API Reference
Packages:
pkg.internal/v1beta1
Resource Types:
Storage
| Name | Type | Description | Required |
|---|---|---|---|
| apiVersion | string | pkg.internal/v1beta1 | true |
| kind | string | Storage | true |
| metadata | object | Refer to the Kubernetes API documentation for the fields of the `metadata` field. | true |
| spec | object |
Desired configuration of a Storage resource. Defines which buckets are created under the principal, which external buckets are requested, and which grants are issued to other principals.
|
false |
| status | object |
Observed state of the Storage resource, including reconciliation results and any conditions applied by the controller.
|
false |
Storage.spec
Desired configuration of a Storage resource. Defines which buckets are created under the principal, which external buckets are requested, and which grants are issued to other principals.
| Name | Type | Description | Required |
|---|---|---|---|
| buckets | []object |
Buckets to create as part of this Storage. Each entry is keyed by `bucketName`, ensuring uniqueness within the resource. Ordering has no semantic meaning.
|
true |
| principal | string |
Unique identifier of the storage principal (typically a user or service account). All buckets, access requests, and grants in this resource are owned and managed under this principal.
|
true |
| bucketAccessGrants | []object |
Grants issued by this principal to other principals. Each grant is uniquely identified by `(bucketName, grantee)` and defines the permission level on the target bucket.
|
false |
| bucketAccessRequests | []object |
Outbound requests for access to buckets owned by other principals. Each request originates from `spec.principal` and targets a single foreign bucket. The list is keyed by `bucketName`.
|
false |
Storage.spec.buckets[index]
| Name | Type | Description | Required |
|---|---|---|---|
| bucketName | string |
Name of the bucket to create. This value acts as the unique key for the list element.
|
true |
| discoverable | boolean |
If true, the bucket is advertised for discovery by other principals. Defaults to false when omitted.
Default: false |
false |
Storage.spec.bucketAccessGrants[index]
| Name | Type | Description | Required |
|---|---|---|---|
| bucketName | string |
Name of the bucket for which the permission is granted. This forms part of the unique key.
|
true |
| grantedAt | string |
RFC3339 timestamp indicating when the grant became active. Used to track grant lifecycle. Typically set by the controller.
Format: date-time |
true |
| grantee | string |
Identifier of the principal receiving the grant. This forms part of the unique key.
|
true |
| permission | enum |
Permission level granted to the grantee on the specified bucket. Setting `None` explicitly removes access.
Enum: ReadWrite, ReadOnly, WriteOnly, None |
true |
Storage.spec.bucketAccessRequests[index]
| Name | Type | Description | Required |
|---|---|---|---|
| bucketName | string |
Name of the bucket for which access is requested. This value is the unique key for the request.
|
true |
| requestedAt | string |
RFC3339 timestamp indicating when the request was created. Used to track request lifecycle. Typically set by the controller.
Format: date-time |
true |
| reason | string |
Optional free-text justification for the request. For informational and auditing purposes only.
|
false |
Storage.status
Observed state of the Storage resource, including reconciliation results and any conditions applied by the controller.
| Name | Type | Description | Required |
|---|