> ## Documentation Index
> Fetch the complete documentation index at: https://docs.domino.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Fetches custom :ref:`ref_flyteidl.admin.MatchableAttributesConfiguration` for a

> Retrieve the customized resource attributes associated with a project-domain combination



## OpenAPI

````yaml /api-specs/cloud/flyte-native-api.yaml get /api/v1/project_domain_attributes/{project}/{domain}
openapi: 3.0.0
info:
  title: flyteidl/service/admin.proto
  version: version not set
servers:
  - url: https://mycluster.domino.tech
    description: >-
      Replace 'mycluster.domino.tech' with your Domino cluster hostname. For
      Domino Cloud customers, that is <your-subdomain>.domino.tech (e.g.,
      acme.domino.tech). For self-hosted deployments, it is the hostname you
      reach the Domino UI at.
security: []
tags:
  - name: AdminService
paths:
  /api/v1/project_domain_attributes/{project}/{domain}:
    get:
      tags:
        - AdminService
      summary: >-
        Fetches custom
        :ref:`ref_flyteidl.admin.MatchableAttributesConfiguration` for a
      description: >-
        Retrieve the customized resource attributes associated with a
        project-domain combination
      operationId: AdminService_GetProjectDomainAttributes
      parameters:
        - name: project
          description: |-
            Unique project id which this set of attributes references.
            +required
          in: path
          required: true
          schema:
            type: string
        - name: domain
          description: |-
            Unique domain id which this set of attributes references.
            +required
          in: path
          required: true
          schema:
            type: string
        - name: resource_type
          description: |-
            Which type of matchable attributes to return.
            +required

             - TASK_RESOURCE: Applies to customizable task resource requests and limits.
             - CLUSTER_RESOURCE: Applies to configuring templated kubernetes cluster resources.
             - EXECUTION_QUEUE: Configures task and dynamic task execution queue assignment.
             - EXECUTION_CLUSTER_LABEL: Configures the K8s cluster label to be used for execution to be run
             - QUALITY_OF_SERVICE_SPECIFICATION: Configures default quality of service when undefined in an execution spec.
             - PLUGIN_OVERRIDE: Selects configurable plugin implementation behavior for a given task type.
             - WORKFLOW_EXECUTION_CONFIG: Adds defaults for customizable workflow-execution specifications and overrides.
             - CLUSTER_ASSIGNMENT: Controls how to select an available cluster on which this execution should run.
          in: query
          required: false
          schema:
            type: string
            enum:
              - TASK_RESOURCE
              - CLUSTER_RESOURCE
              - EXECUTION_QUEUE
              - EXECUTION_CLUSTER_LABEL
              - QUALITY_OF_SERVICE_SPECIFICATION
              - PLUGIN_OVERRIDE
              - WORKFLOW_EXECUTION_CONFIG
              - CLUSTER_ASSIGNMENT
            default: TASK_RESOURCE
        - name: org
          description: Optional, org key applied to the attributes.
          in: query
          required: false
          schema:
            type: string
      responses:
        '200':
          description: A successful response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/adminProjectDomainAttributesGetResponse'
        default:
          description: An unexpected error response.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/googlerpcStatus'
components:
  schemas:
    adminProjectDomainAttributesGetResponse:
      type: object
      properties:
        attributes:
          $ref: '#/components/schemas/adminProjectDomainAttributes'
      title: >-
        Response to get an individual project domain attribute override.

        For more info on matchable attributes, see
        :ref:`ref_flyteidl.admin.MatchableAttributesConfiguration`
    googlerpcStatus:
      type: object
      properties:
        code:
          type: integer
          format: int32
        message:
          type: string
        details:
          type: array
          items:
            $ref: '#/components/schemas/protobufAny'
    adminProjectDomainAttributes:
      type: object
      properties:
        project:
          type: string
          description: Unique project id for which this set of attributes will be applied.
        domain:
          type: string
          description: Unique domain id for which this set of attributes will be applied.
        matching_attributes:
          $ref: '#/components/schemas/adminMatchingAttributes'
        org:
          type: string
          description: Optional, org key applied to the attributes.
      title: >-
        Defines a set of custom matching attributes which defines resource
        defaults for a project and domain.

        For more info on matchable attributes, see
        :ref:`ref_flyteidl.admin.MatchableAttributesConfiguration`
    protobufAny:
      type: object
      properties:
        '@type':
          type: string
          description: >-
            A URL/resource name that uniquely identifies the type of the
            serialized

            protocol buffer message. This string must contain at least

            one "/" character. The last segment of the URL's path must represent

            the fully qualified name of the type (as in

            `path/google.protobuf.Duration`). The name should be in a canonical
            form

            (e.g., leading "." is not accepted).


            In practice, teams usually precompile into the binary all types that
            they

            expect it to use in the context of Any. However, for URLs which use
            the

            scheme `http`, `https`, or no scheme, one can optionally set up a
            type

            server that maps type URLs to message definitions as follows:


            * If no scheme is provided, `https` is assumed.

            * An HTTP GET on the URL must yield a [google.protobuf.Type][]
              value in binary format, or produce an error.
            * Applications are allowed to cache lookup results based on the
              URL, or have them precompiled into a binary to avoid any
              lookup. Therefore, binary compatibility needs to be preserved
              on changes to types. (Use versioned type names to manage
              breaking changes.)

            Note: this functionality is not currently available in the official

            protobuf release, and it is not used for type URLs beginning with

            type.googleapis.com. As of May 2023, there are no widely used type
            server

            implementations and no plans to implement one.


            Schemes other than `http`, `https` (or the empty scheme) might be

            used with implementation specific semantics.
      additionalProperties: {}
      description: >-
        `Any` contains an arbitrary serialized protocol buffer message along
        with a

        URL that describes the type of the serialized message.


        Protobuf library provides support to pack/unpack Any values in the form

        of utility functions or additional generated methods of the Any type.


        Example 1: Pack and unpack a message in C++.

            Foo foo = ...;
            Any any;
            any.PackFrom(foo);
            ...
            if (any.UnpackTo(&foo)) {
              ...
            }

        Example 2: Pack and unpack a message in Java.

            Foo foo = ...;
            Any any = Any.pack(foo);
            ...
            if (any.is(Foo.class)) {
              foo = any.unpack(Foo.class);
            }
            // or ...
            if (any.isSameTypeAs(Foo.getDefaultInstance())) {
              foo = any.unpack(Foo.getDefaultInstance());
            }

         Example 3: Pack and unpack a message in Python.

            foo = Foo(...)
            any = Any()
            any.Pack(foo)
            ...
            if any.Is(Foo.DESCRIPTOR):
              any.Unpack(foo)
              ...

         Example 4: Pack and unpack a message in Go

             foo := &pb.Foo{...}
             any, err := anypb.New(foo)
             if err != nil {
               ...
             }
             ...
             foo := &pb.Foo{}
             if err := any.UnmarshalTo(foo); err != nil {
               ...
             }

        The pack methods provided by protobuf library will by default use

        'type.googleapis.com/full.type.name' as the type URL and the unpack

        methods only use the fully qualified type name after the last '/'

        in the type URL, for example "foo.bar.com/x/y.z" will yield type

        name "y.z".


        JSON

        ====

        The JSON representation of an `Any` value uses the regular

        representation of the deserialized, embedded message, with an

        additional field `@type` which contains the type URL. Example:

            package google.profile;
            message Person {
              string first_name = 1;
              string last_name = 2;
            }

            {
              "@type": "type.googleapis.com/google.profile.Person",
              "firstName": <string>,
              "lastName": <string>
            }

        If the embedded message type is well-known and has a custom JSON

        representation, that representation will be embedded adding a field

        `value` which holds the custom JSON in addition to the `@type`

        field. Example (for message [google.protobuf.Duration][]):

            {
              "@type": "type.googleapis.com/google.protobuf.Duration",
              "value": "1.212s"
            }
    adminMatchingAttributes:
      type: object
      properties:
        task_resource_attributes:
          $ref: '#/components/schemas/adminTaskResourceAttributes'
        cluster_resource_attributes:
          $ref: '#/components/schemas/adminClusterResourceAttributes'
        execution_queue_attributes:
          $ref: '#/components/schemas/adminExecutionQueueAttributes'
        execution_cluster_label:
          $ref: '#/components/schemas/adminExecutionClusterLabel'
        quality_of_service:
          $ref: '#/components/schemas/coreQualityOfService'
        plugin_overrides:
          $ref: '#/components/schemas/adminPluginOverrides'
        workflow_execution_config:
          $ref: '#/components/schemas/adminWorkflowExecutionConfig'
        cluster_assignment:
          $ref: '#/components/schemas/adminClusterAssignment'
      description: >-
        Generic container for encapsulating all types of the above attributes
        messages.
    adminTaskResourceAttributes:
      type: object
      properties:
        defaults:
          $ref: '#/components/schemas/adminTaskResourceSpec'
        limits:
          $ref: '#/components/schemas/adminTaskResourceSpec'
      description: >-
        Defines task resource defaults and limits that will be applied at task
        registration.
    adminClusterResourceAttributes:
      type: object
      properties:
        attributes:
          type: object
          additionalProperties:
            type: string
          description: >-
            Custom resource attributes which will be applied in cluster resource
            creation (e.g. quotas).

            Map keys are the *case-sensitive* names of variables in templatized
            resource files.

            Map values should be the custom values which get substituted during
            resource creation.
    adminExecutionQueueAttributes:
      type: object
      properties:
        tags:
          type: array
          items:
            type: string
          description: >-
            Tags used for assigning execution queues for tasks defined within
            this project.
    adminExecutionClusterLabel:
      type: object
      properties:
        value:
          type: string
          title: Label value to determine where the execution will be run
    coreQualityOfService:
      type: object
      properties:
        tier:
          $ref: '#/components/schemas/QualityOfServiceTier'
        spec:
          $ref: '#/components/schemas/coreQualityOfServiceSpec'
      description: Indicates the priority of an execution.
    adminPluginOverrides:
      type: object
      properties:
        overrides:
          type: array
          items:
            $ref: '#/components/schemas/adminPluginOverride'
    adminWorkflowExecutionConfig:
      type: object
      properties:
        max_parallelism:
          type: integer
          format: int32
          description: >-
            Can be used to control the number of parallel nodes to run within
            the workflow. This is useful to achieve fairness.
        security_context:
          $ref: '#/components/schemas/coreSecurityContext'
        raw_output_data_config:
          $ref: '#/components/schemas/adminRawOutputDataConfig'
        labels:
          $ref: '#/components/schemas/adminLabels'
        annotations:
          $ref: '#/components/schemas/adminAnnotations'
        interruptible:
          type: boolean
          description: >-
            Allows for the interruptible flag of a workflow to be overwritten
            for a single execution.

            Omitting this field uses the workflow's value as a default.

            As we need to distinguish between the field not being provided and
            its default value false, we have to use a wrapper

            around the bool field.
        overwrite_cache:
          type: boolean
          description: >-
            Allows for all cached values of a workflow and its tasks to be
            overwritten for a single execution.

            If enabled, all calculations are performed even if cached results
            would be available, overwriting the stored

            data once execution finishes successfully.
        envs:
          $ref: '#/components/schemas/adminEnvs'
        execution_env_assignments:
          type: array
          items:
            $ref: '#/components/schemas/coreExecutionEnvAssignment'
          description: Execution environment assignments to be set for the execution.
      description: >-
        Adds defaults for customizable workflow-execution specifications and
        overrides.
    adminClusterAssignment:
      type: object
      properties:
        cluster_pool_name:
          type: string
      description: >-
        Encapsulates specifications for routing an execution onto a specific
        cluster.
    adminTaskResourceSpec:
      type: object
      properties:
        cpu:
          type: string
        gpu:
          type: string
        memory:
          type: string
        storage:
          type: string
        ephemeral_storage:
          type: string
      description: >-
        Defines a set of overridable task resource attributes set during task
        registration.
    QualityOfServiceTier:
      type: string
      enum:
        - UNDEFINED
        - HIGH
        - MEDIUM
        - LOW
      default: UNDEFINED
      description: ' - UNDEFINED: Default: no quality of service specified.'
    coreQualityOfServiceSpec:
      type: object
      properties:
        queueing_budget:
          type: string
          description: Indicates how much queueing delay an execution can tolerate.
      description: Represents customized execution run-time attributes.
    adminPluginOverride:
      type: object
      properties:
        task_type:
          type: string
          description: A predefined yet extensible Task type identifier.
        plugin_id:
          type: array
          items:
            type: string
          description: >-
            A set of plugin ids which should handle tasks of this type instead
            of the default registered plugin. The list will be tried in order
            until a plugin is found with that id.
        missing_plugin_behavior:
          $ref: '#/components/schemas/PluginOverrideMissingPluginBehavior'
      description: >-
        This MatchableAttribute configures selecting alternate plugin
        implementations for a given task type.

        In addition to an override implementation a selection of fallbacks can
        be provided or other modes

        for handling cases where the desired plugin override is not enabled in a
        given Flyte deployment.
    coreSecurityContext:
      type: object
      properties:
        run_as:
          $ref: '#/components/schemas/coreIdentity'
        secrets:
          type: array
          items:
            $ref: '#/components/schemas/coreSecret'
          description: >-
            secrets indicate the list of secrets the task needs in order to
            proceed. Secrets will be mounted/passed to the

            pod as it starts. If the plugin responsible for kicking of the task
            will not run it on a flyte cluster (e.g. AWS

            Batch), it's the responsibility of the plugin to fetch the secret
            (which means propeller identity will need access

            to the secret) and to pass it to the remote execution engine.
        tokens:
          type: array
          items:
            $ref: '#/components/schemas/coreOAuth2TokenRequest'
          description: >-
            tokens indicate the list of token requests the task needs in order
            to proceed. Tokens will be mounted/passed to the

            pod as it starts. If the plugin responsible for kicking of the task
            will not run it on a flyte cluster (e.g. AWS

            Batch), it's the responsibility of the plugin to fetch the secret
            (which means propeller identity will need access

            to the secret) and to pass it to the remote execution engine.
      description: SecurityContext holds security attributes that apply to tasks.
    adminRawOutputDataConfig:
      type: object
      properties:
        output_location_prefix:
          type: string
          title: |-
            Prefix for where offloaded data from user workflows will be written
            e.g. s3://bucket/key or s3://bucket/
      description: >-
        Encapsulates user settings pertaining to offloaded data (i.e. Blobs,
        Schema, query data, etc.).

        See https://github.com/flyteorg/flyte/issues/211 for more background
        information.
    adminLabels:
      type: object
      properties:
        values:
          type: object
          additionalProperties:
            type: string
          description: Map of custom labels to be applied to the execution resource.
      description: >-
        Label values to be applied to an execution resource.

        In the future a mode (e.g. OVERRIDE, APPEND, etc) can be defined

        to specify how to merge labels defined at registration and execution
        time.
    adminAnnotations:
      type: object
      properties:
        values:
          type: object
          additionalProperties:
            type: string
          description: Map of custom annotations to be applied to the execution resource.
      description: >-
        Annotation values to be applied to an execution resource.

        In the future a mode (e.g. OVERRIDE, APPEND, etc) can be defined

        to specify how to merge annotations defined at registration and
        execution time.
    adminEnvs:
      type: object
      properties:
        values:
          type: array
          items:
            $ref: '#/components/schemas/flyteidlcoreKeyValuePair'
          description: >-
            Map of custom environment variables to be applied to the execution
            resource.
      description: >-
        Environment variable values to be applied to an execution resource.

        In the future a mode (e.g. OVERRIDE, APPEND, etc) can be defined

        to specify how to merge environment variables defined at registration
        and execution time.
    coreExecutionEnvAssignment:
      type: object
      properties:
        node_ids:
          type: array
          items:
            type: string
          description: >-
            node_ids is a list of node ids that are being assigned the execution
            environment.
        task_type:
          type: string
          description: >-
            task_type is the type of task that is being assigned. This is used
            to override which Flyte

            plugin will be used during execution.
        execution_env:
          $ref: '#/components/schemas/coreExecutionEnv'
      description: >-
        ExecutionEnvAssignment is a message that is used to assign an execution
        environment to a set of

        nodes.
    PluginOverrideMissingPluginBehavior:
      type: string
      enum:
        - FAIL
        - USE_DEFAULT
      default: FAIL
      description: |2-
         - FAIL: By default, if this plugin is not enabled for a Flyte deployment then execution will fail.
         - USE_DEFAULT: Uses the system-configured default implementation.
    coreIdentity:
      type: object
      properties:
        iam_role:
          type: string
          description: >-
            iam_role references the fully qualified name of Identity & Access
            Management role to impersonate.
        k8s_service_account:
          type: string
          description: >-
            k8s_service_account references a kubernetes service account to
            impersonate.
        oauth2_client:
          $ref: '#/components/schemas/coreOAuth2Client'
        execution_identity:
          type: string
          title: execution_identity references the subject who makes the execution
      description: >-
        Identity encapsulates the various security identities a task can run as.
        It's up to the underlying plugin to pick the

        right identity for the execution environment.
    coreSecret:
      type: object
      properties:
        group:
          type: string
          title: >-
            The name of the secret group where to find the key referenced below.
            For K8s secrets, this should be the name of

            the v1/secret object. For Confidant, this should be the Credential
            name. For Vault, this should be the secret name.

            For AWS Secret Manager, this should be the name of the secret.

            +required
        group_version:
          type: string
          title: >-
            The group version to fetch. This is not supported in all secret
            management systems. It'll be ignored for the ones

            that do not support it.

            +optional
        key:
          type: string
          title: >-
            The name of the secret to mount. This has to match an existing
            secret in the system. It's up to the implementation

            of the secret management system to require case sensitivity. For K8s
            secrets, Confidant and Vault, this should

            match one of the keys inside the secret. For AWS Secret Manager,
            it's ignored.

            +optional
        mount_requirement:
          $ref: '#/components/schemas/SecretMountType'
        env_var:
          type: string
          title: >-
            env_var is optional. Custom environment variable to set the value of
            the secret. If mount_requirement is ENV_VAR,

            then the value is the secret itself. If mount_requirement is FILE,
            then the value is the path to the secret file.

            +optional
      description: >-
        Secret encapsulates information about the secret a task needs to
        proceed. An environment variable

        FLYTE_SECRETS_ENV_PREFIX will be passed to indicate the prefix of the
        environment variables that will be present if

        secrets are passed through environment variables.

        FLYTE_SECRETS_DEFAULT_DIR will be passed to indicate the prefix of the
        path where secrets will be mounted if secrets

        are passed through file mounts.
    coreOAuth2TokenRequest:
      type: object
      properties:
        name:
          type: string
          title: >-
            name indicates a unique id for the token request within this task
            token requests. It'll be used as a suffix for

            environment variables and as a filename for mounting tokens as
            files.

            +required
        type:
          $ref: '#/components/schemas/coreOAuth2TokenRequestType'
        client:
          $ref: '#/components/schemas/coreOAuth2Client'
        idp_discovery_endpoint:
          type: string
          title: >-
            idp_discovery_endpoint references the discovery endpoint used to
            retrieve token endpoint and other related

            information.

            +optional
        token_endpoint:
          type: string
          title: >-
            token_endpoint references the token issuance endpoint. If
            idp_discovery_endpoint is not provided, this parameter is

            mandatory.

            +optional
      description: >-
        OAuth2TokenRequest encapsulates information needed to request an OAuth2
        token.

        FLYTE_TOKENS_ENV_PREFIX will be passed to indicate the prefix of the
        environment variables that will be present if

        tokens are passed through environment variables.

        FLYTE_TOKENS_PATH_PREFIX will be passed to indicate the prefix of the
        path where secrets will be mounted if tokens

        are passed through file mounts.
    flyteidlcoreKeyValuePair:
      type: object
      properties:
        key:
          type: string
          description: required.
        value:
          type: string
          description: +optional.
      description: A generic key value pair.
    coreExecutionEnv:
      type: object
      properties:
        name:
          type: string
          description: >-
            name is a human-readable identifier for the execution environment.
            This is combined with the

            project, domain, and version to uniquely identify an execution
            environment.
        type:
          type: string
          description: type is the type of the execution environment.
        extant:
          type: object
          description: extant is a reference to an existing environment.
        spec:
          type: object
          description: spec is a specification of the environment.
        version:
          type: string
          description: >-
            version is the version of the execution environment. This may be
            used differently by each

            individual environment type (ex. auto-generated or manually
            provided), but is intended to

            allow variance in environment specifications with the same ID.
      description: >-
        ExecutionEnv is a message that is used to specify the execution
        environment.
    coreOAuth2Client:
      type: object
      properties:
        client_id:
          type: string
          title: >-
            client_id is the public id for the client to use. The system will
            not perform any pre-auth validation that the

            secret requested matches the client_id indicated here.

            +required
        client_secret:
          $ref: '#/components/schemas/coreSecret'
      description: >-
        OAuth2Client encapsulates OAuth2 Client Credentials to be used when
        making calls on behalf of that task.
    SecretMountType:
      type: string
      enum:
        - ANY
        - ENV_VAR
        - FILE
      default: ANY
      description: |2-
         - ANY: Default case, indicates the client can tolerate either mounting options.
         - ENV_VAR: ENV_VAR indicates the secret needs to be mounted as an environment variable.
         - FILE: FILE indicates the secret needs to be mounted as a file.
    coreOAuth2TokenRequestType:
      type: string
      enum:
        - CLIENT_CREDENTIALS
      default: CLIENT_CREDENTIALS
      description: |-
        Type of the token requested.

         - CLIENT_CREDENTIALS: CLIENT_CREDENTIALS indicates a 2-legged OAuth token requested using client credentials.

````