v1beta1

package
v0.31.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 25, 2022 License: Apache-2.0 Imports: 11 Imported by: 2

Documentation

Index

Constants

View Source 
const (
	CRDGroup   = "secretsmanager.aws.crossplane.io"
	CRDVersion = "v1beta1"
)

Package type metadata.

Variables

View Source 
var (
	// GroupVersion is the API Group Version used to register the objects
	GroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var (
	SecretKind             = "Secret"
	SecretGroupKind        = schema.GroupKind{Group: CRDGroup, Kind: SecretKind}.String()
	SecretKindAPIVersion   = SecretKind + "." + GroupVersion.String()
	SecretGroupVersionKind = GroupVersion.WithKind(SecretKind)
)

Repository type metadata.

Functions

This section is empty.

Types

type CustomSecretParameters 

type CustomSecretParameters struct {
	// KMSKeyIDRef is a reference to an kms/v1alpha1.Key used
	// to set the KMSKeyID field.
	// +optional
	KMSKeyIDRef *xpv1.Reference `json:"kmsKeyIDRef,omitempty"`

	// KMSKeyIDSelector selects references to kms/v1alpha1.Key
	// used to set the KMSKeyID.
	// +optional
	KMSKeyIDSelector *xpv1.Selector `json:"kmsKeyIDSelector,omitempty"`

	// StringSecretRef points to the Kubernetes Secret whose data will be sent
	// as string to AWS. If key parameter is given, only the value of that key
	// will be used. Otherwise, all data in the Secret will be marshalled into
	// JSON and sent to AWS.
	StringSecretRef *SecretReference `json:"stringSecretRef,omitempty"`

	// BinarySecretRef points to the Kubernetes Secret whose data will be encoded
	// as binary data to AWS. If key parameter is given, only the value of that
	// key will be used. Otherwise, all data in the Secret will be marshalled
	// into JSON and sent to AWS.
	BinarySecretRef *SecretReference `json:"binarySecretRef,omitempty"`

	// (Optional) Specifies that the secret is to be deleted without any recovery
	// window. You can't use both this parameter and the RecoveryWindowInDays parameter
	// in the same API call.
	//
	// An asynchronous background process performs the actual deletion, so there
	// can be a short delay before the operation completes. If you write code to
	// delete and then immediately recreate a secret with the same name, ensure
	// that your code includes appropriate back off and retry logic.
	//
	// Use this parameter with caution. This parameter causes the operation to skip
	// the normal waiting period before the permanent deletion that AWS would normally
	// impose with the RecoveryWindowInDays parameter. If you delete a secret with
	// the ForceDeleteWithouRecovery parameter, then you have no opportunity to
	// recover the secret. It is permanently lost.
	ForceDeleteWithoutRecovery *bool `json:"forceDeleteWithoutRecovery,omitempty"`

	// (Optional) Specifies the number of days that Secrets Manager waits before
	// it can delete the secret. You can't use both this parameter and the ForceDeleteWithoutRecovery
	// parameter in the same API call.
	//
	// This value can range from 7 to 30 days. The default value is 30.
	RecoveryWindowInDays *int64 `json:"recoveryWindowInDays,omitempty"`

	// A JSON-formatted string constructed according to the grammar and syntax for
	// an Amazon Web Services resource-based policy. The policy in the string identifies
	// who can access or manage this secret and its versions. For information on
	// how to format a JSON parameter for the various command line tool environments,
	// see Using JSON for Parameters (http://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json)
	// in the CLI User Guide.
	//
	// ResourcePolicy is a required field
	// +optional
	ResourcePolicy *string `json:"resourcePolicy,omitempty"`
}

CustomSecretParameters contains the additional fields for SecretParameters.

func (*CustomSecretParameters) DeepCopy 

func (in *CustomSecretParameters) DeepCopy() *CustomSecretParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomSecretParameters.

func (*CustomSecretParameters) DeepCopyInto 

func (in *CustomSecretParameters) DeepCopyInto(out *CustomSecretParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Filter 

type Filter struct {
	Key *string `json:"key,omitempty"`

	Values []*string `json:"values,omitempty"`
}

+kubebuilder:skipversion

func (*Filter) DeepCopy 

func (in *Filter) DeepCopy() *Filter

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Filter.

func (*Filter) DeepCopyInto 

func (in *Filter) DeepCopyInto(out *Filter)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FilterNameStringType 

type FilterNameStringType string
const (
	FilterNameStringType_description    FilterNameStringType = "description"
	FilterNameStringType_name           FilterNameStringType = "name"
	FilterNameStringType_tag_key        FilterNameStringType = "tag-key"
	FilterNameStringType_tag_value      FilterNameStringType = "tag-value"
	FilterNameStringType_primary_region FilterNameStringType = "primary-region"
	FilterNameStringType_all            FilterNameStringType = "all"
)

type ReplicaRegionType 

type ReplicaRegionType struct {
	KMSKeyID *string `json:"kmsKeyID,omitempty"`

	Region *string `json:"region,omitempty"`
}

+kubebuilder:skipversion

func (*ReplicaRegionType) DeepCopy 

func (in *ReplicaRegionType) DeepCopy() *ReplicaRegionType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaRegionType.

func (*ReplicaRegionType) DeepCopyInto 

func (in *ReplicaRegionType) DeepCopyInto(out *ReplicaRegionType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ReplicationStatusType 

type ReplicationStatusType struct {
	KMSKeyID *string `json:"kmsKeyID,omitempty"`

	LastAccessedDate *metav1.Time `json:"lastAccessedDate,omitempty"`

	Region *string `json:"region,omitempty"`

	Status *string `json:"status,omitempty"`

	StatusMessage *string `json:"statusMessage,omitempty"`
}

+kubebuilder:skipversion

func (*ReplicationStatusType) DeepCopy 

func (in *ReplicationStatusType) DeepCopy() *ReplicationStatusType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicationStatusType.

func (*ReplicationStatusType) DeepCopyInto 

func (in *ReplicationStatusType) DeepCopyInto(out *ReplicationStatusType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RotationRulesType 

type RotationRulesType struct {
	AutomaticallyAfterDays *int64 `json:"automaticallyAfterDays,omitempty"`
}

+kubebuilder:skipversion

func (*RotationRulesType) DeepCopy 

func (in *RotationRulesType) DeepCopy() *RotationRulesType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RotationRulesType.

func (*RotationRulesType) DeepCopyInto 

func (in *RotationRulesType) DeepCopyInto(out *RotationRulesType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Secret 

type Secret struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              SecretSpec   `json:"spec"`
	Status            SecretStatus `json:"status,omitempty"`
}

Secret is the Schema for the Secrets API +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:subresource:status +kubebuilder:storageversion +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}

func (*Secret) DeepCopy 

func (in *Secret) DeepCopy() *Secret

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Secret.

func (*Secret) DeepCopyInto 

func (in *Secret) DeepCopyInto(out *Secret)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Secret) DeepCopyObject 

func (in *Secret) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Secret) GetCondition 

func (mg *Secret) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this Secret.

func (*Secret) GetDeletionPolicy 

func (mg *Secret) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this Secret.

func (*Secret) GetProviderConfigReference 

func (mg *Secret) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this Secret.

func (*Secret) GetProviderReference 

func (mg *Secret) GetProviderReference() *xpv1.Reference

GetProviderReference of this Secret. Deprecated: Use GetProviderConfigReference.

func (*Secret) GetPublishConnectionDetailsTo 

func (mg *Secret) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this Secret.

func (*Secret) GetWriteConnectionSecretToReference 

func (mg *Secret) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this Secret.

func (*Secret) ResolveReferences 

func (mg *Secret) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this Secret

func (*Secret) SetConditions 

func (mg *Secret) SetConditions(c ...xpv1.Condition)

SetConditions of this Secret.

func (*Secret) SetDeletionPolicy 

func (mg *Secret) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this Secret.

func (*Secret) SetProviderConfigReference 

func (mg *Secret) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this Secret.

func (*Secret) SetProviderReference 

func (mg *Secret) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this Secret. Deprecated: Use SetProviderConfigReference.

func (*Secret) SetPublishConnectionDetailsTo 

func (mg *Secret) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this Secret.

func (*Secret) SetWriteConnectionSecretToReference 

func (mg *Secret) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this Secret.

type SecretList 

type SecretList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Secret `json:"items"`
}

SecretList contains a list of Secrets

func (*SecretList) DeepCopy 

func (in *SecretList) DeepCopy() *SecretList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretList.

func (*SecretList) DeepCopyInto 

func (in *SecretList) DeepCopyInto(out *SecretList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*SecretList) DeepCopyObject 

func (in *SecretList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*SecretList) GetItems 

func (l *SecretList) GetItems() []resource.Managed

GetItems of this SecretList.

type SecretListEntry 

type SecretListEntry struct {
	ARN *string `json:"arn,omitempty"`

	CreatedDate *metav1.Time `json:"createdDate,omitempty"`

	DeletedDate *metav1.Time `json:"deletedDate,omitempty"`

	Description *string `json:"description,omitempty"`

	KMSKeyID *string `json:"kmsKeyID,omitempty"`

	LastAccessedDate *metav1.Time `json:"lastAccessedDate,omitempty"`

	LastChangedDate *metav1.Time `json:"lastChangedDate,omitempty"`

	LastRotatedDate *metav1.Time `json:"lastRotatedDate,omitempty"`

	Name *string `json:"name,omitempty"`

	OwningService *string `json:"owningService,omitempty"`

	PrimaryRegion *string `json:"primaryRegion,omitempty"`

	RotationEnabled *bool `json:"rotationEnabled,omitempty"`

	RotationLambdaARN *string `json:"rotationLambdaARN,omitempty"`
	// A structure that defines the rotation configuration for the secret.
	RotationRules *RotationRulesType `json:"rotationRules,omitempty"`

	SecretVersionsToStages map[string][]*string `json:"secretVersionsToStages,omitempty"`

	Tags []*Tag `json:"tags,omitempty"`
}

+kubebuilder:skipversion

func (*SecretListEntry) DeepCopy 

func (in *SecretListEntry) DeepCopy() *SecretListEntry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretListEntry.

func (*SecretListEntry) DeepCopyInto 

func (in *SecretListEntry) DeepCopyInto(out *SecretListEntry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretObservation 

type SecretObservation struct {
	// The Amazon Resource Name (ARN) of the secret that you just created.
	//
	// Secrets Manager automatically adds several random characters to the name
	// at the end of the ARN when you initially create a secret. This affects only
	// the ARN and not the actual friendly name. This ensures that if you create
	// a new secret with the same name as an old secret that you previously deleted,
	// then users with access to the old secret don't automatically get access to
	// the new secret because the ARNs are different.
	ARN *string `json:"arn,omitempty"`
	// Describes a list of replication status objects as InProgress, Failed or InSync.
	ReplicationStatus []*ReplicationStatusType `json:"replicationStatus,omitempty"`
}

SecretObservation defines the observed state of Secret

func (*SecretObservation) DeepCopy 

func (in *SecretObservation) DeepCopy() *SecretObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretObservation.

func (*SecretObservation) DeepCopyInto 

func (in *SecretObservation) DeepCopyInto(out *SecretObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretParameters 

type SecretParameters struct {
	// Region is which region the Secret will be created.
	// +kubebuilder:validation:Required
	Region string `json:"region"`
	// (Optional) Add a list of regions to replicate secrets. Secrets Manager replicates
	// the KMSKeyID objects to the list of regions specified in the parameter.
	AddReplicaRegions []*ReplicaRegionType `json:"addReplicaRegions,omitempty"`
	// (Optional) Specifies a user-provided description of the secret.
	Description *string `json:"description,omitempty"`
	// (Optional) If set, the replication overwrites a secret with the same name
	// in the destination region.
	ForceOverwriteReplicaSecret *bool `json:"forceOverwriteReplicaSecret,omitempty"`
	// (Optional) Specifies the ARN, Key ID, or alias of the Amazon Web Services
	// KMS customer master key (CMK) to be used to encrypt the SecretString or SecretBinary
	// values in the versions stored in this secret.
	//
	// You can specify any of the supported ways to identify a Amazon Web Services
	// KMS key ID. If you need to reference a CMK in a different account, you can
	// use only the key ARN or the alias ARN.
	//
	// If you don't specify this value, then Secrets Manager defaults to using the
	// Amazon Web Services account's default CMK (the one named aws/secretsmanager).
	// If a Amazon Web Services KMS CMK with that name doesn't yet exist, then Secrets
	// Manager creates it for you automatically the first time it needs to encrypt
	// a version's SecretString or SecretBinary fields.
	//
	// You can use the account default CMK to encrypt and decrypt only if you call
	// this operation using credentials from the same account that owns the secret.
	// If the secret resides in a different account, then you must create a custom
	// CMK and specify the ARN in this field.
	KMSKeyID *string `json:"kmsKeyID,omitempty"`
	// (Optional) Specifies a list of user-defined tags that are attached to the
	// secret. Each tag is a "Key" and "Value" pair of strings. This operation only
	// appends tags to the existing list of tags. To remove tags, you must use UntagResource.
	//
	//    * Secrets Manager tag key names are case sensitive. A tag with the key
	//    "ABC" is a different tag from one with key "abc".
	//
	//    * If you check tags in IAM policy Condition elements as part of your security
	//    strategy, then adding or removing a tag can change permissions. If the
	//    successful completion of this operation would result in you losing your
	//    permissions for this secret, then this operation is blocked and returns
	//    an Access Denied error.
	//
	// This parameter requires a JSON text string argument. For information on how
	// to format a JSON parameter for the various command line tool environments,
	// see Using JSON for Parameters (https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json)
	// in the CLI User Guide. For example:
	//
	// [{"Key":"CostCenter","Value":"12345"},{"Key":"environment","Value":"production"}]
	//
	// If your command-line tool or SDK requires quotation marks around the parameter,
	// you should use single quotes to avoid confusion with the double quotes required
	// in the JSON text.
	//
	// The following basic restrictions apply to tags:
	//
	//    * Maximum number of tags per secret—50
	//
	//    * Maximum key length—127 Unicode characters in UTF-8
	//
	//    * Maximum value length—255 Unicode characters in UTF-8
	//
	//    * Tag keys and values are case sensitive.
	//
	//    * Do not use the aws: prefix in your tag names or values because Amazon
	//    Web Services reserves it for Amazon Web Services use. You can't edit or
	//    delete tag names or values with this prefix. Tags with this prefix do
	//    not count against your tags per secret limit.
	//
	//    * If you use your tagging schema across multiple services and resources,
	//    remember other services might have restrictions on allowed characters.
	//    Generally allowed characters: letters, spaces, and numbers representable
	//    in UTF-8, plus the following special characters: + - = . _ : / @.
	Tags                   []*Tag `json:"tags,omitempty"`
	CustomSecretParameters `json:",inline"`
}

SecretParameters defines the desired state of Secret

func (*SecretParameters) DeepCopy 

func (in *SecretParameters) DeepCopy() *SecretParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretParameters.

func (*SecretParameters) DeepCopyInto 

func (in *SecretParameters) DeepCopyInto(out *SecretParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretReference 

type SecretReference struct {
	// Name of the secret.
	Name string `json:"name"`

	// Namespace of the secret.
	Namespace string `json:"namespace"`

	// Key whose value will be used. If not given, the whole map in the Secret
	// data will be used.
	Key *string `json:"key,omitempty"`
}

A SecretReference is a reference to a secret in an arbitrary namespace.

func (*SecretReference) DeepCopy 

func (in *SecretReference) DeepCopy() *SecretReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretReference.

func (*SecretReference) DeepCopyInto 

func (in *SecretReference) DeepCopyInto(out *SecretReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretSpec 

type SecretSpec struct {
	xpv1.ResourceSpec `json:",inline"`
	ForProvider       SecretParameters `json:"forProvider"`
}

SecretSpec defines the desired state of Secret

func (*SecretSpec) DeepCopy 

func (in *SecretSpec) DeepCopy() *SecretSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretSpec.

func (*SecretSpec) DeepCopyInto 

func (in *SecretSpec) DeepCopyInto(out *SecretSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretStatus 

type SecretStatus struct {
	xpv1.ResourceStatus `json:",inline"`
	AtProvider          SecretObservation `json:"atProvider,omitempty"`
}

SecretStatus defines the observed state of Secret.

func (*SecretStatus) DeepCopy 

func (in *SecretStatus) DeepCopy() *SecretStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretStatus.

func (*SecretStatus) DeepCopyInto 

func (in *SecretStatus) DeepCopyInto(out *SecretStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretVersionsListEntry 

type SecretVersionsListEntry struct {
	LastAccessedDate *metav1.Time `json:"lastAccessedDate,omitempty"`

	VersionStages []*string `json:"versionStages,omitempty"`
}

+kubebuilder:skipversion

func (*SecretVersionsListEntry) DeepCopy 

func (in *SecretVersionsListEntry) DeepCopy() *SecretVersionsListEntry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretVersionsListEntry.

func (*SecretVersionsListEntry) DeepCopyInto 

func (in *SecretVersionsListEntry) DeepCopyInto(out *SecretVersionsListEntry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SortOrderType 

type SortOrderType string
const (
	SortOrderType_asc  SortOrderType = "asc"
	SortOrderType_desc SortOrderType = "desc"
)

type StatusType 

type StatusType string
const (
	StatusType_InSync     StatusType = "InSync"
	StatusType_Failed     StatusType = "Failed"
	StatusType_InProgress StatusType = "InProgress"
)

type Tag 

type Tag struct {
	Key *string `json:"key,omitempty"`

	Value *string `json:"value,omitempty"`
}

+kubebuilder:skipversion

func (*Tag) DeepCopy 

func (in *Tag) DeepCopy() *Tag

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Tag.

func (*Tag) DeepCopyInto 

func (in *Tag) DeepCopyInto(out *Tag)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.