pub struct ClusterTrustBundle {
pub metadata: ObjectMeta,
pub spec: ClusterTrustBundleSpec,
}
Expand description
ClusterTrustBundle is a cluster-scoped container for X.509 trust anchors (root certificates).
ClusterTrustBundle objects are considered to be readable by any authenticated user in the cluster, because they can be mounted by pods using the clusterTrustBundle
projection. All service accounts have read access to ClusterTrustBundles by default. Users who only have namespace-level access to a cluster can read ClusterTrustBundles by impersonating a serviceaccount that they have access to.
It can be optionally associated with a particular assigner, in which case it contains one valid set of trust anchors for that signer. Signers may have multiple associated ClusterTrustBundles; each is an independent set of trust anchors for that signer. Admission control is used to enforce that only users with permissions on the signer can create or modify the corresponding bundle.
Fields§
§metadata: ObjectMeta
metadata contains the object metadata.
spec: ClusterTrustBundleSpec
spec contains the signer (if any) and trust anchors.
Trait Implementations§
Source§impl Clone for ClusterTrustBundle
impl Clone for ClusterTrustBundle
Source§fn clone(&self) -> ClusterTrustBundle
fn clone(&self) -> ClusterTrustBundle
1.0.0 · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
source
. Read moreSource§impl Debug for ClusterTrustBundle
impl Debug for ClusterTrustBundle
Source§impl DeepMerge for ClusterTrustBundle
impl DeepMerge for ClusterTrustBundle
Source§fn merge_from(&mut self, other: Self)
fn merge_from(&mut self, other: Self)
other
into self
.Source§impl Default for ClusterTrustBundle
impl Default for ClusterTrustBundle
Source§fn default() -> ClusterTrustBundle
fn default() -> ClusterTrustBundle
Source§impl<'de> Deserialize<'de> for ClusterTrustBundle
impl<'de> Deserialize<'de> for ClusterTrustBundle
Source§fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>where
D: Deserializer<'de>,
fn deserialize<D>(deserializer: D) -> Result<Self, D::Error>where
D: Deserializer<'de>,
Source§impl Metadata for ClusterTrustBundle
impl Metadata for ClusterTrustBundle
Source§impl PartialEq for ClusterTrustBundle
impl PartialEq for ClusterTrustBundle
Source§impl Resource for ClusterTrustBundle
impl Resource for ClusterTrustBundle
Source§const API_VERSION: &'static str = "certificates.k8s.io/v1alpha1"
const API_VERSION: &'static str = "certificates.k8s.io/v1alpha1"
Resource::GROUP
and Resource::VERSION
(eg "apiextensions.k8s.io/v1beta1"
)
or just the version for resources without a group (eg "v1"
). Read more