Resource Types

These Resource Types are available in the Platform Orchestrator.

Resource Type “use”

Each Resource Type has a “use” defined by one of those values:

  • Direct: A Resource of this type can be a direct Resource dependency of a Workload. It may be requested in the resources section of a Score file.
    • Examples: mysql, s3, volume
  • Indirect: A Resource of this type can be referenced by other Resources but not be a direct dependency of a Workload.
    • Example: A direct dns Resource referencing an indirect ingress Resource.
    • Example: An implicit workload Resource referencing an indirect k8s-service-account Resource.
  • Implicit: A Resource of this type is automatically referenced for every Deployment, i.e. it is automatically provisioned by the Platform Orchestrator.
    • You cannot have Workload dependencies on implicit Resources.
    • Examples: k8s-cluster, base-env , workload

agent

Used to provide a secure and easy-to-administer way for the Humanitec Platform Orchestrator to access private endpoints in the customer’s infrastructure. Go to the Agent Overview to leran more.

Category Use
k8s indirect

Inputs

None

Outputs

Values

None

Secrets

Property Type Description
url string The signed URL that can be used as an HTTP Proxy for accessing private resources.

Notes

amqp

Used to provision an AMQP resource such as a RabbitMQ, AmazonMQ or ApacheMQ queue.

Category Use
messaging direct

Inputs

None

Outputs

Values

Property Type Description
host string The hostname or IP Address of the broker.
port integer The TCP port that the broker is available on.
vhost string The virtual host that the client should connect with. Must be a URI segment.

Secrets

Property Type Description
password string The password to connect with.
username string The username to connect with.

aws-policy

Used to provision an AWS IAM Policy.

Category Use
aws indirect

Inputs

None

Outputs

Values

Property Type Description
arn string The Amazon Resource Name (ARN) of the IAM Policy

Secrets

None

aws-role

Used to provision an AWS IAM Role.

Category Use
aws direct

Inputs

Property Type Description
for string,object,array Can hold references to the object the role should be for.

Outputs

Values

Property Type Description
arn string The Amazon Resource Name (ARN) of the IAM Role

Secrets

None

azure-blob

Azure Blob Storage provides object storage in Azure.

Category Use
datastore direct

Inputs

None

Outputs

Values

Property Type Description
account string The globally unique name for the Azure Storage Account. Must be lowercase alphanumeric between 3 and 24 characters.
container string The name for the Azure Blob Storage Container. Must be lowercase alphanumeric and the dash (-) character between 3 and 63 characters.

Secrets

None

azure-blob-account

Represents an Azure Blob Storage account that can hold multiple storage containers (modelled by the azure-blob resource type.)

Category Use
datastore indirect

Inputs

None

Outputs

Values

Property Type Description
name string The globally unique name for the Azure Storage Account. Must be lowercase alphanumeric between 3 and 24 characters.

Secrets

None

Notes

This type is provided to make working with Azure Blob Storage Accounts easier within the resource graph. It is not intended to be used directly by a workload.

azure-cosmosdb-account

Represents an Azure Cosmos DB account that can hold multiple storage containers of different API types. Examples include postgres, cassandra, mongodb, azure-cosmosdb-nosql-database and azure-cosmosdb-table.

Category Use
datastore indirect

Inputs

None

Outputs

Values

Property Type Description
account string The name Cosmos DB Account.

Secrets

None

Notes

This type is provided to make working with Azure Cosmos DB Accounts easier within the resource graph. It is not intended to be used directly by a workload.

azure-cosmosdb-nosql-container

Used to provision a new Azure Cosmos DB NoSQL container.

Category Use
datastore direct

Inputs

Property Type Description
indexingPolicy object The configuration of the indexing policy. By default, the indexing is automatic for all document paths within the container.
partitionKey string A path to property which data within the container can be partitioned.
uniqueKeys array List of unique keys on that enforces uniqueness constraint on documents in the collection in the Azure Cosmos DB service.

indexingPolicy Object

Property Type Description
compositeIndexes object The path for which the indexing behavior applies to. Index paths typically start with root and end with wildcard (/path/*)
excludedPaths array List of paths to exclude from indexing
includedPaths array List of paths to include in the indexing
indexingMode string Indicates the indexing mode.
spatialIndexes object The path for which the indexing behavior applies to. Index paths typically start with root and end with wildcard (/path/*)

Outputs

Values

Property Type Description
account string The name Cosmos DB Account the container is in.
container string The name of the NoSQL container.
database string The name of the NoSQL Database the container is in.

Secrets

Property Type Description
key string An account key that can be used to authenticate with the CosmoDB Account.

Notes

This type should not be confused with azure-cosmosdb-nosql-database which is a namespace for NoSQL containers. See Azure Cosmos DB Resource Model .

azure-cosmosdb-nosql-database

Used to provision a new Azure Cosmos DB NoSQL database.

Category Use
datastore indirect

Inputs

None

Outputs

Values

Property Type Description
account string The name Cosmos DB Account the container is in.
database string The name of the NoSQL Database the container is in.

Secrets

None

Notes

This type is provided to make working with Azure Cosmos DB easier within the resource graph. This type should not be confused with azure-cosmosdb-nosql-container which is the object that actually holds data for the NoSQL API. See Azure Cosmos DB Resource Model .

azure-cosmosdb-table

Used to provision a new Azure Cosmos DB Table.

Category Use
datastore direct

Inputs

None

Outputs

Values

Property Type Description
account string The name Cosmos DB Account the container is in.
table string The name of the Table.

Secrets

Property Type Description
key string An account key that can be used to authenticate with the CosmoDB Account.

azure-federated-identity

Category Use
azure indirect

Inputs

None

Outputs

Values

Property Type Description
id string The ID of the Federated Identity Credential

Secrets

None

azure-managed-identity

Category Use
azure indirect

Inputs

None

Outputs

Values

Property Type Description
client_id string The ID of the app associated with the Identity
id string The ID of the User Assigned Identity
principal_id string The ID of the Service Principal object associated with the created Identity

Secrets

None

azure-role-assignments

Category Use
azure indirect

Inputs

None

Outputs

Values

Property Type Description
ids array The Role Assignment IDs

Secrets

None

azure-role-definition

Category Use
azure indirect

Inputs

None

Outputs

Values

Property Type Description
id string The Azure Resource Manager ID for the resource
scope string The scope at which the Role Definition applies to

Secrets

None

azure-service-bus-queue

Category Use
messaging direct

Inputs

None

Outputs

Values

Property Type Description
hostname string Specifies the hostname of the ServiceBus Namespace resource
namespace string Specifies the name of the ServiceBus Namespace resource
queue string Specifies the name of the ServiceBus Queue resource

Secrets

None

azure-service-principal

Category Use
azure direct

Inputs

None

Outputs

Values

Property Type Description
id string The application (client) ID of the Service Principal.
tenant string The directory (tenant) ID of the Service Principal.

Secrets

Property Type Description
password string The password of the Service Principal.

azure-storage-account

Category Use
datastore indirect

Inputs

None

Outputs

Values

Property Type Description
account string The globally unique name for the Azure Storage Account. Must be lowercase alphanumeric between 3 and 24 characters.

Secrets

None

azure-storage-account-key

Category Use
datastore direct

Inputs

Property Type Description
for string,object,array Can hold references to the object the role should be for.

Outputs

Values

Property Type Description
account string The globally unique name for the Azure Storage Account. Must be lowercase alphanumeric between 3 and 24 characters.

Secrets

Property Type Description
key string The access key of the Azure Storage Account.

base-env

Automatically provisioned once per environment providing a way of bootstrapping environment resources.

Category Use
general implicit

Inputs

Property Type Description
id string The ID of the environment being created.

Outputs

None

cassandra

Used to provision a Cassandra database.

Category Use
datastore direct

Inputs

None

Outputs

Values

Property Type Description
host string The IP Address or DNS name of the host that the Cassandra node is available on.
keyspace string The name of the Cassandra keyspace.
port integer The port on the host that the Cassandra node is available on.

Secrets

Property Type Description
password string None
username string None

config

A convenience type meant to act as a central reference for values that should be used in many resource definitions.

Category Use
general indirect

Inputs

None

Outputs

None

confluent-api-key

Used to provision a Confluent API Key. This is intended to be used as a direct Resource Dependency.

Category Use
messaging direct

Inputs

None

Outputs

Values

None

Secrets

None

confluent-service-account

Used to provision a Confluent Service Account.

Category Use
messaging indirect

Inputs

None

Outputs

Values

Property Type Description
description string The optional description of the Confluent Service Account.
id string The ID of the Confluent Service Account.
name string The name of the Confluent Service Account.

Secrets

None

Notes

The Confluent Service account is intended to be used as an indirect resource. This means that workloads should not use them as Resource Dependencies.

dapr-state-store

Category Use
datastore direct

Inputs

None

Outputs

Values

Property Type Description
name string The name of the Dapr State Store.

Secrets

None

db2

Category Use
datastore direct

Inputs

None

Outputs

Values

Property Type Description
host string The IP address or hostname the instance is available on.
name string The name of the database that the workload should connect to.
port integer The port on the host that the instance is available on.

Secrets

Property Type Description
password string The password for the user or role.
username string The user or role that the workload should use to connect to the database.

dns

Used to define a DNS name for use by a workload.

Category Use
dns direct

Inputs

None

Outputs

Values

Property Type Description
host string The DNS name returned by the driver. It can include one wildcard covering the subdomain.

Secrets

None

Example

To create URL referencing a DNS name defined at the application level under the ID my-dns:

https://${shared.my-dns.host}/my-service

dynamodb-table

Used to define a new DynamoDB table.

Category Use
datastore direct

Inputs

Property Type Description
attributes object Attributes for the DynamoDB table.
globalSecondaryIndexes object The definition of any Global Secondary Indexes for the DynamoDB Table.
localSecondaryIndexes object The definition of any Local Secondary Indexes for the DynamoDB Table.
name string The name of the DynamoDB table to use. Optional and can be ignored at provision time.
primaryKey object The definition of the Primary Key for the DynamoDB Table.

primaryKey Object

Property Type Description
partition string The Attribute Name for the Partition key. Must be included in the attributes. (Is marked as HASH in the AWS API.)
sort string The Attribute Name for the Sort key. Must be included in the attributes. (Is marked as RANGE in the AWS API.)

Outputs

Values

Property Type Description
arn string The Amazon Resource Name (ARN) of the DynamoDB Table
name string The name of the DynamoDB table to use.
region string The AWS region the DynamoDB table is in.

Secrets

None

Notes

The table is created by the system according to the schema provided. There are no guarantees about data protection - it is up to the implementation to either fail or destroy data when changes involving table recreation such as changes to the primaryKey occur.

elasticsearch

Used to provision an Elastic Search cluster.

Category Use
datastore direct

Inputs

None

Outputs

Values

Property Type Description
host string None
port integer None

Secrets

Property Type Description
password string None
username string None

endpoint

Category Use
routing direct

Inputs

None

Outputs

Values

Property Type Description
fragment string The fragment portion of the URL without the leading “#”. fragment
host string The IP address or hostname of the URL. E.g. www.example.com
path string The path portion of the URL. E.g. /some/path
port integer The port portion of the URL. E.g. 8080
query string The query portion of the URL without the leading “?”. E.g param=value
scheme string The scheme portion of the URL. E.g. http

Secrets

Property Type Description
password string The username for the authentication part of the URL. Should be empty string if no username supplied.
url string The URL representing the endpoint. The URL must exactly represent the other fields in the endpoint object.
username string The username for the authentication part of the URL. Should be empty string if no username supplied.

gcp-iam-policy-binding

Category Use
gcp indirect

Inputs

None

Outputs

None

gcp-pubsub-subscription

Category Use
messaging direct

Inputs

Property Type Description
values object None

values Object

Property Type Description
topic string Name of the topic.

Outputs

Values

Property Type Description
name string Must be 3-255 characters, start with a letter, and contain only the following characters: letters, numbers, dashes (-), periods (.), underscores (_), tildes (~), percents (%) or plus signs (+). Cannot start with goog..
topic string Must be 3-255 characters, start with a letter, and contain only the following characters: letters, numbers, dashes (-), periods (.), underscores (_), tildes (~), percents (%) or plus signs (+). Cannot start with goog..

Secrets

None

gcp-pubsub-topic

Category Use
messaging direct

Inputs

None

Outputs

Values

Property Type Description
name string Must be 3-255 characters, start with a letter, and contain only the following characters: letters, numbers, dashes (-), periods (.), underscores (_), tildes (~), percents (%) or plus signs (+). Cannot start with goog..

Secrets

None

gcp-service-account

GCP Service Accounts are a special kind of account typically used by an application or compute workload. A service account is identified by its email address, which is unique to the account.

Category Use
gcp direct

Inputs

None

Outputs

Values

Property Type Description
email string An email address uniquely identifying a GCP Service Account.

Secrets

None

gcp-service-account-key

This represents a static key for a gcp-service-account .

Category Use
gcp direct

Inputs

None

Outputs

Values

Property Type Description
email string An email address uniquely identifying the GCP Service Account this key refers to.

Secrets

Property Type Description
credentials string The JSON format Service Account key encoded as a string.

Notes

In general, the use of static tokens is discouraged: https://cloud.google.com/iam/docs/best-practices-service-accounts#service-account-keys

gcs

Google Cloud Storage buckets are “blob” storage.

Category Use
datastore direct

Inputs

None

Outputs

Values

Property Type Description
name string A unique ID made up of a set of DNS names (lowercase alphanumeric and - between 3 and 63 characters long) separated by . up to a total length of 222 characters.

Secrets

None

Notes

GCS Buckets have global names. Clients require the bucket name and credentials to access the bucket. Region is only required for creation - not for access.

horizontal-pod-autoscaler

Used to define a Horizontal Pod Autoscaler for a workload.

Category Use
autoscaler direct

Inputs

Property Type Description
maxReplicas integer The maximum number of replicas to scale to. (Must be > minReplicas.)
minReplicas integer The minimum number of replicas to scale to. (Must be > 0.)
targetCPUUtilizationPercentage integer The percentage of the CPU resource limit to attempt to scale to. (Must be between 0 and 100.)

Outputs

None

Notes

Humanitec does not require that drivers honor Resource Inputs. A common use case for the Horizontal Pod Autoscaler resource type is to override the maxReplicas for development environments to preserve resources.

ingress

Used to generate ingress or similar routing manifests in the cluster.

Category Use
ingress indirect

Inputs

Property Type Description
host string The host with possible wildcard prefix that the rules apply to
namespace string The namespace that the services are in.
rules object Covers types of routing. Currently only http is supported.
tls_secret_name string The secret that should be used for TLS. Note: the secret must be in the current namespace and can be used for multiple hosts.

rules Object

Property Type Description
http object Each property is an HTTP path.

Outputs

Values

Property Type Description
host string The host with possible wildcard prefix that the rules apply to
namespace string The namespace that the services are in.
rules object Covers types of routing. Currently only http is supported.
tls_secret_name string The secret that should be used for TLS. Note: the secret must be in the current namespace and can be used for multiple hosts.

rules Object

Property Type Description
http object Each property is an HTTP path.

Secrets

None

Notes

This resource type is implicitly created by the Platform Orchestrator if the ingress feature is use in a Workload Profile.

k8s-cluster

Used to define a Kubernetes cluster to deploy into.

Category Use
k8s implicit

Inputs

None

Outputs

Values

Property Type Description
loadbalancer string Load Balancer IP address or host name.
name string Kubernetes cluster name.

Secrets

None

Notes

k8s-namespace

Used to define a Namespace within a Kubernetes cluster.

Category Use
k8s implicit

Inputs

None

Outputs

Values

Property Type Description
namespace string Kubernetes namespace.

Secrets

None

Notes

k8s-service-account

Used to define a Kubernetes Service Account.

Category Use
k8s indirect

Inputs

None

Outputs

Values

Property Type Description
name string Service account name. Must be a valid DNS Subdomain

Secrets

None

kafka-topic

Used to provision a Kafka Topic.

Category Use
messaging direct

Inputs

None

Outputs

Values

Property Type Description
host string The IP address or hostname the cluster is available on.
name string The name of the topic that the workload should use.
port integer The port on the host that the cluster is available on.

Secrets

None

logging

Used to configure how logs are collected by the Platform Orchestrator.

Category Use
logging implicit

Inputs

None

Outputs

None

Notes

mariadb

Used to provision a database in a MariaDB instance.

Category Use
datastore direct

Inputs

None

Outputs

Values

Property Type Description
host string The IP address or hostname the instance is available on.
name string The name of the database that the workload should connect to.
port integer The port on the host that the instance is available on.

Secrets

Property Type Description
password string The password for the user or role.
username string The user or role that the workload should use to connect to the database.

Notes

MariaDB is by design protocol compatible with MySQL, so the mariadb and mysqlresource types can be used interchangeably.

Example

For a MariaDB database added as a Shared Resource Dependency to an Application under the ID my-db, a connection string can be built as:

mysql://${shared.my-db.username}:${shared.my-db.password}@${externals.my-db.host}:${shared.my-db.port}/${shared.my-db.name}

mongodb

Used to provision a MongoDB database.

Category Use
datastore direct

Inputs

None

Outputs

Values

None

Secrets

Property Type Description
connection string The connection string to the MongoDB cluster.

mssql

Used to provision a Microsoft SQL Server database.

Category Use
datastore direct

Inputs

None

Outputs

Values

None

Secrets

Property Type Description
connection string The connection string to the Microsoft SQL Server Database.

mssql-instance

Used to provision a Microsoft SQL Server instance.

Category Use
datastore indirect

Inputs

None

Outputs

Values

None

Secrets

None

Notes

This type is provided to make working with Microsoft SQL Server databases easier within the resource graph. It is not intended to be used directly by a workload.

mysql

Used to provision a database in a MySQL instance.

Category Use
datastore direct

Inputs

None

Outputs

Values

Property Type Description
host string The IP address or hostname the instance is available on.
name string The name of the database that the workload should connect to.
port integer The port on the host that the instance is available on.

Secrets

Property Type Description
password string The password for the user or role.
username string The user or role that the workload should use to connect to the database.

Notes

MariaDB is by design protocol compatible with MySQL, so the mysql and mariaresource types can be used interchangeably.

Example

For a MySQL database added as a Shared Resource Dependency to an Application under the ID my-db, a connection string can be built as:

mysql://${shared.my-db.username}:${shared.my-db.password}@${externals.my-db.host}:${shared.my-db.port}/${shared.my-db.name}

mysql-instance

Used to provision a MySQL instance.

Category Use
datastore indirect

Inputs

None

Outputs

Values

Property Type Description
host string The IP address or hostname the instance is available on.
name string The name of the database that the workload should connect to.
port integer The port on the host that the instance is available on.

Secrets

Property Type Description
password string The password for the user or role.
username string The user or role that the workload should use to connect to the database.

Notes

This type is provided to make working with MySQL databases easier within the resource graph. It is not intended to be used directly by a workload.

oauth-client-identity

Used to supply an OAuth Client Identity that should be used by an Application.

Category Use
identity direct

Inputs

None

Outputs

Values

Property Type Description
client_id string The unique Client Identifier issued by the authorization server.
issuer string Verifiable identifier for an issuer. An issuer identifier is a case-sensitive URL that uses the HTTPS scheme that contains scheme, host, and optionally, port number and path components and no query or fragment components.

Secrets

Property Type Description
client_secret string The Client Secret associated with the Client Identifier.

postgres

Used to provision a database in a PostgreSQL instance.

Category Use
datastore direct

Inputs

Property Type Description
extensions object None

Outputs

Values

Property Type Description
host string The IP address or hostname the instance is available on.
name string The name of the database that the workload should connect to.
port integer The port on the host that the instance is available on.

Secrets

Property Type Description
password string The password for the user or role.
username string The user or role that the workload should use to connect to the database.

Example

For a PostgreSQL database added as a Shared Resource Dependency to an Application under the ID my-db, a connection string can be built as:

postgresql://${shared.my-db.username}:${shared.my-db.password}@${externals.my-db.host}:${shared.my-db.port}/${shared.my-db.name}

postgres-instance

Used to provision a PostgreSQL instance.

Category Use
datastore indirect

Inputs

Property Type Description
extensions object None

Outputs

Values

Property Type Description
host string The IP address or hostname the instance is available on.
name string The name of the database that the workload should connect to.
port integer The port on the host that the instance is available on.

Secrets

Property Type Description
password string The password for the user or role.
username string The user or role that the workload should use to connect to the database.

Notes

This type is provided to make working with PostgreSQL databases easier within the resource graph. It is not intended to be used directly by a workload.

redis

Used to provision a Redis instance.

Category Use
datastore direct

Inputs

None

Outputs

Values

Property Type Description
host string None
port integer None

Secrets

Property Type Description
password string None
username string None

route

A route defines a URL mapping to direct traffic to a service.

Category Use
ingress direct

Inputs

Property Type Description
host string The host with possible wildcard prefix that the rules apply to.
path string The path of the route. The format depends on the implementation e.g. whether regular expressions are supported.
port integer The port on the service to route to.

Outputs

Values

None

Secrets

None

Notes

Routes are an abstract way of specifying a URL mapping. They are made up of a host, port and path.

s3

Used to provision an S3 bucket.

Category Use
datastore direct

Inputs

None

Outputs

Values

Property Type Description
arn string The Amazon Resource Name (ARN) of the S3 Bucket
bucket string The globally unique name for the bucket.
region string The AWS region the bucket is hosted in.

Secrets

Property Type Description
aws_access_key_id string None
aws_secret_access_key string None
aws_session_token string None

sns-topic

Used to provision an AWS SNS topic.

Category Use
messaging direct

Inputs

Property Type Description
name string Hint for the name of the Topic. Optional and can be ignored at provision time.

Outputs

Values

Property Type Description
arn string The Amazon Resource Name (ARN) of the SNS topic.
name string The name of the SNS topic.
region string The AWS region the SNS topic is in.

Secrets

None

spanner

Represents a Google Spanner database.

Category Use
datastore direct

Inputs

None

Outputs

Values

Property Type Description
database string The ID for the Google Cloud Spanner Database. Must be lowercase alphanumeric, the underscore (_) and the dash (-) character between 2 and 30 characters.
instance string The ID for the Google Cloud Spanner Instance. Must be lowercase alphanumeric between 2 and 64 characters.
project string The ID of the Google Cloud Project for the Google Cloud Spanner Instance.

Secrets

None

spanner-instance

Represents a Google Spanner instance.

Category Use
datastore direct

Inputs

None

Outputs

Values

Property Type Description
instance string The ID for the Google Cloud Spanner Instance. Must be lowercase alphanumeric between 2 and 64 characters.
project string The ID of the Google Cloud Project for the Google Cloud Spanner Instance.

Secrets

None

Notes

This type is often used when an application will provision its own Spanner databases within an instance.

sqs

Used to provision an AWS SQS queue.

Category Use
messaging direct

Inputs

None

Outputs

Values

Property Type Description
arn string The Amazon Resource Name (ARN) of the SQS Queue
region string The AWS region the SQS queue is in
url string The URL of the SQS Queue

Secrets

None

static-token

Category Use
security direct

Inputs

Property Type Description
for string,object,array Can hold references to the object the credential should be for.

Outputs

Values

None

Secrets

Property Type Description
token string A string representation of a static security credential.

tls-cert

Used to define a TLS Certificate for use with a DNS name.

Category Use
security direct

Inputs

None

Outputs

Values

Property Type Description
tls_secret_name string Name of Kubernetes Secret in which TLS certificate stored.

Secrets

Property Type Description
tls object DEPRECATED This property is deprecated. A Kubernetes Secret should be created and the name supplied in the tls_secret_name output.

tls Object

Property Type Description
tls.crt string None
tls.key string None

username-password

Category Use
security direct

Inputs

Property Type Description
for string,object,array Can hold references to the object the credentials should be for.

Outputs

Values

None

Secrets

Property Type Description
password string a password
username string A username

volume

Used to provision a persistent volume.

Category Use
datastore direct

Inputs

None

Outputs

None

workload

Used to optionally override values in the workload entry of the deployment set before deployment.

Category Use
general implicit

Inputs

Property Type Description
dependencies array A list of GUResIDs of resources that the workload is directly dependent on. This is purely to guarantee that every resource that is declared in a score file is dependent on by the workload even if it does not have a reference
id string The ID of the workload in the deployment set.
profile string The Workload Profile for the workload in the deployment set.
spec object An object representing the inputs for the Workload Profile

Outputs

Values

Property Type Description
update array Any array of JSONPatch objects to apply to a workload object.

Secrets

None

Notes

This is also a practical way of injecting manifests that are scoped per workload.

The update output of an array of JSONPatch objects to apply to a workload object is limited as follows: The op property in a JSONPatch may only be one of the following values: add, remove or replace.

Example

This example shows how a resource definition could be defined to change the serviceAccountName to dev-service-account in environments of type development, but only if it has been set.

apiVersion: entity.humanitec.io/v1b1
kind: Definition
metadata:
  id: service-account-name-override-dev
entity:
  type: workload
  name: service-account-name-override-dev
  driver_type: humanitec/template
  driver_inputs:
    values:
      templates:
        outputs: |
          {{- if .resources.spec.serviceAccountName }}
          update:
          - op: replace
            path: /spec/serviceAccountName
            value: dev-service-account
          {{- end}}
  criteria:
  - env_type: development

workload-profile

Category Use
general implicit

Inputs

Property Type Description
id string The ID assigned to this workload. (E.g. .metadata.name in the Score file.)
manifests array Partial manifests that augment the workload. I.e. location is one of container or volume.
profile string The ID of the workload profile
spec object The workload specification
substitutions object A set of substitutions to make in the specification. Keys are placeholders and values are secret references.
updates array An array of JSON Patch objects to be applied in order to the spec

Outputs

None

Cloud Account Types