# TeleportTrustedClusterV2

This guide is a comprehensive reference to the fields in the `TeleportTrustedClusterV2` resource, which you can apply after installing the Teleport Kubernetes operator.

## resources.teleport.dev/v1

**apiVersion:** resources.teleport.dev/v1

| Field      | Type            | Description                                                                                                                                                                                                                                                                                          |
| ---------- | --------------- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| apiVersion | string          | APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: <https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources>  |
| kind       | string          | Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: <https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds> |
| metadata   | object          |                                                                                                                                                                                                                                                                                                      |
| spec       | [object](#spec) | TrustedCluster resource definition v2 from Teleport                                                                                                                                                                                                                                                  |

### spec

| Field            | Type                             | Description                                                                                                                                                                         |
| ---------------- | -------------------------------- | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| enabled          | boolean                          | Enabled is a bool that indicates if the TrustedCluster is enabled or disabled. Setting Enabled to false has a side effect of deleting the user and host certificate authority (CA). |
| role\_map        | \[][object](#specrole_map-items) | RoleMap specifies role mappings to remote roles.                                                                                                                                    |
| token            | string                           | Token is the authorization token provided by another cluster needed by this cluster to join. This field supports secret lookup. See the operator documentation for more details.    |
| tunnel\_addr     | string                           | ReverseTunnelAddress is the address of the SSH proxy server of the cluster to join. If not set, it is derived from `<metadata.name>:<default reverse tunnel port>`.                 |
| web\_proxy\_addr | string                           | ProxyAddress is the address of the web proxy server of the cluster to join. If not set, it is derived from `<metadata.name>:<default web proxy server port>`.                       |

### spec.role\_map items

| Field  | Type      | Description                                   |
| ------ | --------- | --------------------------------------------- |
| local  | \[]string | Local specifies local roles to map to         |
| remote | string    | Remote specifies remote role name to map from |