CertificateSigningRequest (v1beta1)

CertificateSigningRequest (v1beta1)

CertificateSigningRequest

certificates.v1beta1.CertificateSigningRequest

Describes a certificate signing request

CertificateSigningRequestSpec

certificates.v1beta1.CertificateSigningRequestSpec

This information is immutable after the request is created. Only the Request and Usages fields can be set on creation, other fields are derived by Kubernetes and cannot be modified by users.

  • extra (object)
    Extra information about the requesting user. See user.Info interface for details.

  • groups ([]string)
    Group information about the requesting user. See user.Info interface for details.

  • request (string)
    Base64-encoded PKCS#10 CSR data

  • signerName (string)
    Requested signer for the request. It is a qualified name in the form: scope-hostname.io/name. If empty, it will be defaulted:

    1. If it's a kubelet client certificate, it is assigned
      "kubernetes.io/kube-apiserver-client-kubelet".
    2. If it's a kubelet serving certificate, it is assigned
      "kubernetes.io/kubelet-serving".
    3. Otherwise, it is assigned "kubernetes.io/legacy-unknown".
      Distribution of trust for signers happens out of band. You can select on this field using spec.signerName.
  • uid (string)
    UID information about the requesting user. See user.Info interface for details.

  • usages ([]string)
    allowedUsages specifies a set of usage contexts the key will be valid for. See: https://tools.ietf.org/html/rfc5280#section-4.2.1.3
    https://tools.ietf.org/html/rfc5280#section-4.2.1.12

  • username (string)
    Information about the requesting user. See user.Info interface for details.

CertificateSigningRequestStatus

certificates.v1beta1.CertificateSigningRequestStatus

  • certificate (string)
    If request was approved, the controller will place the issued certificate here.

  • conditions ([]CertificateSigningRequestCondition)
    Conditions applied to the request, such as approval or denial.

    • conditions.lastUpdateTime (Time)
      timestamp for the last update to this condition

    • conditions.message (string)
      human readable message with details about the request state

    • conditions.reason (string)
      brief reason for the request state

    • conditions.type (string)
      request approval state, currently Approved or Denied.

CertificateSigningRequestList

certificates.v1beta1.CertificateSigningRequestList