User

Scope: Cluster

v1v1alpha1

Contains information about the static user.

Usage example…

  • spec
    object

    Required value

    • spec.email
      string

      Required value

      User email.

      Caution! Note that if used together with the user-authz module, you must specify an email to grant rights to the specific user as the user name in the ClusterAuthorizationRule CR.

      Example:

      email: user@domain.com
    • spec.groups
      Deprecated
      array of strings

      Static user groups.

      Since the parameter has been deprecated, use the Group resource to add users to groups.

    • spec.password
      string

      Required value

      User password hash in plaintext or Base64 encoded.

      Use the following command to encode the password hash in Base64: echo "<PASSWORD>" | htpasswd -BinC 10 "" | cut -d: -f2 | base64 -w0. Alternatively, you can use an online service (such as https://bcrypt-generator.com/).

      Example:

      password: JDJ5JDEwJE9HN1lOOUhnOXU5NmY2cGp4R3NIcS56NWQuOVQxQ0VrdWIud3BRdVJ5Sy5QQU5INlpKNDguCgo=
    • spec.ttl
      string

      Static user TTL.

      It is specified as a string containing the time unit in hours and minutes: 30m, 1h, 2h30m, 24h.

      You can only set the TTL once. The expireAt date will not be updated if you change it again.

      Pattern: ^([0-9]+h([0-9]+m)?|[0-9]+m)$

      Example:

      ttl: 24h
    • spec.userID
      Deprecated
      string

      Unique issuer user ID. It equals to .metadata.name.

      Deprecated and shouldn’t be set manually.

Deprecated resource. Support for the resource might be removed in a later release.

Contains information about the static user.

Usage example…

  • spec
    object

    Required value

    • spec.email
      string

      Required value

      User email.

      Caution! Note that if used together with the user-authz module, you must specify an email to grant rights to the specific user as the user name in the ClusterAuthorizationRule CR.

      Example:

      email: user@domain.com
    • spec.groups
      Deprecated
      array of strings

      Static user groups.

      Since the parameter has been deprecated, use the Group resource to add users to groups.

    • spec.password
      string

      Required value

      User password hash in plaintext or Base64 encoded.

      Use the following command to encode the password hash in Base64: echo "<PASSWORD>" | htpasswd -BinC 10 "" | cut -d: -f2 | base64 -w0. Alternatively, you can use an online service (such as https://bcrypt-generator.com/).

      Example:

      password: JDJ5JDEwJE9HN1lOOUhnOXU5NmY2cGp4R3NIcS56NWQuOVQxQ0VrdWIud3BRdVJ5Sy5QQU5INlpKNDguCgo=
    • spec.ttl
      string

      Static user TTL.

      It is specified as a string containing the time unit in hours and minutes: 30m, 1h, 2h30m, 24h.

      You can only set the TTL once. The expireAt date will not be updated if you change it again.

      Pattern: ^([0-9]+h([0-9]+m)?|[0-9]+m)$

      Example:

      ttl: 24h
    • spec.userID
      string

      Unique issuer user ID. It equals to .metadata.name by default.

      Example:

      userID: '08a8684b-db88-4b73-90a9-3cd1661f5466'