From 4567c7f951e034db4e917bc292df22a1ad597331 Mon Sep 17 00:00:00 2001 From: Letha Date: Tue, 7 Nov 2023 16:58:21 -0800 Subject: [PATCH] Edits IPMI and K8s resource docs (#2520) --- providers/ipmi/resources/ipmi.lr | 2 +- providers/k8s/resources/k8s.lr | 544 +++++++++++++++---------------- 2 files changed, 273 insertions(+), 273 deletions(-) diff --git a/providers/ipmi/resources/ipmi.lr b/providers/ipmi/resources/ipmi.lr index 27f650c75c..c99b12b824 100644 --- a/providers/ipmi/resources/ipmi.lr +++ b/providers/ipmi/resources/ipmi.lr @@ -18,6 +18,6 @@ ipmi { ipmi.chassis { // High-level status of the system chassis and main power subsystem status() dict - // The system boot options + // System boot options systemBootOptions() dict } \ No newline at end of file diff --git a/providers/k8s/resources/k8s.lr b/providers/k8s/resources/k8s.lr index 049bf6ff4a..90673eb081 100644 --- a/providers/k8s/resources/k8s.lr +++ b/providers/k8s/resources/k8s.lr @@ -9,17 +9,17 @@ option go_package = "go.mondoo.com/cnquery/v9/providers/k8s/resources" // Kubernetes cluster k8s { - // Cluster Version + // Cluster version serverVersion() dict - // Available Resource Types + // Available resource types apiResources() []k8s.apiresource - // Cluster Namespaces + // Cluster namespaces namespaces() []k8s.namespace - // Cluster Nodes + // Cluster nodes nodes() []k8s.node // Cluster Pods pods() []k8s.pod - // Cluster Deployments + // Cluster deployments deployments() []k8s.deployment // Cluster DaemonSets daemonsets() []k8s.daemonset @@ -33,43 +33,43 @@ k8s { cronjobs() []k8s.cronjob // Cluster Secrets secrets() []k8s.secret - // Config Maps + // ConfigMaps configmaps() []k8s.configmap // Kubernetes Services services() []k8s.service // Kubernetes Ingresses ingresses() []k8s.ingress - // Kubernetes Service Accounts + // Kubernetes service accounts serviceaccounts() []k8s.serviceaccount - // Kubernetes RBAC Cluster Roles + // Kubernetes RBAC ClusterRoles clusterroles() []k8s.rbac.clusterrole - // Kubernetes RBAC Cluster Role Bindings + // Kubernetes RBAC ClusterRoleBindings clusterrolebindings() []k8s.rbac.clusterrolebinding - // Kubernetes RBAC Roles + // Kubernetes RBAC roles roles() []k8s.rbac.role - // Kubernetes RBAC Role Bindings + // Kubernetes RBAC RoleBindings rolebindings() []k8s.rbac.rolebinding - // Kubernetes PodSecurityPolicy's + // Kubernetes PodSecurityPolicies podSecurityPolicies() []k8s.podsecuritypolicy - // Kubernetes Network Policies + // Kubernetes network policies networkPolicies() []k8s.networkpolicy // Kubernetes custom resources customresources() []k8s.customresource } -// Kubernetes API Resources +// Kubernetes API resources private k8s.apiresource @defaults("name kind") { - // plural name of the resource + // Plural name of the resource name string - // singular name of the resource + // Singular name of the resource singularName string - // indicates if a resource is namespaced or not + // Whether a resource is namespaced or not namespaced bool - // preferred group of the resource + // Preferred group of the resource group string - // preferred version of the resource + // Preferred version of the resource version string - // Kubernetes Object Type + // Kubernetes object type kind string // List of suggested short names of the resource shortNames []string @@ -77,75 +77,75 @@ private k8s.apiresource @defaults("name kind") { categories []string } -// Kubernetes Namespace +// Kubernetes namespace private k8s.namespace @defaults("name created") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string } // Kubernetes node private k8s.node @defaults("name kind") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // plural name of the resource + // Plural name of the resource name string - // Kubernetes Object Type + // Kubernetes object type kind string } // Kubernetes Pod private k8s.pod @defaults("namespace name created"){ - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Namespace + // Kubernetes object namespace namespace string - // Kubernetes Object Version + // Kubernetes object version apiVersion string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict - // PodSpec is a description of a pod + // Pod description podSpec dict // Ephemeral containers ephemeralContainers() []k8s.ephemeralContainer // Init containers initContainers() []k8s.initContainer - // Contained Containers + // Contained containers containers() []k8s.container // Node the pod runs on node() k8s.node @@ -153,211 +153,211 @@ private k8s.pod @defaults("namespace name created"){ // Kubernetes Deployment private k8s.deployment @defaults("namespace name created") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Namespace + // Kubernetes object namespace namespace string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict - // PodSpec is a description of a pod + // Pod description podSpec dict // Init containers initContainers() []k8s.initContainer - // Contained Containers + // Contained containers containers() []k8s.container } // Kubernetes DaemonSet private k8s.daemonset @defaults("namespace name created") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Namespace + // Kubernetes object namespace namespace string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict - // PodSpec is a description of a pod + // Pod description podSpec dict // Init containers initContainers() []k8s.initContainer - // Contained Containers + // Contained containers containers() []k8s.container } // Kubernetes StatefulSet private k8s.statefulset @defaults("namespace name created") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Namespace + // Kubernetes object namespace namespace string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict - // PodSpec is a description of a pod + // Pod description podSpec dict // Init containers initContainers() []k8s.initContainer - // Contained Containers + // Contained containers containers() []k8s.container } // Kubernetes ReplicaSet private k8s.replicaset @defaults("namespace name created") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Namespace + // Kubernetes object namespace namespace string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict - // PodSpec is a description of a pod + // Pod description podSpec dict // Init containers initContainers() []k8s.initContainer - // Contained Containers + // Contained containers containers() []k8s.container } // Kubernetes Job private k8s.job @defaults("namespace name created") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Namespace + // Kubernetes object namespace namespace string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict - // PodSpec is a description of a pod + // Pod description podSpec dict // Init containers initContainers() []k8s.initContainer - // Contained Containers + // Contained containers containers() []k8s.container } // Kubernetes CronJob private k8s.cronjob @defaults("namespace name created") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Namespace + // Kubernetes object namespace namespace string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict - // PodSpec is a description of a pod + // Pod description podSpec dict // Init containers initContainers() []k8s.initContainer - // Contained Containers + // Contained containers containers() []k8s.container } // Kubernetes workload container private k8s.container @defaults("name") { - // Kubernetes Object UID + // Kubernetes object UID uid string // Name of the container name string // Container image name imageName string - // Deprecated. Use `imageName` instead. + // Deprecated; use `imageName` instead image string // Container image containerImage() os.container.image - // Entrypoint array + // Entry point array command []string - // Arguments to the entrypoint + // Arguments to the entry point args []string - // Compute Resources required by this container + // Compute resources required by this container resources dict // Pod volumes to mount into the container's filesystem volumeMounts []dict - // volumeDevices is the list of block devices to be used by the container + // List of block devices to be used by the container volumeDevices []dict // Periodic probe of container liveness livenessProbe dict // Periodic probe of container service readiness readinessProbe dict - // Image pull policy, One of Always, Never, IfNotPresent + // Image pull policyL Always, Never, or IfNotPresent imagePullPolicy string // Security options the pod should run with securityContext dict @@ -371,9 +371,9 @@ private k8s.container @defaults("name") { envFrom dict } -// Kubernetes Init Container +// Kubernetes init container private k8s.initContainer @defaults("name") { - // Kubernetes Object UID + // Kubernetes object UID uid string // Name of the container name string @@ -387,13 +387,13 @@ private k8s.initContainer @defaults("name") { command []string // Arguments to the entrypoint args []string - // Compute Resources required by this container + // Compute resources required by this container resources dict // Pod volumes to mount into the container's filesystem volumeMounts []dict - // volumeDevices is the list of block devices to be used by the container + // List of block devices to be used by the container volumeDevices []dict - // Image pull policy, One of Always, Never, IfNotPresent + // Image pull policy: Always, Never, or IfNotPresent imagePullPolicy string // Security options the pod should run with securityContext dict @@ -407,29 +407,29 @@ private k8s.initContainer @defaults("name") { envFrom dict } -// Kubernetes Ephemeral Container +// Kubernetes ephemeral container private k8s.ephemeralContainer @defaults("name") { - // Kubernetes Object UID + // Kubernetes object UID uid string // Name of the container name string // Container image name imageName string - // Deprecated. Use `imageName` instead. + // Deprecated; use `imageName` instead image string // Container image containerImage() os.container.image - // Entrypoint array + // Entry point array command []string - // Arguments to the entrypoint + // Arguments to the entry point args []string // Pod volumes to mount into the container's filesystem volumeMounts []dict - // volumeDevices is the list of block devices to be used by the container + // List of block devices to be used by the container volumeDevices []dict - // Image pull policy, One of Always, Never, IfNotPresent + // Image pull policy: Always, Never, or IfNotPresent imagePullPolicy string - // Security options the pod should run with + // Security options the Pod should run with securityContext dict // Container's working directory workingDir string @@ -443,23 +443,23 @@ private k8s.ephemeralContainer @defaults("name") { // Kubernetes Secret private k8s.secret @defaults("namespace name created") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Namespace + // Kubernetes object namespace namespace string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict @@ -471,23 +471,23 @@ private k8s.secret @defaults("namespace name created") { // Kubernetes ConfigMap private k8s.configmap @defaults("namespace name created") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Namespace + // Kubernetes object namespace namespace string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict @@ -497,23 +497,23 @@ private k8s.configmap @defaults("namespace name created") { // Kubernetes Service private k8s.service @defaults("namespace name created") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Namespace + // Kubernetes object namespace namespace string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict @@ -521,91 +521,91 @@ private k8s.service @defaults("namespace name created") { spec dict } -// Kubernetes Ingress Resource Backend +// Kubernetes Ingress resource backend private k8s.ingressresourceref @defaults("name kind") { - // Mondoo ID for Object + // Mondoo ID for object id string // APIGroup specified as part of the resource reference apiGroup string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Name + // Kubernetes object name name string } -// Kubernetes Ingress Service Backend +// Kubernetes Ingress service backend private k8s.ingressservicebackend @defaults("name") { - // Mondoo ID for Object + // Mondoo ID for object id string - // Kubernetes Service Name + // Kubernetes service name name string - // Kubernetes Service Port Name + // Kubernetes service port name portName string - // Kubernetes Service Port Number + // Kubernetes service port number portNumber int } -// Kubernetes Ingress Backend +// Kubernetes Ingress backend private k8s.ingressbackend @defaults("id") { - // Mondoo ID for Object + // Mondoo ID for object id string - // Kubernetes Service for Ingress Backend + // Kubernetes service for Ingress backend service k8s.ingressservicebackend - // Kubernetes Resource Reference for Ingress Backend + // Kubernetes resource reference for Ingress backend resourceRef k8s.ingressresourceref } -// Kubernetes Ingress HTTP Rule +// Kubernetes Ingress HTTP rule private k8s.ingresshttprulepath { - // Mondoo ID for Object + // Mondoo ID for object id string - // HTTP path for Ingress Rule + // HTTP path for Ingress rule path string - // PathType for Ingress Rule + // PathType for Ingress rule pathType string - // Backend to forward matching Ingress Traffic + // Backend to forward matching Ingress traffic backend k8s.ingressbackend } -// Kubernetes Ingress Rule +// Kubernetes Ingress rule private k8s.ingressrule { - // Mondoo ID for Object + // Mondoo ID for object id string - // Hostname to match for Ingress Rule + // Hostname to match for Ingress rule host string - // HTTP paths to managed Ingress for + // HTTP paths to manage Ingress for httpPaths []k8s.ingresshttprulepath } // Kubernetes Ingress TLS private k8s.ingresstls { - // Mondoo ID for Object + // Mondoo ID for object id string // List of hosts associated with TLS certificate hosts []string - // Certificates data from TLS Secret + // Certificates data from the TLS Secret certificates []network.certificate } // Kubernetes Ingress private k8s.ingress @defaults("namespace name created") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Namespace + // Kubernetes object namespace namespace string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict @@ -615,107 +615,107 @@ private k8s.ingress @defaults("namespace name created") { tls() []k8s.ingresstls } -// Kubernetes Service Account +// Kubernetes service account private k8s.serviceaccount @defaults("namespace name created") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Namespace + // Kubernetes object namespace namespace string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict - // Secrets is the list of secrets allowed to be used by pods running using this ServiceAccount + // List of secrets that Pods running using this service account are allowed to use secrets []dict - // ImagePullSecrets is a list of references to secrets in the same namespace to use for pulling any images + // List of references to secrets in the same namespace to use for pulling any images imagePullSecrets []dict - // AutomountServiceAccountToken indicates whether pods running as this service account should have an API token automatically mounted + // Whether pods running as this service account should have an API token automatically mounted automountServiceAccountToken bool } // Kubernetes ClusterRole private k8s.rbac.clusterrole @defaults("name created") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict - // Cluster Role Rules + // ClusterRole rules rules []dict - // Cluster Role Aggregation Rule + // ClusterRole aggregation rule aggregationRule dict } // Kubernetes ClusterRoleBinding private k8s.rbac.clusterrolebinding @defaults("name created") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict - // Subjects holds references to the objects the role applies to + // References to the objects the role applies to subjects []dict - // RoleRef can only reference a ClusterRole in the global namespace + // ClusterRole in the global namespace roleRef dict } // Kubernetes Role private k8s.rbac.role @defaults("name namespace") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Namespace + // Kubernetes object namespace namespace string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict @@ -725,23 +725,23 @@ private k8s.rbac.role @defaults("name namespace") { // Kubernetes RoleBinding private k8s.rbac.rolebinding @defaults("name namespace created") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Namespace + // Kubernetes object namespace namespace string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict @@ -753,21 +753,21 @@ private k8s.rbac.rolebinding @defaults("name namespace created") { // Kubernetes PodSecurityPolicy (deprecated as of Kubernetes v1.21) private k8s.podsecuritypolicy { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict @@ -777,49 +777,49 @@ private k8s.podsecuritypolicy { // Kubernetes Network Policy private k8s.networkpolicy @defaults("namespace name created") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Namespace + // Kubernetes object namespace namespace string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict - // Network Policy Spec + // Network policy spec spec dict } // Kubernetes CustomResource private k8s.customresource @defaults("name namespace created") { - // Mondoo ID for Kubernetes Object + // Mondoo ID for the Kubernetes object id string - // Kubernetes Object UID + // Kubernetes object UID uid string - // Kubernetes Resource Version + // Kubernetes resource version resourceVersion string - // Kubernetes Labels + // Kubernetes labels labels() map[string]string - // Kubernetes Annotations + // Kubernetes annotations annotations() map[string]string - // Kubernetes Object Name + // Kubernetes object name name string - // Kubernetes Object Namespace + // Kubernetes object namespace namespace string - // Kubernetes Object Type + // Kubernetes object type kind string - // Kubernetes Object Creation Timestamp + // Kubernetes object creation timestamp created time // Full resource manifest manifest dict @@ -843,7 +843,7 @@ private k8s.admissionrequest @defaults("name namespace") { userInfo() k8s.userinfo // The incoming object from the request object dict - // The existing object. Only populated for UPDATE and DELETE requests + // The existing object (only populated for UPDATE and DELETE requests) oldObject dict }