documentation for fields of `metadata`.
`spec` GDCHRestrictedServiceSpec
`status` GDCHRestrictedServiceStatus

GDCHRestrictedServiceSpec

GDCHRestrictedServiceSpec defines the desired state for a GDCHRestrictedService.

Appears in: - GDCHRestrictedService

Field	Description
`match` Match	Refer to the dedicated page for fields of `match`.
`parameters` Parameters	The parameters of the policy.

Parameters

Parameters define the parameters of a GDCHRestrictedService.

Appears in: - GDCHRestrictedServiceSpec

Field	Description
`disabledOperations` string array	The API operations that are disabled by the GDCHRestrictedService policy. Supported values: `CREATE` and `UPDATE`.

GDCHRestrictedServiceStatus

GDCHRestrictedServiceStatus defines the observed state of the GDCHRestrictedService policy.

Appears in: - GDCHRestrictedService

Field	Description
`auditTimestamp` Timestamp	The last time an audit item was generated.
`enforced` boolean	Whether the policy is currently enforced or not.
`violations` Violation array	List of recent observed policy violations.

Violation

Violation represents an event where an attempted violation of the policy happened.

Appears in: - GDCHRestrictedServiceStatus

Field	Description
`enforcementAction` string	The enforcement action that was taken against this violation. This is often `deny`.
`message` string	The message that was given to the client who performed the action that triggered the violation.
`group` string	The API group to which the resource that triggered the violation belongs.
`version` string	The API version to which the resource that triggered the violation belongs.
`kind` string	The API kind of the resource that triggered the violation.
`name` string	The name of the resource that triggered the violation.