Class Authority

Authority encodes how Google will recognize identities from this Membership. See the workload identity documentation for more details: https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity

Inheritance

object

Authority

Implements

IDirectResponseSchema

Inherited Members

object.Equals(object)

object.Equals(object, object)

object.GetHashCode()

object.GetType()

object.MemberwiseClone()

object.ReferenceEquals(object, object)

object.ToString()

Namespace: Google.Apis.GKEHub.v1beta1.Data

Assembly: Google.Apis.GKEHub.v1beta1.dll

Syntax

public class Authority : IDirectResponseSchema

Properties

ETag

The ETag of the item.

Declaration

public virtual string ETag { get; set; }

Property Value

Type	Description
string

IdentityProvider

Output only. An identity provider that reflects the issuer in the workload identity pool.

Declaration

[JsonProperty("identityProvider")]
public virtual string IdentityProvider { get; set; }

Property Value

Type	Description
string

Issuer

Optional. A JSON Web Token (JWT) issuer URI. issuer must start with https:// and be a valid URL with length <2000 characters. If set, then Google will allow valid OIDC tokens from this issuer to authenticate within the workload_identity_pool. OIDC discovery will be performed on this URI to validate tokens from the issuer. Clearing issuer disables Workload Identity. issuer cannot be directly modified; it must be cleared (and Workload Identity disabled) before using a new issuer (and re-enabling Workload Identity).

Declaration

[JsonProperty("issuer")]
public virtual string Issuer { get; set; }

Property Value

Type	Description
string

OidcJwks

Optional. OIDC verification keys for this Membership in JWKS format (RFC 7517). When this field is set, OIDC discovery will NOT be performed on issuer, and instead OIDC tokens will be validated using this field.

Declaration

[JsonProperty("oidcJwks")]
public virtual string OidcJwks { get; set; }

Property Value

Type	Description
string

ScopeTenancyIdentityProvider

Optional. Output only. The identity provider for the scope-tenancy workload identity pool.

Declaration

[JsonProperty("scopeTenancyIdentityProvider")]
public virtual string ScopeTenancyIdentityProvider { get; set; }

Property Value

Type	Description
string

ScopeTenancyWorkloadIdentityPool

Optional. Output only. The name of the scope-tenancy workload identity pool. This pool is set in the fleet-level feature.

Declaration

[JsonProperty("scopeTenancyWorkloadIdentityPool")]
public virtual string ScopeTenancyWorkloadIdentityPool { get; set; }

Property Value

Type	Description
string

WorkloadIdentityPool

Output only. The name of the workload identity pool in which issuer will be recognized. There is a single Workload Identity Pool per Hub that is shared between all Memberships that belong to that Hub. For a Hub hosted in {PROJECT_ID}, the workload pool format is {PROJECT_ID}.hub.id.goog, although this is subject to change in newer versions of this API.

Declaration

[JsonProperty("workloadIdentityPool")]
public virtual string WorkloadIdentityPool { get; set; }

Property Value

Type	Description
string

Implements

IDirectResponseSchema