REST Resource: projects.locations.features

string

Output only. The full, unique name of this Feature resource in the format projects/*/locations/*/features/*.

map (key: string, value: string)

Labels for this Feature.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

object (FeatureResourceState)

Output only. State of the Feature resource itself.

object (CommonFeatureSpec)

Optional. Hub-wide Feature configuration. If this Feature does not support any Hub-wide configuration, this field may be unused.

map (key: string, value: object (MembershipFeatureSpec))

Optional. Membership-specific configuration for this Feature. If this Feature does not support any per-Membership configuration, this field may be unused.

The keys indicate which Membership the configuration is for, in the form:

projects/{p}/locations/{l}/memberships/{m}

Where {p} is the project, {l} is a valid location and {m} is a valid Membership in this project at that location. {p} WILL match the Feature's project.

{p} will always be returned as the project number, but the project ID is also accepted during input. If the same Membership is specified in the map twice (using the project ID form, and the project number form), exactly ONE of the entries will be saved, with no guarantees as to which. For this reason, it is recommended the same format be used for all entries when mutating a Feature.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

object (CommonFeatureState)

Output only. The Hub-wide Feature state.

map (key: string, value: object (MembershipFeatureState))

Output only. Membership-specific Feature status. If this Feature does report any per-Membership status, this field may be unused.

The keys indicate which Membership the state is for, in the form:

projects/{p}/locations/{l}/memberships/{m}

Where {p} is the project number, {l} is a valid location and {m} is a valid Membership in this project at that location. {p} MUST match the Feature's project number.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

string (Timestamp format)

Output only. When the Feature resource was created.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

string (Timestamp format)

Output only. When the Feature resource was last updated.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

string (Timestamp format)

Output only. When the Feature resource was deleted.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

object (CommonFleetDefaultMemberConfigSpec)

Optional. Feature configuration applicable to all memberships of the fleet.

map (key: string, value: object (ScopeFeatureSpec))

Optional. Scope-specific configuration for this Feature. If this Feature does not support any per-Scope configuration, this field may be unused.

The keys indicate which Scope the configuration is for, in the form:

projects/{p}/locations/global/scopes/{s}

Where {p} is the project, {s} is a valid Scope in this project. {p} WILL match the Feature's project.

{p} will always be returned as the project number, but the project ID is also accepted during input. If the same Scope is specified in the map twice (using the project ID form, and the project number form), exactly ONE of the entries will be saved, with no guarantees as to which. For this reason, it is recommended the same format be used for all entries when mutating a Feature.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

map (key: string, value: object (ScopeFeatureState))

Output only. Scope-specific Feature status. If this Feature does report any per-Scope status, this field may be unused.

The keys indicate which Scope the state is for, in the form:

projects/{p}/locations/global/scopes/{s}

Where {p} is the project, {s} is a valid Scope in this project. {p} WILL match the Feature's project.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

enum (FeatureResourceState.State)

The current state of the Feature resource in the Hub API.

object (FeatureSpec)

Multicluster Ingress-specific spec.

object (FeatureSpec)

Cloud Audit Logging-specific spec.

object (FeatureSpec)

Workload Certificate spec.

object (AppDevExperienceFeatureSpec)

Appdevexperience specific spec.

object (AnthosObservabilityFeatureSpec)

Anthos Observability spec

object (FeatureSpec)

FleetObservability feature spec.

object (FeatureSpec)

Namespace Actuation feature spec

object (FleetSpec)

ClusterUpgrade (fleet-based) feature spec.

object (FeatureSpec)

DataplaneV2 feature spec.

string

Fully-qualified Membership name which hosts the MultiClusterIngress CRD. Example: projects/foo-proj/locations/global/memberships/bar

enum (Billing)

Deprecated: This field will be ignored and should not be set. Customer's billing structure.

string

Service account that should be allowlisted to send the audit logs; eg cloudauditlogging@gcp-project.iam.gserviceaccount.com. These accounts must already exist, but do not need to have any permissions granted to them. The customer's entitlements will be checked prior to allowlisting (i.e. the customer must be an Anthos customer.)

enum (FeatureSpec.GoogleCAProvisioning)

Immutable. Specifies CA configuration.

object (MembershipSpec)

Specifies default membership spec. Users can override the default in the memberConfigs for each member.

enum (MembershipSpec.CertificateManagement)

Specifies workload certificate management.

object (AnthosObservabilityMembershipSpec)

Default membership spec for unconfigured memberships

boolean

Enable collecting and reporting metrics and logs from user apps.

boolean

Use full of metrics rather than optimized metrics. See https://cloud.google.com/anthos/clusters/docs/on-prem/1.8/concepts/logging-and-monitoring#optimized_metrics_default_metrics

string

the version of stackdriver operator used by this feature

object (LoggingConfig)

Specified if fleet logging feature is enabled for the entire fleet. If UNSPECIFIED, fleet logging feature is disabled for the entire fleet.

object (RoutingConfig)

Specified if applying the default routing config to logs not specified in other configs.

object (RoutingConfig)

Specified if applying the routing config to all logs for all fleet scopes.

enum (RoutingConfig.Mode)

mode configures the logs routing mode.

enum (FeatureSpec.ActuationMode)

actuationMode controls the behavior of the controller

string

This fleet consumes upgrades that have COMPLETE status code in the upstream fleets. See UpgradeStatus.Code for code definitions.

The fleet name should be either fleet project number or id.

This is defined as repeated for future proof reasons. Initial implementation will enforce at most one upstream fleet.

object (PostConditions)

Required. Post conditions to evaluate to mark an upgrade COMPLETE. Required.

object (GKEUpgradeOverride)

Allow users to override some properties of each GKE upgrade.

string (Duration format)

Required. Amount of time to "soak" after a rollout has been finished before marking it COMPLETE. Cannot exceed 30 days. Required.

A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s".

object (GKEUpgrade)

Required. Which upgrade to override. Required.

object (PostConditions)

Required. Post conditions to override for the specified upgrade (name + version). Required.

string

Name of the upgrade, e.g., "k8s_control_plane". It should be a valid upgrade name. It must not exceet 99 characters.

string

Version of the upgrade, e.g., "1.22.1-gke.100". It should be a valid version. It must not exceet 99 characters.

boolean

Enable dataplane-v2 based encryption for multiple clusters.

object (MembershipFeatureSpec.Origin)

Whether this per-Membership spec was inherited from a fleet-level default. This field can be updated by users by either overriding a Membership config (updated to USER implicitly) or setting to FLEET explicitly.

object (MembershipSpec)

Config Management-specific spec.

object (MembershipSpec)

Cloud Build-specific spec

object (MembershipSpec)

Identity Service-specific spec.

object (MembershipSpec)

Workload Certificate spec.

object (MembershipSpec)

Anthos Service Mesh-specific spec

object (AnthosObservabilityMembershipSpec)

Anthos Observability-specific spec

object (MembershipSpec)

Policy Controller spec.

object (MembershipSpec)

Fleet observability membership spec

object (MembershipSpec)

FNS Actuation membership spec

object (ConfigSync)

Config Sync configuration for the cluster.

object (PolicyController)

Policy Controller configuration for the cluster.

object (BinauthzConfig)

Binauthz conifguration for the cluster. Deprecated: This field will be ignored and should not be set.

object (HierarchyControllerConfig)

Hierarchy Controller configuration for the cluster.

string

Version of ACM installed.

string

The user-specified cluster name used by Config Sync cluster-name-selector annotation or ClusterSelector, for applying configs to only a subset of clusters. Omit this field if the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector. Set this field if a name different from the cluster's fleet membership name is used by Config Sync cluster-name-selector annotation or ClusterSelector.

object (GitConfig)

Git repo configuration for the cluster.

string

Specifies whether the Config Sync Repo is in "hierarchical" or "unstructured" mode.

boolean

Set to true to enable the Config Sync admission webhook to prevent drifts. If set to false, disables the Config Sync admission webhook and does not prevent drifts.

object (OciConfig)

OCI repo configuration for the cluster

boolean

Set to true to allow the vertical scaling. Defaults to false which disallows vertical scaling. This field is deprecated.

string

The Email of the Google Cloud Service Account (GSA) used for exporting Config Sync metrics to Cloud Monitoring and Cloud Monarch when Workload Identity is enabled. The GSA should have the Monitoring Metric Writer (roles/monitoring.metricWriter) IAM role. The Kubernetes ServiceAccount default in the namespace config-management-monitoring should be bound to the GSA.

boolean

Enables the installation of ConfigSync. If set to true, ConfigSync resources will be created and the other ConfigSync fields will be applied if exist. If set to false, all other ConfigSync fields will be ignored, ConfigSync resources will be deleted. If omitted, ConfigSync resources will be managed depends on the presence of the git or oci field.

string

The URL of the Git repository to use as the source of truth.

string

The branch of the repository to sync from. Default: master.

string

The path within the Git repository that represents the top level of the repo to sync. Default: the root directory of the repository.

string (int64 format)

Period in seconds between consecutive syncs. Default: 15.

string

Git revision (tag or hash) to check out. Default HEAD.

string

Type of secret configured for access to the Git repo. Must be one of ssh, cookiefile, gcenode, token, gcpserviceaccount or none. The validation of this is case-sensitive. Required.

string

URL for the HTTPS proxy to be used when communicating with the Git repo.

string

The Google Cloud Service Account Email used for auth when secretType is gcpServiceAccount.

string

The OCI image repository URL for the package to sync from. e.g. LOCATION-docker.pkg.dev/PROJECT_ID/REPOSITORY_NAME/PACKAGE_NAME.

string

The absolute path of the directory that contains the local resources. Default: the root directory of the image.

string (int64 format)

Period in seconds between consecutive syncs. Default: 15.

string

Type of secret configured for access to the Git repo.

string

The Google Cloud Service Account Email used for auth when secretType is gcpServiceAccount.

boolean

Enables the installation of Policy Controller. If false, the rest of PolicyController fields take no effect.

string

The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.

boolean

Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.

boolean

Logs all denies and dry run failures.

boolean

Enable or disable mutation in policy controller. If true, mutation CRDs, webhook and controller deployment will be deployed to the cluster.

object (PolicyControllerMonitoring)

Monitoring specifies the configuration of monitoring.

string (Timestamp format)

Output only. Last time this membership spec was updated.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

boolean

Installs the default template library along with Policy Controller.

string (int64 format)

Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.

enum (PolicyControllerMonitoring.MonitoringBackend)

Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.

boolean

Whether binauthz is enabled in this cluster.

boolean

Whether Hierarchy Controller is enabled in this cluster.

boolean

Whether pod tree labels are enabled in this cluster.

boolean

Whether hierarchical resource quota is enabled in this cluster.

string

Version of the cloud build software on the cluster.

enum (MembershipSpec.SecurityPolicy)

Whether it is allowed to run the privileged builds on the cluster or not.

object (MembershipSpec.AuthMethod)

A member may support multiple auth methods.

string

Identifier for auth config.

string

Proxy server address to use for auth method.

object (MembershipSpec.AuthMethod.OidcConfig)

OIDC specific configuration.

object (MembershipSpec.AuthMethod.AzureADConfig)

AzureAD specific Configuration.

object (MembershipSpec.AuthMethod.GoogleConfig)

GoogleConfig specific configuration.

string

ID for OIDC client application.

string

PEM-encoded CA for OIDC provider.

string

URI for the OIDC provider. This should point to the level below .well-known/openid-configuration.

string

Registered redirect uri to redirect users going through OAuth flow using kubectl plugin.

string

Comma-separated list of identifiers.

string

Comma-separated list of key-value pairs.

string

Claim in OIDC ID token that holds username.

string

Prefix to prepend to user name.

string

Claim in OIDC ID token that holds group information.

string

Prefix to prepend to group name.

boolean

Flag to denote if reverse proxy is used to connect to auth provider. This flag should be set to true when provider is not reachable by Google Cloud Console.

string

Input only. Unencrypted OIDC client secret will be passed to the GKE Hub CLH.

string (bytes format)

Output only. Encrypted OIDC Client secret

A base64-encoded string.

boolean

Enable access token.

string

ID for the registered client application that makes authentication requests to the Azure AD identity provider.

string

Kind of Azure AD account to be authenticated. Supported values are or for accounts belonging to a specific tenant.

string

The redirect URL that kubectl uses for authorization.

string

Input only. Unencrypted AzureAD client secret will be passed to the GKE Hub CLH.

string (bytes format)

Output only. Encrypted AzureAD client secret.

A base64-encoded string.

boolean

Disable automatic configuration of Google Plugin on supported platforms.

enum (MembershipSpec.ControlPlaneManagement)

Deprecated: use management instead Enables automatic control plane management.

enum (Channel)

Determines which release channel to use for default injection and service mesh APIs.

enum (MembershipSpec.Management)

Enables automatic Service Mesh management.

object (HubConfig)

Policy Controller configuration for the cluster.

string

Version of Policy Controller installed.

enum (HubConfig.InstallSpec)

The installSpec represents the intended state specified by the latest request that mutated installSpec in the feature spec, not the lifecycle state of the feature observed by the Hub feature controller that is reported in the feature state.

string

The set of namespaces that are excluded from Policy Controller checks. Namespaces do not need to currently exist on the cluster.

boolean

Enables the ability to use Constraint Templates that reference to objects other than the object currently being evaluated.

boolean

Logs all denies and dry run failures.

boolean

Enables the ability to mutate resources using Policy Controller.

map (key: string, value: object (PolicyControllerDeploymentConfig))

Map of deployment configs to deployments ("admission", "audit", "mutation').

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

string (int64 format)

Sets the interval for Policy Controller Audit Scans (in seconds). When set to 0, this disables audit functionality altogether.

object (MonitoringConfig)

Monitoring specifies the configuration of monitoring.

object (PolicyContentSpec)

Specifies the desired policy content on the cluster

string (int64 format)

The maximum number of audit violations to be stored in a constraint. If not set, the internal default (currently 20) will be used.

enum (MonitoringConfig.MonitoringBackend)

Specifies the list of backends Policy Controller will export to. An empty list would effectively disable metrics export.

map (key: string, value: object (BundleInstallSpec))

map of bundle name to BundleInstallSpec. The bundle name maps to the bundleName key in the policycontroller.gke.io/constraintData annotation on a constraint.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

object (TemplateLibraryConfig)

Configures the installation of the Template Library.

string

The set of namespaces to be exempted from the bundle.

enum (TemplateLibraryConfig.Installation)

Configures the manner in which the template library is installed on the cluster.

object (PolicyControllerDeploymentConfig.Toleration)

Pod tolerations of node taints.

enum (PolicyControllerDeploymentConfig.Affinity)

Pod affinity configuration.

string (int64 format)

Pod replica count.

object (ResourceRequirements)

Container resource requirements.

boolean

Pod anti-affinity enablement. Deprecated: use podAffinity instead.

object (ResourceList)

Limits describes the maximum amount of compute resources allowed for use by the running container.

object (ResourceList)

Requests describes the amount of compute resources reserved for the container by the kube-scheduler.

string

Memory requirement expressed in Kubernetes resource units.

string

CPU requirement expressed in Kubernetes resource units.

string

Matches a taint key (not necessarily unique).

string

Matches a taint operator.

string

Matches a taint value.

string

Matches a taint effect.

enum (MembershipFeatureSpec.Origin.Type)

Type specifies which type of origin is set.

object (FeatureState)

Output only. The "running state" of the Feature in this Hub.

object (FeatureState)

Service Mesh-specific state.

object (AppDevExperienceFeatureState)

Appdevexperience specific state.

object (FeatureState)

FleetObservability feature state.

object (FeatureState)

Namespace Actuation feature state.

object (FleetState)

ClusterUpgrade fleet-level state.

object (AnalysisMessage)

Output only. Results of running Service Mesh analyzers.

object (AnalysisMessageBase)

Details common to all types of Istio and ServiceMesh analysis messages.

string

A human readable description of what the error means. It is suitable for non-internationalize display purposes.

string

A list of strings specifying the resource identifiers that were the cause of message generation. A "path" here may be: * MEMBERSHIP_ID if the cause is a specific member cluster * MEMBERSHIP_ID/(NAMESPACE\/)?RESOURCETYPE/NAME if the cause is a resource in a cluster

object (Struct format)

A UI can combine these args with a template (based on messageBase.type) to produce an internationalized message.

object (AnalysisMessageBase.Type)

Represents the specific type of a message.

enum (AnalysisMessageBase.Level)

Represents how severe a message is.

string

A url pointing to the Service Mesh or Istio documentation for this specific error type.

string

A human-readable name for the message type. e.g. "InternalError", "PodMissingProxy". This should be the same for all messages of the same type. (This corresponds to the name field in open-source Istio.)

string

A 7 character code matching ^IST[0-9]{4}$ or ^ASM[0-9]{4}$, intended to uniquely identify the message type. (e.g. "IST0001" is mapped to the "InternalError" message type.)

object (FleetObservabilityLoggingState)

The feature state of default logging.

object (FleetObservabilityMonitoringState)

The feature state of fleet monitoring.

object (FleetObservabilityBaseFeatureState)

The base feature state of fleet default log.

object (FleetObservabilityBaseFeatureState)

The base feature state of fleet scope log.

enum (FleetObservabilityBaseFeatureState.Code)

The high-level, machine-readable status of this Feature.

object (FleetObservabilityBaseFeatureState.FeatureError)

Errors after reconciling the monitoring and logging feature if the code is not OK.

string

The code of the error.

string

A human-readable description of the current status.

object (FleetObservabilityBaseFeatureState)

The base feature state of fleet monitoring feature.

string

This fleets whose upstreamFleets contain the current fleet.

The fleet name should be either fleet project number or id.

map (key: string, value: object (IgnoredMembership))

A list of memberships ignored by the feature. For example, manually upgraded clusters can be ignored if they are newer than the default versions of its release channel. The membership resource is in the format: projects/{p}/locations/{l}/membership/{m}.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

object (GKEUpgradeFeatureState)

Feature state for GKE clusters.

string

Reason why the membership is ignored.

string (Timestamp format)

Time when the membership was first set to ignored.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

object (GKEUpgradeState)

Upgrade state. It will eventually replace state.

object (GKEUpgradeFeatureCondition)

Current conditions of the feature.

map (key: string, value: string (int64 format))

Number of GKE clusters in each status code.

An object containing a list of "key": value pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.

object (GKEUpgrade)

Which upgrade to track the state.

object (UpgradeStatus)

Status of the upgrade.

enum (UpgradeStatus.Code)

Status code of the upgrade.

string

Reason for this status.

string (Timestamp format)

Last timestamp the status was updated.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

string

Type of the condition, for example, "ready".

string

Status of the condition, one of True, False, Unknown.

string

Reason why the feature is in this status.

string (Timestamp format)

Last timestamp the condition was updated.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

enum (FeatureState.Code)

The high-level, machine-readable status of this Feature.

string

A human-readable description of the current status.

string (Timestamp format)

The time this status and any related Feature-specific details were updated.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

object (FeatureState)

The high-level state of this Feature for a single membership.

object (MembershipState)

Service Mesh-specific state.

object (MembershipState)

Metering-specific state.

object (MembershipState)

Config Management-specific state.

object (MembershipState)

Identity Service-specific state.

object (AppDevExperienceFeatureState)

Appdevexperience specific state.

object (MembershipState)

Policycontroller-specific state.

object (MembershipState)

ClusterUpgrade state.

object (MembershipState)

Fleet observability membership state.

object (MembershipState)

FNS Actuation membership state

object (AnalysisMessage)

Output only. Results of running Service Mesh analyzers.

object (MembershipState.ControlPlaneManagement)

Output only. Status of control plane management

object (MembershipState.DataPlaneManagement)

Output only. Status of data plane management.

string

The API version (i.e. Istio CRD version) for configuring service mesh in this cluster. This version is influenced by the defaultChannel field.

object (StatusDetails)

Explanation of state.

enum (MembershipState.LifecycleState)

LifecycleState of control plane management.

string

A machine-readable code that further describes a broad status.

string

Human-readable explanation of code.

enum (MembershipState.LifecycleState)

Lifecycle status of data plane management.

object (StatusDetails)

Explanation of the status.

string (Timestamp format)

The time stamp of the most recent measurement of the number of vCPUs in the cluster.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

number

The vCPUs capacity in the cluster according to the most recent measurement (1/1000 precision).

string

This field is set to the clusterName field of the Membership Spec if it is not empty. Otherwise, it is set to the cluster's fleet membership name.

object (MembershipSpec)

Membership configuration in the cluster. This represents the actual state in the cluster, while the MembershipSpec in the FeatureSpec represents the intended state

object (OperatorState)

Current install status of ACM's Operator

object (ConfigSyncState)

Current sync status

object (PolicyControllerState)

PolicyController status

object (BinauthzState)

Binauthz status

object (HierarchyControllerState)

Hierarchy Controller status

string

The semenatic version number of the operator

enum (DeploymentState)

The state of the Operator's deployment

object (InstallError)

Install errors.

string

A string representing the user facing error message

object (ConfigSyncVersion)

The version of ConfigSync deployed

object (ConfigSyncDeploymentState)

Information about the deployment of ConfigSync, including the version of the various Pods deployed

object (SyncState)

The state of ConfigSync's process to sync configs to a cluster

object (ConfigSyncError)

Errors pertaining to the installation of Config Sync.

string

Version of the deployed importer pod

string

Version of the deployed syncer pod

string

Version of the deployed git-sync pod

string

Version of the deployed monitor pod

string

Version of the deployed reconciler-manager pod

string

Version of the deployed reconciler container in root-reconciler pod

string

Version of the deployed admissionWebhook pod

enum (DeploymentState)

Deployment state of the importer pod

enum (DeploymentState)

Deployment state of the syncer pod

enum (DeploymentState)

Deployment state of the git-sync pod

enum (DeploymentState)

Deployment state of the monitor pod

enum (DeploymentState)

Deployment state of reconciler-manager pod

enum (DeploymentState)

Deployment state of root-reconciler

enum (DeploymentState)

Deployment state of admission-webhook

string

Token indicating the state of the repo.

string

Token indicating the state of the importer.

string

Token indicating the state of the syncer.

string

Deprecated: use lastSyncTime instead. Timestamp of when ACM last successfully synced the repo The time format is specified in https://golang.org/pkg/time/#Time.String

string (Timestamp format)

Timestamp type of when ACM last successfully synced the repo

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

enum (SyncState.SyncCode)

Sync status code

object (SyncError)

A list of errors resulting from problematic configs. This list will be truncated after 100 errors, although it is unlikely for that many errors to simultaneously exist.

string

An ACM defined error code

string

A description of the error

object (ErrorResource)

A list of config(s) associated with the error, if any

string

Path in the git repo of the erroneous config

string

Metadata name of the resource that is causing an error

string

Namespace of the resource that is causing an error

object (GroupVersionKind)

Group/version/kind of the resource that is causing an error

string

Kubernetes Group

string

Kubernetes Version

string

Kubernetes Kind

string

A string representing the user facing error message

object (PolicyControllerVersion)

The version of Gatekeeper Policy Controller deployed.

object (GatekeeperDeploymentState)

The state about the policy controller installation.

object (PolicyControllerMigration)

Record state of ACM -> PoCo Hub migration for this feature.

string

The gatekeeper image tag that is composed of ACM version, git tag, build number.

enum (DeploymentState)

Status of gatekeeper-controller-manager pod.

enum (DeploymentState)

Status of gatekeeper-audit deployment.

enum (DeploymentState)

Status of the pod serving the mutation webhook.

enum (PolicyControllerMigration.Stage)

Stage of the migration.

string (Timestamp format)

Last time this membership spec was copied to PoCo feature.

A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".

enum (DeploymentState)

The state of the binauthz webhook.

object (BinauthzVersion)

The version of binauthz that is installed.

string

The version of the binauthz webhook.

object (HierarchyControllerVersion)

The version for Hierarchy Controller

object (HierarchyControllerDeploymentState)

The deployment state for Hierarchy Controller

string

Version for open source HNC

string

Version for Hierarchy Controller extension

enum (DeploymentState)

The deployment state for open source HNC (e.g. v0.7.0-hc.0)

enum (DeploymentState)

The deployment state for Hierarchy Controller extension (e.g. v0.7.0-hc.1)

string

Installed AIS version. This is the AIS version installed on this member. The values makes sense iff state is OK.

enum (MembershipState.DeploymentState)

Deployment state on this member

string

The reason of the failure.

object (MembershipSpec)

Last reconciled membership configuration