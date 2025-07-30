This guide is a comprehensive reference to the fields in the
TeleportTrustedClusterV2
resource, which you can apply after installing the Teleport Kubernetes operator.
resources.teleport.dev/v1
apiVersion: resources.teleport.dev/v1
spec
|Field
|Type
|Description
|enabled
|boolean
|Enabled is a bool that indicates if the TrustedCluster is enabled or disabled. Setting Enabled to false has a side effect of deleting the user and host certificate authority (CA).
|role_map
|[]object
|RoleMap specifies role mappings to remote roles.
|token
|string
|Token is the authorization token provided by another cluster needed by this cluster to join. This field supports secret lookup. See the operator documentation for more details.
|tunnel_addr
|string
|ReverseTunnelAddress is the address of the SSH proxy server of the cluster to join. If not set, it is derived from
<metadata.name>:<default reverse tunnel port>.
|web_proxy_addr
|string
|ProxyAddress is the address of the web proxy server of the cluster to join. If not set, it is derived from
<metadata.name>:<default web proxy server port>.
spec.role_map items
|Field
|Type
|Description
|local
|[]string
|Local specifies local roles to map to
|remote
|string
|Remote specifies remote role name to map from