diff --git a/documentation/modules/appendix_crds.adoc b/documentation/modules/appendix_crds.adoc index 062fe72836..da08838273 100644 --- a/documentation/modules/appendix_crds.adoc +++ b/documentation/modules/appendix_crds.adoc @@ -263,7 +263,7 @@ It must have the value `oauth` for the type `KafkaListenerAuthenticationOAuth`. |Name of the claim from the JWT authentication token, Introspection Endpoint response or User Info Endpoint response which will be used to extract the user id. Defaults to `sub`. |fallbackUserNameClaim |string -|The fallback username claim to be used for the user id if the claim specified by `userNameClaim` is not present. This is useful when `client_credentials` authentication only results in the client id being provided in another claim. It only takes effect if `userNameClaim` is set. +|The fallback username claim to be used for the user ID if the claim specified by `userNameClaim` is not present. This is useful when `client_credentials` authentication only results in the client ID being provided in another claim. It only takes effect if `userNameClaim` is set. |fallbackUserNamePrefix |string |The prefix to use with the value of `fallbackUserNameClaim` to construct the user id. This only takes effect if `fallbackUserNameClaim` is true, and the value is present for the claim. Mapping usernames and client ids into the same user id space is useful in preventing name collisions. @@ -338,10 +338,10 @@ It must have the value `oauth` for the type `KafkaListenerAuthenticationOAuth`. |Whether the Accept header should be set in requests to the authorization servers. The default value is `true`. |serverBearerTokenLocation |string -|Path to the file on the local filesystem that contains a bearer token to be used instead of client_id and secret when authenticating to authorization server. +|Path to the file on the local filesystem that contains a bearer token to be used instead of client ID and secret when authenticating to authorization server. |userNamePrefix |string -|The prefix to use with the value of `userNameClaim` to construct the user id. This only takes effect if `userNameClaim` is specified, and the value is present for the claim. When used in combination with `fallbackUserNameClaims` it ensures consistent mapping of usernames and client ids into the same user id space and prevents name collisions. +|The prefix to use with the value of `userNameClaim` to construct the user ID. This only takes effect if `userNameClaim` is specified and the value is present for the claim. When used in combination with `fallbackUserNameClaims`, it ensures consistent mapping of usernames and client IDs into the same user ID space and prevents name collisions. |==== [id='type-GenericSecretSource-{context}'] @@ -2522,13 +2522,13 @@ It must have the value `oauth` for the type `KafkaClientAuthenticationOAuth`. |Path to the token file containing an access token to be used for authentication. |clientAssertion |xref:type-GenericSecretSource-{context}[`GenericSecretSource`] -|Link to Kubernetes Secret containing the client assertion which was manually configured for the client. +|Link to Kubernetes secret containing the client assertion which was manually configured for the client. |clientAssertionLocation |string |Path to the file containing the client assertion to be used for authentication. |clientAssertionType |string -|The client assertion type. If not set, and `clientAssertion` or `clientAssertionLocation` is configured, then this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`. +|The client assertion type. If not set, and either `clientAssertion` or `clientAssertionLocation` is configured, this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`. |saslExtensions |map |SASL extensions parameters. diff --git a/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/040-Crd-kafka.yaml b/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/040-Crd-kafka.yaml index 56574530da..5b41d4b597 100644 --- a/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/040-Crd-kafka.yaml +++ b/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/040-Crd-kafka.yaml @@ -168,7 +168,7 @@ spec: description: Enable or disable termination of Kafka broker processes due to potentially recoverable runtime errors during startup. Default value is `true`. fallbackUserNameClaim: type: string - description: The fallback username claim to be used for the user id if the claim specified by `userNameClaim` is not present. This is useful when `client_credentials` authentication only results in the client id being provided in another claim. It only takes effect if `userNameClaim` is set. + description: The fallback username claim to be used for the user ID if the claim specified by `userNameClaim` is not present. This is useful when `client_credentials` authentication only results in the client ID being provided in another claim. It only takes effect if `userNameClaim` is set. fallbackUserNamePrefix: type: string description: "The prefix to use with the value of `fallbackUserNameClaim` to construct the user id. This only takes effect if `fallbackUserNameClaim` is true, and the value is present for the claim. Mapping usernames and client ids into the same user id space is useful in preventing name collisions." @@ -238,7 +238,7 @@ spec: description: Secrets to be mounted to /opt/kafka/custom-authn-secrets/custom-listener-_-_/__. serverBearerTokenLocation: type: string - description: Path to the file on the local filesystem that contains a bearer token to be used instead of client_id and secret when authenticating to authorization server. + description: Path to the file on the local filesystem that contains a bearer token to be used instead of client ID and secret when authenticating to authorization server. tlsTrustedCertificates: type: array items: @@ -284,7 +284,7 @@ spec: description: "Name of the claim from the JWT authentication token, Introspection Endpoint response or User Info Endpoint response which will be used to extract the user id. Defaults to `sub`." userNamePrefix: type: string - description: "The prefix to use with the value of `userNameClaim` to construct the user id. This only takes effect if `userNameClaim` is specified, and the value is present for the claim. When used in combination with `fallbackUserNameClaims` it ensures consistent mapping of usernames and client ids into the same user id space and prevents name collisions." + description: "The prefix to use with the value of `userNameClaim` to construct the user ID. This only takes effect if `userNameClaim` is specified and the value is present for the claim. When used in combination with `fallbackUserNameClaims`, it ensures consistent mapping of usernames and client IDs into the same user ID space and prevents name collisions." validIssuerUri: type: string description: URI of the token issuer used for authentication. diff --git a/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/041-Crd-kafkaconnect.yaml b/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/041-Crd-kafkaconnect.yaml index 6ba5229805..ee53d0f2ad 100644 --- a/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/041-Crd-kafkaconnect.yaml +++ b/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/041-Crd-kafkaconnect.yaml @@ -150,13 +150,13 @@ spec: required: - key - secretName - description: Link to Kubernetes Secret containing the client assertion which was manually configured for the client. + description: Link to Kubernetes secret containing the client assertion which was manually configured for the client. clientAssertionLocation: type: string description: Path to the file containing the client assertion to be used for authentication. clientAssertionType: type: string - description: "The client assertion type. If not set, and `clientAssertion` or `clientAssertionLocation` is configured, then this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." + description: "The client assertion type. If not set, and either `clientAssertion` or `clientAssertionLocation` is configured, this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." clientId: type: string description: OAuth Client ID which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI. diff --git a/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/045-Crd-kafkamirrormaker.yaml b/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/045-Crd-kafkamirrormaker.yaml index 1fee078a36..feb200d899 100644 --- a/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/045-Crd-kafkamirrormaker.yaml +++ b/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/045-Crd-kafkamirrormaker.yaml @@ -144,13 +144,13 @@ spec: required: - key - secretName - description: Link to Kubernetes Secret containing the client assertion which was manually configured for the client. + description: Link to Kubernetes secret containing the client assertion which was manually configured for the client. clientAssertionLocation: type: string description: Path to the file containing the client assertion to be used for authentication. clientAssertionType: type: string - description: "The client assertion type. If not set, and `clientAssertion` or `clientAssertionLocation` is configured, then this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." + description: "The client assertion type. If not set, and either `clientAssertion` or `clientAssertionLocation` is configured, this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." clientId: type: string description: OAuth Client ID which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI. @@ -370,13 +370,13 @@ spec: required: - key - secretName - description: Link to Kubernetes Secret containing the client assertion which was manually configured for the client. + description: Link to Kubernetes secret containing the client assertion which was manually configured for the client. clientAssertionLocation: type: string description: Path to the file containing the client assertion to be used for authentication. clientAssertionType: type: string - description: "The client assertion type. If not set, and `clientAssertion` or `clientAssertionLocation` is configured, then this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." + description: "The client assertion type. If not set, and either `clientAssertion` or `clientAssertionLocation` is configured, this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." clientId: type: string description: OAuth Client ID which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI. diff --git a/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/046-Crd-kafkabridge.yaml b/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/046-Crd-kafkabridge.yaml index 3fe1cc7f82..9cbaffb776 100644 --- a/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/046-Crd-kafkabridge.yaml +++ b/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/046-Crd-kafkabridge.yaml @@ -153,13 +153,13 @@ spec: required: - key - secretName - description: Link to Kubernetes Secret containing the client assertion which was manually configured for the client. + description: Link to Kubernetes secret containing the client assertion which was manually configured for the client. clientAssertionLocation: type: string description: Path to the file containing the client assertion to be used for authentication. clientAssertionType: type: string - description: "The client assertion type. If not set, and `clientAssertion` or `clientAssertionLocation` is configured, then this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." + description: "The client assertion type. If not set, and either `clientAssertion` or `clientAssertionLocation` is configured, this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." clientId: type: string description: OAuth Client ID which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI. diff --git a/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/048-Crd-kafkamirrormaker2.yaml b/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/048-Crd-kafkamirrormaker2.yaml index f9fe78d84f..d7b003c89f 100644 --- a/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/048-Crd-kafkamirrormaker2.yaml +++ b/packaging/helm-charts/helm3/strimzi-kafka-operator/crds/048-Crd-kafkamirrormaker2.yaml @@ -162,13 +162,13 @@ spec: required: - key - secretName - description: Link to Kubernetes Secret containing the client assertion which was manually configured for the client. + description: Link to Kubernetes secret containing the client assertion which was manually configured for the client. clientAssertionLocation: type: string description: Path to the file containing the client assertion to be used for authentication. clientAssertionType: type: string - description: "The client assertion type. If not set, and `clientAssertion` or `clientAssertionLocation` is configured, then this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." + description: "The client assertion type. If not set, and either `clientAssertion` or `clientAssertionLocation` is configured, this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." clientId: type: string description: OAuth Client ID which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI. diff --git a/packaging/install/cluster-operator/040-Crd-kafka.yaml b/packaging/install/cluster-operator/040-Crd-kafka.yaml index 94ba9132d0..852b9c7a75 100644 --- a/packaging/install/cluster-operator/040-Crd-kafka.yaml +++ b/packaging/install/cluster-operator/040-Crd-kafka.yaml @@ -167,7 +167,7 @@ spec: description: Enable or disable termination of Kafka broker processes due to potentially recoverable runtime errors during startup. Default value is `true`. fallbackUserNameClaim: type: string - description: The fallback username claim to be used for the user id if the claim specified by `userNameClaim` is not present. This is useful when `client_credentials` authentication only results in the client id being provided in another claim. It only takes effect if `userNameClaim` is set. + description: The fallback username claim to be used for the user ID if the claim specified by `userNameClaim` is not present. This is useful when `client_credentials` authentication only results in the client ID being provided in another claim. It only takes effect if `userNameClaim` is set. fallbackUserNamePrefix: type: string description: "The prefix to use with the value of `fallbackUserNameClaim` to construct the user id. This only takes effect if `fallbackUserNameClaim` is true, and the value is present for the claim. Mapping usernames and client ids into the same user id space is useful in preventing name collisions." @@ -237,7 +237,7 @@ spec: description: Secrets to be mounted to /opt/kafka/custom-authn-secrets/custom-listener-_-_/__. serverBearerTokenLocation: type: string - description: Path to the file on the local filesystem that contains a bearer token to be used instead of client_id and secret when authenticating to authorization server. + description: Path to the file on the local filesystem that contains a bearer token to be used instead of client ID and secret when authenticating to authorization server. tlsTrustedCertificates: type: array items: @@ -283,7 +283,7 @@ spec: description: "Name of the claim from the JWT authentication token, Introspection Endpoint response or User Info Endpoint response which will be used to extract the user id. Defaults to `sub`." userNamePrefix: type: string - description: "The prefix to use with the value of `userNameClaim` to construct the user id. This only takes effect if `userNameClaim` is specified, and the value is present for the claim. When used in combination with `fallbackUserNameClaims` it ensures consistent mapping of usernames and client ids into the same user id space and prevents name collisions." + description: "The prefix to use with the value of `userNameClaim` to construct the user ID. This only takes effect if `userNameClaim` is specified and the value is present for the claim. When used in combination with `fallbackUserNameClaims`, it ensures consistent mapping of usernames and client IDs into the same user ID space and prevents name collisions." validIssuerUri: type: string description: URI of the token issuer used for authentication. diff --git a/packaging/install/cluster-operator/041-Crd-kafkaconnect.yaml b/packaging/install/cluster-operator/041-Crd-kafkaconnect.yaml index f259e07f85..dfefd80f12 100644 --- a/packaging/install/cluster-operator/041-Crd-kafkaconnect.yaml +++ b/packaging/install/cluster-operator/041-Crd-kafkaconnect.yaml @@ -149,13 +149,13 @@ spec: required: - key - secretName - description: Link to Kubernetes Secret containing the client assertion which was manually configured for the client. + description: Link to Kubernetes secret containing the client assertion which was manually configured for the client. clientAssertionLocation: type: string description: Path to the file containing the client assertion to be used for authentication. clientAssertionType: type: string - description: "The client assertion type. If not set, and `clientAssertion` or `clientAssertionLocation` is configured, then this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." + description: "The client assertion type. If not set, and either `clientAssertion` or `clientAssertionLocation` is configured, this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." clientId: type: string description: OAuth Client ID which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI. diff --git a/packaging/install/cluster-operator/045-Crd-kafkamirrormaker.yaml b/packaging/install/cluster-operator/045-Crd-kafkamirrormaker.yaml index 9865fc91ef..c5a771437a 100644 --- a/packaging/install/cluster-operator/045-Crd-kafkamirrormaker.yaml +++ b/packaging/install/cluster-operator/045-Crd-kafkamirrormaker.yaml @@ -143,13 +143,13 @@ spec: required: - key - secretName - description: Link to Kubernetes Secret containing the client assertion which was manually configured for the client. + description: Link to Kubernetes secret containing the client assertion which was manually configured for the client. clientAssertionLocation: type: string description: Path to the file containing the client assertion to be used for authentication. clientAssertionType: type: string - description: "The client assertion type. If not set, and `clientAssertion` or `clientAssertionLocation` is configured, then this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." + description: "The client assertion type. If not set, and either `clientAssertion` or `clientAssertionLocation` is configured, this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." clientId: type: string description: OAuth Client ID which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI. @@ -369,13 +369,13 @@ spec: required: - key - secretName - description: Link to Kubernetes Secret containing the client assertion which was manually configured for the client. + description: Link to Kubernetes secret containing the client assertion which was manually configured for the client. clientAssertionLocation: type: string description: Path to the file containing the client assertion to be used for authentication. clientAssertionType: type: string - description: "The client assertion type. If not set, and `clientAssertion` or `clientAssertionLocation` is configured, then this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." + description: "The client assertion type. If not set, and either `clientAssertion` or `clientAssertionLocation` is configured, this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." clientId: type: string description: OAuth Client ID which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI. diff --git a/packaging/install/cluster-operator/046-Crd-kafkabridge.yaml b/packaging/install/cluster-operator/046-Crd-kafkabridge.yaml index d7c57610b5..2cc7511ad9 100644 --- a/packaging/install/cluster-operator/046-Crd-kafkabridge.yaml +++ b/packaging/install/cluster-operator/046-Crd-kafkabridge.yaml @@ -152,13 +152,13 @@ spec: required: - key - secretName - description: Link to Kubernetes Secret containing the client assertion which was manually configured for the client. + description: Link to Kubernetes secret containing the client assertion which was manually configured for the client. clientAssertionLocation: type: string description: Path to the file containing the client assertion to be used for authentication. clientAssertionType: type: string - description: "The client assertion type. If not set, and `clientAssertion` or `clientAssertionLocation` is configured, then this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." + description: "The client assertion type. If not set, and either `clientAssertion` or `clientAssertionLocation` is configured, this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." clientId: type: string description: OAuth Client ID which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI. diff --git a/packaging/install/cluster-operator/048-Crd-kafkamirrormaker2.yaml b/packaging/install/cluster-operator/048-Crd-kafkamirrormaker2.yaml index 084aa1e5ed..6a689ed9e7 100644 --- a/packaging/install/cluster-operator/048-Crd-kafkamirrormaker2.yaml +++ b/packaging/install/cluster-operator/048-Crd-kafkamirrormaker2.yaml @@ -161,13 +161,13 @@ spec: required: - key - secretName - description: Link to Kubernetes Secret containing the client assertion which was manually configured for the client. + description: Link to Kubernetes secret containing the client assertion which was manually configured for the client. clientAssertionLocation: type: string description: Path to the file containing the client assertion to be used for authentication. clientAssertionType: type: string - description: "The client assertion type. If not set, and `clientAssertion` or `clientAssertionLocation` is configured, then this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." + description: "The client assertion type. If not set, and either `clientAssertion` or `clientAssertionLocation` is configured, this value defaults to `urn:ietf:params:oauth:client-assertion-type:jwt-bearer`." clientId: type: string description: OAuth Client ID which the Kafka client can use to authenticate against the OAuth server and use the token endpoint URI.