Skip to main content
logoTetrate Service BridgeVersion: next

Organization

Organization is a root of the Service Bridge object hierarchy. Each organization is completely independent of the other with its own set of tenants, users, teams, clusters and workspaces.

Organizations in TSB are tied to an Identity Provider (IdP). Users and teams, representing the organizational structure, are periodically synchronized from the IdP into TSB in order to make them available for access policy configuration.

The following example creates an organization named myorg.

apiVersion: api.tsb.tetrate.io/v2
kind: Organization
metadata:
name: myorg

Organization

Organization is the root of the Service Bridge object hierarchy.

FieldDescriptionValidation Rule

deletionProtectionEnabled

bool
When set, prevents the resource from being deleted. In order to delete the resource this property needs to be set to false first.

profiles

List of string
List of profiles attached to the Organization to be used to propagate default and mandatory configurations down to the children.

configGenerationMetadata

tetrateio.api.tsb.types.v2.ConfigGenerationMetadata
Default metadata values that will be propagated to the children Istio generated configurations. When using YAML APIs like tctl or gitops, put them into the metadata.labels or metadata.annotations instead. This field is only necessary when using gRPC APIs directly.

systemNamespaces

List of string
List of namespaces that will be considered as system namespaces for the organization and will not be able to be onboarded into TSB. System namespaces are namespaces that should not have sidecars injected and don't be configured with Istio injection. This is useful for namespaces that are used for infrastructure components like monitoring, logging, cloud provider components, etc. and that should not be managed by TSB in the cluster namespace onboarding workflows.