swagger: "2.0" info: title: MinIO Console Server version: 0.1.0 consumes: - application/json produces: - application/json schemes: - http - ws basePath: /api/v1 # We are going to be taking `Authorization: Bearer TOKEN` header for our authentication securityDefinitions: key: type: oauth2 flow: accessCode authorizationUrl: http://min.io tokenUrl: http://min.io # Apply the key security definition to all APIs security: - key: [] paths: /login: get: summary: Returns login strategy, form or sso. operationId: LoginDetail responses: 200: description: A successful response. schema: $ref: "#/definitions/loginDetails" default: description: Generic error response. schema: $ref: "#/definitions/error" # Exclude this API from the authentication requirement security: [] tags: - UserAPI post: summary: Login to Console operationId: Login parameters: - name: body in: body required: true schema: $ref: "#/definitions/loginRequest" responses: 201: description: A successful login. schema: $ref: "#/definitions/loginResponse" default: description: Generic error response. schema: $ref: "#/definitions/error" # Exclude this API from the authentication requirement security: [] tags: - UserAPI /login/operator: post: summary: Login to Operator Console. operationId: LoginOperator parameters: - name: body in: body required: true schema: $ref: "#/definitions/loginOperatorRequest" responses: 201: description: A successful login. schema: $ref: "#/definitions/loginResponse" default: description: Generic error response. schema: $ref: "#/definitions/error" security: [] tags: - UserAPI /login/oauth2/auth: post: summary: Identity Provider oauth2 callback endpoint. operationId: LoginOauth2Auth parameters: - name: body in: body required: true schema: $ref: "#/definitions/loginOauth2AuthRequest" responses: 201: description: A successful login. schema: $ref: "#/definitions/loginResponse" default: description: Generic error response. schema: $ref: "#/definitions/error" security: [] tags: - UserAPI /logout: post: summary: Logout from Console. operationId: Logout responses: 200: description: A successful response. default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - UserAPI /session: get: summary: Endpoint to check if your session is still valid operationId: SessionCheck responses: 200: description: A successful response. schema: $ref: "#/definitions/sessionResponse" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - UserAPI /buckets: get: summary: List Buckets operationId: ListBuckets parameters: - name: sort_by in: query required: false type: string - name: offset in: query required: false type: integer format: int32 - name: limit in: query required: false type: integer format: int32 responses: 200: description: A successful response. schema: $ref: "#/definitions/listBucketsResponse" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - UserAPI post: summary: Make bucket operationId: MakeBucket parameters: - name: body in: body required: true schema: $ref: "#/definitions/makeBucketRequest" responses: 201: description: A successful response. default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - UserAPI /buckets/{name}: get: summary: Bucket Info operationId: BucketInfo parameters: - name: name in: path required: true type: string responses: 200: description: A successful response. schema: $ref: "#/definitions/bucket" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - UserAPI delete: summary: Delete Bucket operationId: DeleteBucket parameters: - name: name in: path required: true type: string responses: 204: description: A successful response. default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - UserAPI /buckets/{name}/set-policy: put: summary: Bucket Set Policy operationId: BucketSetPolicy parameters: - name: name in: path required: true type: string - name: body in: body required: true schema: $ref: "#/definitions/setBucketPolicyRequest" responses: 200: description: A successful response. schema: $ref: "#/definitions/bucket" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - UserAPI /buckets/{bucket_name}/events: get: summary: List Bucket Events operationId: ListBucketEvents parameters: - name: bucket_name in: path required: true type: string - name: offset in: query required: false type: integer format: int32 - name: limit in: query required: false type: integer format: int32 responses: 200: description: A successful response. schema: $ref: "#/definitions/listBucketEventsResponse" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - UserAPI post: summary: Create Bucket Event operationId: CreateBucketEvent parameters: - name: bucket_name in: path required: true type: string - name: body in: body required: true schema: $ref: "#/definitions/bucketEventRequest" responses: 201: description: A successful response. default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - UserAPI /buckets/{bucket_name}/events/{arn}: delete: summary: Delete Bucket Event operationId: DeleteBucketEvent parameters: - name: bucket_name in: path required: true type: string - name: arn in: path required: true type: string - name: body in: body required: true schema: $ref: "#/definitions/notificationDeleteRequest" responses: 204: description: A successful response. default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - UserAPI /service-accounts: get: summary: List User's Service Accounts operationId: ListUserServiceAccounts parameters: - name: offset in: query required: false type: integer format: int32 - name: limit in: query required: false type: integer format: int32 responses: 200: description: A successful response. schema: $ref: "#/definitions/serviceAccounts" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - UserAPI post: summary: Create Service Account operationId: CreateServiceAccount parameters: - name: body in: body required: true schema: $ref: "#/definitions/serviceAccountRequest" responses: 201: description: A successful response. schema: $ref: "#/definitions/serviceAccountCreds" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - UserAPI /service-accounts/{access_key}: delete: summary: Delete Service Account operationId: DeleteServiceAccount parameters: - name: access_key in: path required: true type: string responses: 204: description: A successful response. default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - UserAPI /users: get: summary: List Users operationId: ListUsers parameters: - name: offset in: query required: false type: integer format: int32 - name: limit in: query required: false type: integer format: int32 responses: 200: description: A successful response. schema: $ref: "#/definitions/listUsersResponse" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI post: summary: Add User operationId: AddUser parameters: - name: body in: body required: true schema: $ref: "#/definitions/addUserRequest" responses: 201: description: A successful response. schema: $ref: "#/definitions/user" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /users/{name}: get: summary: Get User Info operationId: GetUserInfo parameters: - name: name in: path required: true type: string responses: 200: description: A successful response. schema: $ref: "#/definitions/user" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI put: summary: Update User Info operationId: UpdateUserInfo parameters: - name: name in: path required: true type: string - name: body in: body required: true schema: $ref: "#/definitions/updateUser" responses: 200: description: A successful response. schema: $ref: "#/definitions/user" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI delete: summary: Remove user operationId: RemoveUser parameters: - name: name in: path required: true type: string responses: 204: description: A successful response. default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /users/{name}/groups: put: summary: Update Groups for a user operationId: UpdateUserGroups parameters: - name: name in: path required: true type: string - name: body in: body required: true schema: $ref: "#/definitions/updateUserGroups" responses: 200: description: A successful response. schema: $ref: "#/definitions/user" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /users-groups-bulk: put: summary: Bulk functionality to Add Users to Groups operationId: BulkUpdateUsersGroups parameters: - name: body in: body required: true schema: $ref: "#/definitions/bulkUserGroups" responses: 200: description: A successful response. default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /groups: get: summary: List Groups operationId: ListGroups parameters: - name: offset in: query required: false type: integer format: int32 - name: limit in: query required: false type: integer format: int32 responses: 200: description: A successful response. schema: $ref: "#/definitions/listGroupsResponse" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI post: summary: Add Group operationId: AddGroup parameters: - name: body in: body required: true schema: $ref: "#/definitions/addGroupRequest" responses: 201: description: A successful response. default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /groups/{name}: get: summary: Group info operationId: GroupInfo parameters: - name: name in: path required: true type: string responses: 200: description: A successful response. schema: $ref: "#/definitions/group" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI delete: summary: Remove group operationId: RemoveGroup parameters: - name: name in: path required: true type: string responses: 204: description: A successful response. default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI put: summary: Update Group Members or Status operationId: UpdateGroup parameters: - name: name in: path required: true type: string - name: body in: body required: true schema: $ref: "#/definitions/updateGroupRequest" responses: 200: description: A successful response. schema: $ref: "#/definitions/group" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /policies: get: summary: List Policies operationId: ListPolicies parameters: - name: offset in: query required: false type: integer format: int32 - name: limit in: query required: false type: integer format: int32 responses: 200: description: A successful response. schema: $ref: "#/definitions/listPoliciesResponse" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI post: summary: Add Policy operationId: AddPolicy parameters: - name: body in: body required: true schema: $ref: "#/definitions/addPolicyRequest" responses: 201: description: A successful response. schema: $ref: "#/definitions/policy" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /policies/{name}: delete: summary: Remove policy operationId: RemovePolicy parameters: - name: name in: path required: true type: string responses: 204: description: A successful response. default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI get: summary: Policy info operationId: PolicyInfo parameters: - name: name in: path required: true type: string responses: 200: description: A successful response. schema: $ref: "#/definitions/policy" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /configs: get: summary: List Configurations operationId: ListConfig parameters: - name: offset in: query required: false type: integer format: int32 - name: limit in: query required: false type: integer format: int32 responses: 200: description: A successful response. schema: $ref: "#/definitions/listConfigResponse" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /set-policy/{name}: put: summary: Set policy operationId: SetPolicy parameters: - name: name in: path required: true type: string - name: body in: body required: true schema: $ref: "#/definitions/setPolicyRequest" responses: 204: description: A successful response. default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /configs/{name}: get: summary: Configuration info operationId: ConfigInfo parameters: - name: name in: path required: true type: string responses: 200: description: A successful response. schema: $ref: "#/definitions/configuration" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI put: summary: Set Configuration operationId: SetConfig parameters: - name: name in: path required: true type: string - name: body in: body required: true schema: $ref: "#/definitions/setConfigRequest" responses: 204: description: A successful response. default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /service/restart: post: summary: Restart Service operationId: RestartService responses: 204: description: A successful response. default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /profiling/start: post: summary: Start recording profile data operationId: ProfilingStart parameters: - name: body in: body required: true schema: $ref: "#/definitions/profilingStartRequest" responses: 201: description: A successful response. schema: $ref: "#/definitions/startProfilingList" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /profiling/stop: post: summary: Stop and download profile data operationId: ProfilingStop produces: - application/octet-stream responses: 201: description: A successful response. schema: type: file default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /admin/info: get: summary: Returns information about the deployment operationId: AdminInfo responses: 200: description: A successful response. schema: $ref: "#/definitions/adminInfoResponse" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /admin/arns: get: summary: Returns a list of active ARNs in the instance operationId: ArnList responses: 200: description: A successful response. schema: $ref: "#/definitions/arnsResponse" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /admin/notification_endpoints: get: summary: Returns a list of active notification endpoints operationId: NotificationEndpointList responses: 200: description: A successful response. schema: $ref: "#/definitions/notifEndpointResponse" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI post: summary: Allows to configure a new notification endpoint operationId: AddNotificationEndpoint parameters: - name: body in: body required: true schema: $ref: "#/definitions/notificationEndpoint" responses: 201: description: A successful response. schema: $ref: "#/definitions/notificationEndpoint" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /tenants: get: summary: List Tenant of All Namespaces operationId: ListAllTenants parameters: - name: sort_by in: query required: false type: string - name: offset in: query required: false type: integer format: int32 - name: limit in: query required: false type: integer format: int32 responses: 200: description: A successful response. schema: $ref: "#/definitions/listTenantsResponse" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI post: summary: Create Tenant operationId: CreateTenant parameters: - name: body in: body required: true schema: $ref: "#/definitions/createTenantRequest" responses: 200: description: A successful response. schema: $ref: "#/definitions/createTenantResponse" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /namespaces/{namespace}/tenants: get: summary: List Tenants by Namespace operationId: ListTenants parameters: - name: namespace in: path required: true type: string - name: sort_by in: query required: false type: string - name: offset in: query required: false type: integer format: int32 - name: limit in: query required: false type: integer format: int32 responses: 200: description: A successful response. schema: $ref: "#/definitions/listTenantsResponse" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /namespaces/{namespace}/tenants/{tenant}: get: summary: Tenant Info operationId: TenantInfo parameters: - name: namespace in: path required: true type: string - name: tenant in: path required: true type: string responses: 200: description: A successful response. schema: $ref: "#/definitions/tenant" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI delete: summary: Delete Tenant operationId: DeleteTenant parameters: - name: namespace in: path required: true type: string - name: tenant in: path required: true type: string responses: 204: description: A successful response. default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI put: summary: Update Tenant operationId: UpdateTenant parameters: - name: namespace in: path required: true type: string - name: tenant in: path required: true type: string - name: body in: body required: true schema: $ref: "#/definitions/updateTenantRequest" responses: 201: description: A successful response. default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /namespaces/{namespace}/tenants/{tenant}/zones: post: summary: Tenant Add Zone operationId: TenantAddZone parameters: - name: namespace in: path required: true type: string - name: tenant in: path required: true type: string - name: body in: body required: true schema: $ref: "#/definitions/zone" responses: 201: description: A successful response. default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /namespaces/{namespace}/tenants/{tenant}/usage: get: summary: Get Usage For The Tenant operationId: GetTenantUsage parameters: - name: namespace in: path required: true type: string - name: tenant in: path required: true type: string responses: 200: description: A successful response. schema: $ref: "#/definitions/tenantUsage" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI /namespaces/{namespace}/resourcequotas/{resource-quota-name}: get: summary: Get Resource Quota operationId: GetResourceQuota parameters: - name: namespace in: path required: true type: string - name: resource-quota-name in: path required: true type: string responses: 200: description: A successful response. schema: $ref: "#/definitions/resourceQuota" default: description: Generic error response. schema: $ref: "#/definitions/error" tags: - AdminAPI definitions: bucketAccess: type: string enum: - PRIVATE - PUBLIC - CUSTOM default: PRIVATE bucket: type: object required: - name properties: name: type: string minLength: 3 size: type: integer format: int64 access: $ref: "#/definitions/bucketAccess" creation_date: type: string listBucketsResponse: type: object properties: buckets: type: array items: $ref: "#/definitions/bucket" title: list of resulting buckets total: type: integer format: int64 title: number of buckets accessible to tenant user makeBucketRequest: type: object required: - name properties: name: type: string error: type: object required: - message properties: code: type: integer format: int64 message: type: string user: type: object properties: accessKey: type: string policy: type: string memberOf: type: array items: type: string status: type: string listUsersResponse: type: object properties: users: type: array items: $ref: "#/definitions/user" title: list of resulting users addUserRequest: type: object required: - accessKey - secretKey - groups properties: accessKey: type: string secretKey: type: string groups: type: array items: type: string group: type: object properties: name: type: string status: type: string members: type: array items: type: string policy: type: string addGroupRequest: type: object required: - group - members properties: group: type: string members: type: array items: type: string listGroupsResponse: type: object properties: groups: type: array items: type: string title: list of groups total: type: integer format: int64 title: total number of groups policy: type: object properties: name: type: string policy: type: string policyEntity: type: string enum: - user - group default: user setPolicyRequest: type: object required: - entityType - entityName properties: entityType: $ref: "#/definitions/policyEntity" entityName: type: string addPolicyRequest: type: object required: - name - policy properties: name: type: string policy: type: string listPoliciesResponse: type: object properties: policies: type: array items: $ref: "#/definitions/policy" title: list of policies total: type: integer format: int64 title: total number of policies updateGroupRequest: type: object required: - members - status properties: members: type: array items: type: string status: type: string configDescription: type: object properties: key: type: string description: type: string configurationKV: type: object properties: key: type: string value: type: string configuration: type: object properties: name: type: string key_values: type: array items: $ref: "#/definitions/configurationKV" listConfigResponse: type: object properties: configurations: type: array items: $ref: "#/definitions/configDescription" total: type: integer format: int64 title: total number of configurations setConfigRequest: type: object required: - key_values properties: key_values: type: array minItems: 1 items: $ref: "#/definitions/configurationKV" arn_resource_id: type: string title: Used if configuration is an event notification's target notificationEventType: type: string enum: - put - delete - get notificationConfig: type: object required: - arn properties: id: type: string arn: type: string events: type: array items: $ref: "#/definitions/notificationEventType" title: "filter specific type of event. Defaults to all event (default: '[put,delete,get]')" prefix: type: string title: "filter event associated to the specified prefix" suffix: type: string title: "filter event associated to the specified suffix" notificationDeleteRequest: type: object required: - events - prefix - suffix properties: events: type: array minLength: 1 items: $ref: "#/definitions/notificationEventType" title: "filter specific type of event. Defaults to all event (default: '[put,delete,get]')" prefix: type: string title: "filter event associated to the specified prefix" suffix: type: string title: "filter event associated to the specified suffix" bucketEventRequest: type: object required: - configuration properties: configuration: $ref: "#/definitions/notificationConfig" ignoreExisting: type: boolean listBucketEventsResponse: type: object properties: events: type: array items: $ref: "#/definitions/notificationConfig" total: type: integer format: int64 title: total number of bucket events setBucketPolicyRequest: type: object required: - access properties: access: $ref: "#/definitions/bucketAccess" loginDetails: type: object properties: loginStrategy: type: string enum: [form, redirect, service-account] redirect: type: string loginOauth2AuthRequest: type: object required: - state - code properties: state: type: string code: type: string loginOperatorRequest: type: object required: - jwt properties: jwt: type: string loginRequest: type: object required: - accessKey - secretKey properties: accessKey: type: string secretKey: type: string loginResponse: type: object properties: sessionId: type: string # Structure that holds the `Bearer {TOKEN}` present on authenticated requests principal: type: object properties: accessKeyID: type: string secretAccessKey: type: string sessionToken: type: string actions: type: array items: type: string startProfilingItem: type: object properties: nodeName: type: string success: type: boolean error: type: string startProfilingList: type: object properties: total: type: integer format: int64 title: number of start results startResults: type: array items: $ref: "#/definitions/startProfilingItem" profilerType: type: string enum: - cpu - mem - block - mutex - trace - threads - goroutines profilingStartRequest: type: object required: - type properties: type: $ref: "#/definitions/profilerType" sessionResponse: type: object properties: pages: type: array items: type: string status: type: string enum: [ok] adminInfoResponse: type: object properties: buckets: type: integer objects: type: integer usage: type: integer arnsResponse: type: object properties: arns: type: array items: type: string updateUserGroups: type: object required: - groups properties: groups: type: array items: type: string nofiticationService: type: string enum: - webhook - amqp - kafka - mqtt - nats - nsq - mysql - postgres - elasticsearch - redis notificationEndpointItem: type: object properties: service: $ref: "#/definitions/nofiticationService" account_id: type: string status: type: string notificationEndpoint: type: object required: - service - account_id - properties properties: service: $ref: "#/definitions/nofiticationService" account_id: type: string properties: type: object additionalProperties: type: string notifEndpointResponse: type: object properties: notification_endpoints: type: array items: $ref: "#/definitions/notificationEndpointItem" updateUser: type: object required: - status - groups properties: status: type: string groups: type: array items: type: string bulkUserGroups: type: object required: - users - groups properties: users: type: array items: type: string groups: type: array items: type: string serviceAccounts: type: array items: type: string serviceAccountRequest: type: object properties: policy: type: string title: "policy to be applied to the Service Account if any" serviceAccountCreds: type: object properties: accessKey: type: string secretKey: type: string tenant: type: object properties: name: type: string creation_date: type: string currentState: type: string zones: type: array items: $ref: "#/definitions/zone" image: type: string namespace: type: string total_size: type: integer format: int64 tenantUsage: type: object properties: used: type: integer format: int64 disk_used: type: integer format: int64 tenantList: type: object properties: name: type: string zone_count: type: integer instance_count: type: integer total_size: type: integer volume_count: type: integer creation_date: type: string currentState: type: string namespace: type: string listTenantsResponse: type: object properties: tenants: type: array items: $ref: "#/definitions/tenantList" title: list of resulting tenants total: type: integer format: int64 title: number of tenants accessible to tenant user updateTenantRequest: type: object properties: image: type: string pattern: "^((.*?)/(.*?):(.+))$" image_registry: $ref: "#/definitions/imageRegistry" imageRegistry: type: object required: - registry - username - password properties: registry: type: string username: type: string password: type: string createTenantRequest: type: object required: - name - namespace - zones properties: name: type: string pattern: "^[a-z0-9-]{3,63}$" image: type: string service_name: type: string zones: type: array items: $ref: "#/definitions/zone" mounth_path: type: string access_key: type: string secret_key: type: string enable_console: type: boolean default: true enable_ssl: type: boolean default: true namespace: type: string erasureCodingParity: type: integer annotations: type: object additionalProperties: type: string image_registry: $ref: "#/definitions/imageRegistry" idp: type: object $ref: "#/definitions/idpConfiguration" tls: type: object $ref: "#/definitions/tlsConfiguration" encryption: type: object $ref: "#/definitions/encryptionConfiguration" tlsConfiguration: type: object required: - crt - key properties: crt: type: string key: type: string idpConfiguration: type: object properties: oidc: type: object required: - url - client_id - secret_id properties: url: type: string client_id: type: string secret_id: type: string active_directory: type: object required: - url - username_format - user_search_filter properties: url: type: string username_format: type: string user_search_filter: type: string group_search_base_dn: type: string group_search_filter: type: string group_name_attribute: type: string skip_ssl_verification: type: boolean server_insecure: type: boolean encryptionConfiguration: type: object properties: image: type: string server: type: object required: - crt - key properties: crt: type: string key: type: string client: type: object required: - crt - key properties: crt: type: string key: type: string master_key: type: string gemalto: type: object $ref: "#/definitions/gemaltoConfiguration" aws: type: object $ref: "#/definitions/awsConfiguration" vault: type: object $ref: "#/definitions/vaultConfiguration" vaultConfiguration: type: object required: - endpoint - approle properties: endpoint: type: string engine: type: string namespace: type: string prefix: type: string approle: type: object required: - id - secret properties: engine: type: string id: type: string secret: type: string retry: type: integer format: int64 status: type: object properties: ping: type: integer format: int64 awsConfiguration: type: object required: - secretsmanager properties: secretsmanager: type: object required: - endpoint - region - credentials properties: endpoint: type: string region: type: string kmskey: type: string credentials: type: object required: - accesskey - secretkey properties: accesskey: type: string secretkey: type: string token: type: string gemaltoConfiguration: type: object required: - keysecure properties: keysecure: type: object required: - endpoint - credentials properties: endpoint: type: string credentials: type: object required: - token - domain properties: token: type: string domain: type: string retry: type: integer format: int64 tls: type: object required: - ca properties: ca: type: string createTenantResponse: type: object properties: access_key: type: string secret_key: type: string console: type: object properties: access_key: type: string secret_key: type: string zone: type: object required: - servers - volumes_per_server - volume_configuration properties: name: type: string servers: type: integer volumes_per_server: type: integer format: int32 volume_configuration: type: object required: - size properties: size: type: integer storage_class_name: type: string resources: $ref: "#/definitions/zoneResources" node_selector: type: object additionalProperties: type: string description: "NodeSelector is a selector which must be true for the pod to fit on a node. Selector which must match a node's labels for the pod to be scheduled on that node. More info: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/" affinity: $ref: "#/definitions/zoneAffinity" tolerations: $ref: "#/definitions/zoneTolerations" zoneTolerations: description: Tolerations allows users to set entries like effect, key, operator, value. items: description: The pod this Toleration is attached to tolerates any taint that matches the triple using the matching operator . properties: effect: description: Effect indicates the taint effect to match. Empty means match all taint effects. When specified, allowed values are NoSchedule, PreferNoSchedule and NoExecute. type: string key: description: Key is the taint key that the toleration applies to. Empty means match all taint keys. If the key is empty, operator must be Exists; this combination means to match all values and all keys. type: string operator: description: Operator represents a key's relationship to the value. Valid operators are Exists and Equal. Defaults to Equal. Exists is equivalent to wildcard for value, so that a pod can tolerate all taints of a particular category. type: string tolerationSeconds: description: TolerationSeconds represents the period of time the toleration (which must be of effect NoExecute, otherwise this field is ignored) tolerates the taint. By default, it is not set, which means tolerate the taint forever (do not evict). Zero and negative values will be treated as 0 (evict immediately) by the system. format: int64 type: integer value: description: Value is the taint value the toleration matches to. If the operator is Exists, the value should be empty, otherwise just a regular string. type: string type: object type: array zoneResources: description: If provided, use these requests and limit for cpu/memory resource allocation properties: limits: additionalProperties: type: integer format: int64 description: "Limits describes the maximum amount of compute resources allowed. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/" type: object requests: additionalProperties: additionalProperties: type: integer format: int64 description: "Requests describes the minimum amount of compute resources required. If Requests is omitted for a container, it defaults to Limits if that is explicitly specified, otherwise to an implementation-defined value. More info: https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/" type: object type: object zoneAffinity: description: If specified, affinity will define the pod's scheduling constraints properties: nodeAffinity: description: Describes node affinity scheduling rules for the pod. properties: preferredDuringSchedulingIgnoredDuringExecution: description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node matches the corresponding matchExpressions; the node(s) with the highest sum are the most preferred. items: description: An empty preferred scheduling term matches all objects with implicit weight 0 (i.e. it's a no-op). A null preferred scheduling term matches no objects (i.e. is also a no-op). properties: preference: description: A node selector term, associated with the corresponding weight. $ref: "#/definitions/nodeSelectorTerm" type: object weight: description: Weight associated with matching the corresponding nodeSelectorTerm, in the range 1-100. format: int32 type: integer required: - preference - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to an update), the system may or may not try to eventually evict the pod from its node. properties: nodeSelectorTerms: description: Required. A list of node selector terms. The terms are ORed. items: $ref: "#/definitions/nodeSelectorTerm" type: array required: - nodeSelectorTerms type: object type: object podAffinity: description: Describes pod affinity scheduling rules (e.g. co-locate this pod in the same node, zone, etc. as some other pod(s)). properties: preferredDuringSchedulingIgnoredDuringExecution: description: The scheduler will prefer to schedule pods to nodes that satisfy the affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. items: description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) properties: podAffinityTerm: $ref: "#/definitions/podAffinityTerm" weight: description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. format: int32 type: integer required: - podAffinityTerm - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: description: If the affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. items: $ref: "#/definitions/podAffinityTerm" type: array type: object podAntiAffinity: description: Describes pod anti-affinity scheduling rules (e.g. avoid putting this pod in the same node, zone, etc. as some other pod(s)). properties: preferredDuringSchedulingIgnoredDuringExecution: description: The scheduler will prefer to schedule pods to nodes that satisfy the anti-affinity expressions specified by this field, but it may choose a node that violates one or more of the expressions. The node that is most preferred is the one with the greatest sum of weights, i.e. for each node that meets all of the scheduling requirements (resource request, requiredDuringScheduling anti-affinity expressions, etc.), compute a sum by iterating through the elements of this field and adding "weight" to the sum if the node has pods which matches the corresponding podAffinityTerm; the node(s) with the highest sum are the most preferred. items: description: The weights of all of the matched WeightedPodAffinityTerm fields are added per-node to find the most preferred node(s) properties: podAffinityTerm: $ref: "#/definitions/podAffinityTerm" weight: description: weight associated with matching the corresponding podAffinityTerm, in the range 1-100. format: int32 type: integer required: - podAffinityTerm - weight type: object type: array requiredDuringSchedulingIgnoredDuringExecution: description: If the anti-affinity requirements specified by this field are not met at scheduling time, the pod will not be scheduled onto the node. If the anti-affinity requirements specified by this field cease to be met at some point during pod execution (e.g. due to a pod label update), the system may or may not try to eventually evict the pod from its node. When there are multiple elements, the lists of nodes corresponding to each podAffinityTerm are intersected, i.e. all terms must be satisfied. items: $ref: "#/definitions/podAffinityTerm" type: array type: object type: object nodeSelectorTerm: type: object description: A null or empty node selector term matches no objects. The requirements of them are ANDed. The TopologySelectorTerm type implements a subset of the NodeSelectorTerm. properties: matchExpressions: description: A list of node selector requirements by node's labels. items: description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: The label key that the selector applies to. type: string operator: description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. type: string values: description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. items: type: string type: array required: - key - operator type: object type: array matchFields: description: A list of node selector requirements by node's fields. items: description: A node selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: The label key that the selector applies to. type: string operator: description: Represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists, DoesNotExist. Gt, and Lt. type: string values: description: An array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. If the operator is Gt or Lt, the values array must have a single element, which will be interpreted as an integer. This array is replaced during a strategic merge patch. items: type: string type: array required: - key - operator type: object type: array podAffinityTerm: description: Required. A pod affinity term, associated with the corresponding weight. properties: labelSelector: description: A label query over a set of resources, in this case pods. properties: matchExpressions: description: matchExpressions is a list of label selector requirements. The requirements are ANDed. items: description: A label selector requirement is a selector that contains values, a key, and an operator that relates the key and values. properties: key: description: key is the label key that the selector applies to. type: string operator: description: operator represents a key's relationship to a set of values. Valid operators are In, NotIn, Exists and DoesNotExist. type: string values: description: values is an array of string values. If the operator is In or NotIn, the values array must be non-empty. If the operator is Exists or DoesNotExist, the values array must be empty. This array is replaced during a strategic merge patch. items: type: string type: array required: - key - operator type: object type: array matchLabels: additionalProperties: type: string description: matchLabels is a map of {key,value} pairs. A single {key,value} in the matchLabels map is equivalent to an element of matchExpressions, whose key field is "key", the operator is "In", and the values array contains only "value". The requirements are ANDed. type: object type: object namespaces: description: namespaces specifies which namespaces the labelSelector applies to (matches against); null or empty list means "this pod's namespace" items: type: string type: array topologyKey: description: This pod should be co-located (affinity) or not co-located (anti-affinity) with the pods matching the labelSelector in the specified namespaces, where co-located is defined as running on a node whose value of the label with key topologyKey matches that of any node on which any of the selected pods is running. Empty topologyKey is not allowed. type: string required: - topologyKey type: object resourceQuota: type: object properties: name: type: string elements: type: array items: $ref: "#/definitions/resourceQuotaElement" resourceQuotaElement: type: object properties: name: type: string hard: type: integer format: int64 used: type: integer format: int64