rbac.tsb.tetrate.io/v2

Resource Types:

• Role

• WorkspaceAccessBindings

• TrafficAccessBindings

• TenantAccessBindings

• SecurityAccessBindings

• OrganizationAccessBindings

• IstioInternalAccessBindings

• GatewayAccessBindings

• ApplicationAccessBindings

• APIAccessBindings

• AccessBindings

Role

↩ Parent

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	Role	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the metadata field.	true
spec	object		false
status	object		false

Role.spec

↩ Parent

Name	Type	Description	Required
description	string	A description of the resource.	false
displayName	string	User friendly name for the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false
rules	[]object	A set of rules that define the permissions associated with each API group.	false

Role.spec.rules[index]

↩ Parent

Name	Type	Description	Required
permissions	[]enum	The set of actions allowed for these APIs.	false
types	[]object	The set of API groups and the api Kinds within the group on which this rule is applicable.	false

Role.spec.rules[index].types[index]

↩ Parent

Name	Type	Description	Required
apiGroup	string	A specific API group such as traffic.tsb.tetrate.io/v2.	false
kinds	[]string	Specific kinds of APIs under the API group.	false

WorkspaceAccessBindings

↩ Parent

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	WorkspaceAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the metadata field.	true
spec	object	WorkspaceAccessBindings assigns permissions to users of workspaces.	false
status	object		false

WorkspaceAccessBindings.spec

↩ Parent

WorkspaceAccessBindings assigns permissions to users of workspaces.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

WorkspaceAccessBindings.spec.allow[index]

↩ Parent

Name	Type	Description	Required
role	string		false
subjects	[]object		false

WorkspaceAccessBindings.spec.allow[index].subjects[index]

↩ Parent

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

TrafficAccessBindings

↩ Parent

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	TrafficAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the metadata field.	true
spec	object	TrafficAccessBindings assigns permissions to users of traffic groups.	false
status	object		false

TrafficAccessBindings.spec

↩ Parent

TrafficAccessBindings assigns permissions to users of traffic groups.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

TrafficAccessBindings.spec.allow[index]

↩ Parent

Name	Type	Description	Required
role	string		false
subjects	[]object		false

TrafficAccessBindings.spec.allow[index].subjects[index]

↩ Parent

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

TenantAccessBindings

↩ Parent

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	TenantAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the metadata field.	true
spec	object	TenantAccessBindings assigns permissions to users of tenants.	false
status	object		false

TenantAccessBindings.spec

↩ Parent

TenantAccessBindings assigns permissions to users of tenants.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

TenantAccessBindings.spec.allow[index]

↩ Parent

Name	Type	Description	Required
role	string		false
subjects	[]object		false

TenantAccessBindings.spec.allow[index].subjects[index]

↩ Parent

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

SecurityAccessBindings

↩ Parent

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	SecurityAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the metadata field.	true
spec	object	SecurityAccessBindings assigns permissions to users of security groups.	false
status	object		false

SecurityAccessBindings.spec

↩ Parent

SecurityAccessBindings assigns permissions to users of security groups.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

SecurityAccessBindings.spec.allow[index]

↩ Parent

Name	Type	Description	Required
role	string		false
subjects	[]object		false

SecurityAccessBindings.spec.allow[index].subjects[index]

↩ Parent

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

OrganizationAccessBindings

↩ Parent

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	OrganizationAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the metadata field.	true
spec	object	OrganizationAccessBindings assigns permissions to users of organizations.	false
status	object		false

OrganizationAccessBindings.spec

↩ Parent

OrganizationAccessBindings assigns permissions to users of organizations.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

OrganizationAccessBindings.spec.allow[index]

↩ Parent

Name	Type	Description	Required
role	string		false
subjects	[]object		false

OrganizationAccessBindings.spec.allow[index].subjects[index]

↩ Parent

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

IstioInternalAccessBindings

↩ Parent

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	IstioInternalAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the metadata field.	true
spec	object	IstioInternalAccessBindings assigns permissions to users of istio internal groups.	false
status	object		false

IstioInternalAccessBindings.spec

↩ Parent

IstioInternalAccessBindings assigns permissions to users of istio internal groups.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

IstioInternalAccessBindings.spec.allow[index]

↩ Parent

Name	Type	Description	Required
role	string		false
subjects	[]object		false

IstioInternalAccessBindings.spec.allow[index].subjects[index]

↩ Parent

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

GatewayAccessBindings

↩ Parent

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	GatewayAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the metadata field.	true
spec	object	GatewayAccessBindings assigns permissions to users of gateway groups.	false
status	object		false

GatewayAccessBindings.spec

↩ Parent

GatewayAccessBindings assigns permissions to users of gateway groups.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

GatewayAccessBindings.spec.allow[index]

↩ Parent

Name	Type	Description	Required
role	string		false
subjects	[]object		false

GatewayAccessBindings.spec.allow[index].subjects[index]

↩ Parent

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

ApplicationAccessBindings

↩ Parent

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	ApplicationAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the metadata field.	true
spec	object	ApplicationAccessBindings assigns permissions to users of applications.	false
status	object		false

ApplicationAccessBindings.spec

↩ Parent

ApplicationAccessBindings assigns permissions to users of applications.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

ApplicationAccessBindings.spec.allow[index]

↩ Parent

Name	Type	Description	Required
role	string		false
subjects	[]object		false

ApplicationAccessBindings.spec.allow[index].subjects[index]

↩ Parent

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

APIAccessBindings

↩ Parent

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	APIAccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the metadata field.	true
spec	object	APIAccessBindings assigns permissions to users of APIs.	false
status	object		false

APIAccessBindings.spec

↩ Parent

APIAccessBindings assigns permissions to users of APIs.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false
fqn	string	Fully-qualified name of the resource.	false

APIAccessBindings.spec.allow[index]

↩ Parent

Name	Type	Description	Required
role	string		false
subjects	[]object		false

APIAccessBindings.spec.allow[index].subjects[index]

↩ Parent

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false

AccessBindings

↩ Parent

Name	Type	Description	Required
apiVersion	string	rbac.tsb.tetrate.io/v2	true
kind	string	AccessBindings	true
metadata	object	Refer to the Kubernetes API documentation for the fields of the metadata field.	true
spec	object	AccessBindings assigns permissions to users of any TSB resource.	false
status	object		false

AccessBindings.spec

↩ Parent

AccessBindings assigns permissions to users of any TSB resource.

Name	Type	Description	Required
allow	[]object		false
description	string	A description of the resource.	false
etag	string	The etag for the resource.	false

AccessBindings.spec.allow[index]

↩ Parent

Name	Type	Description	Required
role	string		false
subjects	[]object		false

AccessBindings.spec.allow[index].subjects[index]

↩ Parent

Name	Type	Description	Required
serviceAccount	string	A service account in TSB.	false
team	string	A team in TSB, created through LDAP sync or API.	false
user	string	A user in TSB, created through LDAP sync or API.	false