AccessGrant resource
Permission to redeem access tokens for links to the local site. A remote site can use a token containing the grant URL and secret code to obtain a certificate signed by the grant's certificate authority (CA), within a certain expiration window and for a limited number of redemptions.
The code, url, and ca properties of the resource
status are used to generate access tokens from the grant.
apiVersion: skupper.io/v2alpha1
kind: AccessGrant
Metadata properties
name
The name of the resource.
| Platforms | Kubernetes, Docker, Podman, Linux |
|---|
namespace
The namespace of the resource.
| Platforms | Kubernetes, Docker, Podman, Linux |
|---|---|
| See also | Kubernetes namespaces |
Spec properties
redemptionsAllowed
The number of times an access token for this grant can be redeemed.
| Default | 1 |
|---|---|
| Platforms | Kubernetes, Docker, Podman, Linux |
expirationWindow
The period of time in which an access token for this grant can be redeemed.
| Default |
|
|---|---|
| Platforms | Kubernetes, Docker, Podman, Linux |
code
The secret code used to authenticate access tokens submitted for redemption.
If not set, a value for the code field in the status is generated.
| Default | Generated |
|---|---|
| Platforms | Kubernetes, Docker, Podman, Linux |
issuer
The name of a Kubernetes secret used to generate a certificate when redeeming a token for this grant.
If not set, the defaultIssuer on Site is used.
| Platforms | Kubernetes, Docker, Podman, Linux |
|---|
settings
A map containing additional settings. Each map entry is a string name and a string value.
| Platforms | Kubernetes, Docker, Podman, Linux |
|---|
Status properties
redemptions
The number of times a token for this grant has been redeemed.
| Platforms | Kubernetes, Docker, Podman, Linux |
|---|
expirationTime
The point in time when the grant expires.
| Platforms | Kubernetes, Docker, Podman, Linux |
|---|
url
The URL of the token-redemption service for this grant.
| Platforms | Kubernetes, Docker, Podman, Linux |
|---|
ca
The trusted server certificate of the token-redemption service for this grant.
| Platforms | Kubernetes, Docker, Podman, Linux |
|---|
code
The secret code used to authenticate access tokens submitted for redemption.
| Default | Generated |
|---|---|
| Platforms | Kubernetes, Docker, Podman, Linux |
status
The current state of the resource.
- Pending
- Ready
| Platforms | Kubernetes, Docker, Podman, Linux |
|---|
message
A human-readable status message.
| Platforms | Kubernetes, Docker, Podman, Linux |
|---|
conditions
A set of named conditions describing the current state of the resource.
| Platforms | Kubernetes |
|---|---|
| See also | Kubernetes conditions |