You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: docs/dyn/gkehub_v1.projects.locations.memberships.html
+8Lines changed: 8 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -137,6 +137,8 @@ <h3>Method Details</h3>
137
137
"identityProvider": "A String", # Output only. An identity provider that reflects the `issuer` in the workload identity pool.
138
138
"issuer": "A String", # Optional. A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` and be a valid URL with length <2000 characters, it must use `location` rather than `zone` for GKE clusters. If set, then Google will allow valid OIDC tokens from this issuer to authenticate within the workload_identity_pool. OIDC discovery will be performed on this URI to validate tokens from the issuer. Clearing `issuer` disables Workload Identity. `issuer` cannot be directly modified; it must be cleared (and Workload Identity disabled) before using a new issuer (and re-enabling Workload Identity).
139
139
"oidcJwks": "A String", # Optional. OIDC verification keys for this Membership in JWKS format (RFC 7517). When this field is set, OIDC discovery will NOT be performed on `issuer`, and instead OIDC tokens will be validated using this field.
140
+
"scopeTenancyIdentityProvider": "A String", # Optional. Output only. The identity provider for the scope-tenancy workload identity pool.
141
+
"scopeTenancyWorkloadIdentityPool": "A String", # Optional. Output only. The name of the scope-tenancy workload identity pool. This pool is set in the fleet-level feature.
140
142
"workloadIdentityPool": "A String", # Output only. The name of the workload identity pool in which `issuer` will be recognized. There is a single Workload Identity Pool per Hub that is shared between all Memberships that belong to that Hub. For a Hub hosted in {PROJECT_ID}, the workload pool format is `{PROJECT_ID}.hub.id.goog`, although this is subject to change in newer versions of this API.
141
143
},
142
144
"clusterTier": "A String", # Output only. The tier of the cluster.
@@ -334,6 +336,8 @@ <h3>Method Details</h3>
334
336
"identityProvider": "A String", # Output only. An identity provider that reflects the `issuer` in the workload identity pool.
335
337
"issuer": "A String", # Optional. A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` and be a valid URL with length <2000 characters, it must use `location` rather than `zone` for GKE clusters. If set, then Google will allow valid OIDC tokens from this issuer to authenticate within the workload_identity_pool. OIDC discovery will be performed on this URI to validate tokens from the issuer. Clearing `issuer` disables Workload Identity. `issuer` cannot be directly modified; it must be cleared (and Workload Identity disabled) before using a new issuer (and re-enabling Workload Identity).
336
338
"oidcJwks": "A String", # Optional. OIDC verification keys for this Membership in JWKS format (RFC 7517). When this field is set, OIDC discovery will NOT be performed on `issuer`, and instead OIDC tokens will be validated using this field.
339
+
"scopeTenancyIdentityProvider": "A String", # Optional. Output only. The identity provider for the scope-tenancy workload identity pool.
340
+
"scopeTenancyWorkloadIdentityPool": "A String", # Optional. Output only. The name of the scope-tenancy workload identity pool. This pool is set in the fleet-level feature.
337
341
"workloadIdentityPool": "A String", # Output only. The name of the workload identity pool in which `issuer` will be recognized. There is a single Workload Identity Pool per Hub that is shared between all Memberships that belong to that Hub. For a Hub hosted in {PROJECT_ID}, the workload pool format is `{PROJECT_ID}.hub.id.goog`, although this is subject to change in newer versions of this API.
338
342
},
339
343
"clusterTier": "A String", # Output only. The tier of the cluster.
@@ -486,6 +490,8 @@ <h3>Method Details</h3>
486
490
"identityProvider": "A String", # Output only. An identity provider that reflects the `issuer` in the workload identity pool.
487
491
"issuer": "A String", # Optional. A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` and be a valid URL with length <2000 characters, it must use `location` rather than `zone` for GKE clusters. If set, then Google will allow valid OIDC tokens from this issuer to authenticate within the workload_identity_pool. OIDC discovery will be performed on this URI to validate tokens from the issuer. Clearing `issuer` disables Workload Identity. `issuer` cannot be directly modified; it must be cleared (and Workload Identity disabled) before using a new issuer (and re-enabling Workload Identity).
488
492
"oidcJwks": "A String", # Optional. OIDC verification keys for this Membership in JWKS format (RFC 7517). When this field is set, OIDC discovery will NOT be performed on `issuer`, and instead OIDC tokens will be validated using this field.
493
+
"scopeTenancyIdentityProvider": "A String", # Optional. Output only. The identity provider for the scope-tenancy workload identity pool.
494
+
"scopeTenancyWorkloadIdentityPool": "A String", # Optional. Output only. The name of the scope-tenancy workload identity pool. This pool is set in the fleet-level feature.
489
495
"workloadIdentityPool": "A String", # Output only. The name of the workload identity pool in which `issuer` will be recognized. There is a single Workload Identity Pool per Hub that is shared between all Memberships that belong to that Hub. For a Hub hosted in {PROJECT_ID}, the workload pool format is `{PROJECT_ID}.hub.id.goog`, although this is subject to change in newer versions of this API.
490
496
},
491
497
"clusterTier": "A String", # Output only. The tier of the cluster.
@@ -597,6 +603,8 @@ <h3>Method Details</h3>
597
603
"identityProvider": "A String", # Output only. An identity provider that reflects the `issuer` in the workload identity pool.
598
604
"issuer": "A String", # Optional. A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` and be a valid URL with length <2000 characters, it must use `location` rather than `zone` for GKE clusters. If set, then Google will allow valid OIDC tokens from this issuer to authenticate within the workload_identity_pool. OIDC discovery will be performed on this URI to validate tokens from the issuer. Clearing `issuer` disables Workload Identity. `issuer` cannot be directly modified; it must be cleared (and Workload Identity disabled) before using a new issuer (and re-enabling Workload Identity).
599
605
"oidcJwks": "A String", # Optional. OIDC verification keys for this Membership in JWKS format (RFC 7517). When this field is set, OIDC discovery will NOT be performed on `issuer`, and instead OIDC tokens will be validated using this field.
606
+
"scopeTenancyIdentityProvider": "A String", # Optional. Output only. The identity provider for the scope-tenancy workload identity pool.
607
+
"scopeTenancyWorkloadIdentityPool": "A String", # Optional. Output only. The name of the scope-tenancy workload identity pool. This pool is set in the fleet-level feature.
600
608
"workloadIdentityPool": "A String", # Output only. The name of the workload identity pool in which `issuer` will be recognized. There is a single Workload Identity Pool per Hub that is shared between all Memberships that belong to that Hub. For a Hub hosted in {PROJECT_ID}, the workload pool format is `{PROJECT_ID}.hub.id.goog`, although this is subject to change in newer versions of this API.
601
609
},
602
610
"clusterTier": "A String", # Output only. The tier of the cluster.
Copy file name to clipboardExpand all lines: docs/dyn/gkehub_v1.projects.locations.scopes.html
+2Lines changed: 2 additions & 0 deletions
Original file line number
Diff line number
Diff line change
@@ -366,6 +366,8 @@ <h3>Method Details</h3>
366
366
"identityProvider": "A String", # Output only. An identity provider that reflects the `issuer` in the workload identity pool.
367
367
"issuer": "A String", # Optional. A JSON Web Token (JWT) issuer URI. `issuer` must start with `https://` and be a valid URL with length <2000 characters, it must use `location` rather than `zone` for GKE clusters. If set, then Google will allow valid OIDC tokens from this issuer to authenticate within the workload_identity_pool. OIDC discovery will be performed on this URI to validate tokens from the issuer. Clearing `issuer` disables Workload Identity. `issuer` cannot be directly modified; it must be cleared (and Workload Identity disabled) before using a new issuer (and re-enabling Workload Identity).
368
368
"oidcJwks": "A String", # Optional. OIDC verification keys for this Membership in JWKS format (RFC 7517). When this field is set, OIDC discovery will NOT be performed on `issuer`, and instead OIDC tokens will be validated using this field.
369
+
"scopeTenancyIdentityProvider": "A String", # Optional. Output only. The identity provider for the scope-tenancy workload identity pool.
370
+
"scopeTenancyWorkloadIdentityPool": "A String", # Optional. Output only. The name of the scope-tenancy workload identity pool. This pool is set in the fleet-level feature.
369
371
"workloadIdentityPool": "A String", # Output only. The name of the workload identity pool in which `issuer` will be recognized. There is a single Workload Identity Pool per Hub that is shared between all Memberships that belong to that Hub. For a Hub hosted in {PROJECT_ID}, the workload pool format is `{PROJECT_ID}.hub.id.goog`, although this is subject to change in newer versions of this API.
370
372
},
371
373
"clusterTier": "A String", # Output only. The tier of the cluster.
0 commit comments