Documentation
¶
Index ¶
- Constants
- Variables
- func KMSKeyARN() reference.ExtractValueFn
- type AlgorithmSpec
- type Alias
- func (in *Alias) DeepCopy() *Alias
- func (in *Alias) DeepCopyInto(out *Alias)
- func (in *Alias) DeepCopyObject() runtime.Object
- func (mg *Alias) GetCondition(ct xpv1.ConditionType) xpv1.Condition
- func (mg *Alias) GetDeletionPolicy() xpv1.DeletionPolicy
- func (mg *Alias) GetProviderConfigReference() *xpv1.Reference
- func (mg *Alias) GetProviderReference() *xpv1.Reference
- func (mg *Alias) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo
- func (mg *Alias) GetWriteConnectionSecretToReference() *xpv1.SecretReference
- func (mg *Alias) ResolveReferences(ctx context.Context, c client.Reader) error
- func (mg *Alias) SetConditions(c ...xpv1.Condition)
- func (mg *Alias) SetDeletionPolicy(r xpv1.DeletionPolicy)
- func (mg *Alias) SetProviderConfigReference(r *xpv1.Reference)
- func (mg *Alias) SetProviderReference(r *xpv1.Reference)
- func (mg *Alias) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)
- func (mg *Alias) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)
- type AliasList
- type AliasListEntry
- type AliasObservation
- type AliasParameters
- type AliasSpec
- type AliasStatus
- type ConnectionErrorCodeType
- type ConnectionStateType
- type CustomKeyParameters
- type CustomKeyStoresListEntry
- type CustomerMasterKeySpec
- type DataKeyPairSpec
- type DataKeySpec
- type EncryptionAlgorithmSpec
- type ExpirationModelType
- type GrantListEntry
- type GrantOperation
- type Key
- func (in *Key) DeepCopy() *Key
- func (in *Key) DeepCopyInto(out *Key)
- func (in *Key) DeepCopyObject() runtime.Object
- func (mg *Key) GetCondition(ct xpv1.ConditionType) xpv1.Condition
- func (mg *Key) GetDeletionPolicy() xpv1.DeletionPolicy
- func (mg *Key) GetProviderConfigReference() *xpv1.Reference
- func (mg *Key) GetProviderReference() *xpv1.Reference
- func (mg *Key) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo
- func (mg *Key) GetWriteConnectionSecretToReference() *xpv1.SecretReference
- func (mg *Key) SetConditions(c ...xpv1.Condition)
- func (mg *Key) SetDeletionPolicy(r xpv1.DeletionPolicy)
- func (mg *Key) SetProviderConfigReference(r *xpv1.Reference)
- func (mg *Key) SetProviderReference(r *xpv1.Reference)
- func (mg *Key) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)
- func (mg *Key) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)
- type KeyList
- type KeyListEntry
- type KeyManagerType
- type KeyMetadata
- type KeyObservation
- type KeyParameters
- type KeySpec
- type KeySpec_SDK
- type KeyState
- type KeyStatus
- type KeyUsageType
- type MacAlgorithmSpec
- type MessageType
- type MultiRegionConfiguration
- type MultiRegionKey
- type MultiRegionKeyType
- type OriginType
- type SigningAlgorithmSpec
- type Tag
- type WrappingKeySpec
Constants ¶
View Source
const ( CRDGroup = "kms.aws.crossplane.io" CRDVersion = "v1alpha1" )
Package type metadata.
Variables ¶
View Source
var ( AliasKind = "Alias" AliasGroupKind = schema.GroupKind{Group: CRDGroup, Kind: AliasKind}.String() AliasKindAPIVersion = AliasKind + "." + GroupVersion.String() AliasGroupVersionKind = GroupVersion.WithKind(AliasKind) )
Repository type metadata.
View Source
var ( // GroupVersion is the API Group Version used to register the objects GroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
View Source
var ( KeyKind = "Key" KeyGroupKind = schema.GroupKind{Group: CRDGroup, Kind: KeyKind}.String() KeyKindAPIVersion = KeyKind + "." + GroupVersion.String() KeyGroupVersionKind = GroupVersion.WithKind(KeyKind) )
Repository type metadata.
Functions ¶
func KMSKeyARN ¶
func KMSKeyARN() reference.ExtractValueFn
KMSKeyARN returns the status.atProvider.ARN of an KMSKey.
Types ¶
type AlgorithmSpec ¶
type AlgorithmSpec string
const ( AlgorithmSpec_RSAES_PKCS1_V1_5 AlgorithmSpec = "RSAES_PKCS1_V1_5" AlgorithmSpec_RSAES_OAEP_SHA_1 AlgorithmSpec = "RSAES_OAEP_SHA_1" AlgorithmSpec_RSAES_OAEP_SHA_256 AlgorithmSpec = "RSAES_OAEP_SHA_256" )
type Alias ¶
type Alias struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec AliasSpec `json:"spec"`
Status AliasStatus `json:"status,omitempty"`
}
Alias is the Schema for the Aliases API +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}
func (*Alias) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Alias.
func (*Alias) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Alias) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*Alias) GetCondition ¶
func (mg *Alias) GetCondition(ct xpv1.ConditionType) xpv1.Condition
GetCondition of this Alias.
func (*Alias) GetDeletionPolicy ¶
func (mg *Alias) GetDeletionPolicy() xpv1.DeletionPolicy
GetDeletionPolicy of this Alias.
func (*Alias) GetProviderConfigReference ¶
GetProviderConfigReference of this Alias.
func (*Alias) GetProviderReference ¶
GetProviderReference of this Alias. Deprecated: Use GetProviderConfigReference.
func (*Alias) GetPublishConnectionDetailsTo ¶
func (mg *Alias) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo
GetPublishConnectionDetailsTo of this Alias.
func (*Alias) GetWriteConnectionSecretToReference ¶
func (mg *Alias) GetWriteConnectionSecretToReference() *xpv1.SecretReference
GetWriteConnectionSecretToReference of this Alias.
func (*Alias) ResolveReferences ¶
ResolveReferences of this Alias.
func (*Alias) SetConditions ¶
SetConditions of this Alias.
func (*Alias) SetDeletionPolicy ¶
func (mg *Alias) SetDeletionPolicy(r xpv1.DeletionPolicy)
SetDeletionPolicy of this Alias.
func (*Alias) SetProviderConfigReference ¶
SetProviderConfigReference of this Alias.
func (*Alias) SetProviderReference ¶
SetProviderReference of this Alias. Deprecated: Use SetProviderConfigReference.
func (*Alias) SetPublishConnectionDetailsTo ¶
func (mg *Alias) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)
SetPublishConnectionDetailsTo of this Alias.
func (*Alias) SetWriteConnectionSecretToReference ¶
func (mg *Alias) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)
SetWriteConnectionSecretToReference of this Alias.
type AliasList ¶
type AliasList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []Alias `json:"items"`
}
AliasList contains a list of Aliases
func (*AliasList) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasList.
func (*AliasList) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*AliasList) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type AliasListEntry ¶
type AliasListEntry struct {
AliasARN *string `json:"aliasARN,omitempty"`
CreationDate *metav1.Time `json:"creationDate,omitempty"`
LastUpdatedDate *metav1.Time `json:"lastUpdatedDate,omitempty"`
TargetKeyID *string `json:"targetKeyID,omitempty"`
}
+kubebuilder:skipversion
func (*AliasListEntry) DeepCopy ¶
func (in *AliasListEntry) DeepCopy() *AliasListEntry
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasListEntry.
func (*AliasListEntry) DeepCopyInto ¶
func (in *AliasListEntry) DeepCopyInto(out *AliasListEntry)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AliasObservation ¶
type AliasObservation struct {
}
AliasObservation defines the observed state of Alias
func (*AliasObservation) DeepCopy ¶
func (in *AliasObservation) DeepCopy() *AliasObservation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasObservation.
func (*AliasObservation) DeepCopyInto ¶
func (in *AliasObservation) DeepCopyInto(out *AliasObservation)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AliasParameters ¶
type AliasParameters struct {
// Region is which region the Alias will be created.
// +kubebuilder:validation:Required
Region string `json:"region"`
// Associates the alias with the specified customer managed CMK (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk).
// The CMK must be in the same AWS Region.
//
// A valid CMK ID is required. If you supply a null or empty string value, this
// operation returns an error.
//
// For help finding the key ID and ARN, see Finding the Key ID and ARN (https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn)
// in the AWS Key Management Service Developer Guide.
//
// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
//
// For example:
//
// * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
//
// * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
//
// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
// +crossplane:generate:reference:type=Key
TargetKeyID *string `json:"targetKeyId,omitempty"`
// TargetKeyIDRef is a reference to a KMS Key used to set TargetKeyID.
// +optional
TargetKeyIDRef *xpv1.Reference `json:"targetKeyIdRef,omitempty"`
// TargetKeyIDSelector selects a reference to a KMS Key used to set TargetKeyID.
// +optional
TargetKeyIDSelector *xpv1.Selector `json:"targetKeyIdSelector,omitempty"`
}
AliasParameters defines the desired state of Alias
func (*AliasParameters) DeepCopy ¶
func (in *AliasParameters) DeepCopy() *AliasParameters
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasParameters.
func (*AliasParameters) DeepCopyInto ¶
func (in *AliasParameters) DeepCopyInto(out *AliasParameters)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AliasSpec ¶
type AliasSpec struct {
xpv1.ResourceSpec `json:",inline"`
ForProvider AliasParameters `json:"forProvider"`
}
AliasSpec defines the desired state of Alias
func (*AliasSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasSpec.
func (*AliasSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AliasStatus ¶
type AliasStatus struct {
xpv1.ResourceStatus `json:",inline"`
AtProvider AliasObservation `json:"atProvider,omitempty"`
}
AliasStatus defines the observed state of Alias.
func (*AliasStatus) DeepCopy ¶
func (in *AliasStatus) DeepCopy() *AliasStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasStatus.
func (*AliasStatus) DeepCopyInto ¶
func (in *AliasStatus) DeepCopyInto(out *AliasStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type ConnectionErrorCodeType ¶
type ConnectionErrorCodeType string
const ( ConnectionErrorCodeType_INVALID_CREDENTIALS ConnectionErrorCodeType = "INVALID_CREDENTIALS" ConnectionErrorCodeType_CLUSTER_NOT_FOUND ConnectionErrorCodeType = "CLUSTER_NOT_FOUND" ConnectionErrorCodeType_NETWORK_ERRORS ConnectionErrorCodeType = "NETWORK_ERRORS" ConnectionErrorCodeType_INTERNAL_ERROR ConnectionErrorCodeType = "INTERNAL_ERROR" ConnectionErrorCodeType_INSUFFICIENT_CLOUDHSM_HSMS ConnectionErrorCodeType = "INSUFFICIENT_CLOUDHSM_HSMS" ConnectionErrorCodeType_USER_LOCKED_OUT ConnectionErrorCodeType = "USER_LOCKED_OUT" ConnectionErrorCodeType_USER_NOT_FOUND ConnectionErrorCodeType = "USER_NOT_FOUND" ConnectionErrorCodeType_USER_LOGGED_IN ConnectionErrorCodeType = "USER_LOGGED_IN" ConnectionErrorCodeType_SUBNET_NOT_FOUND ConnectionErrorCodeType = "SUBNET_NOT_FOUND" )
type ConnectionStateType ¶
type ConnectionStateType string
const ( ConnectionStateType_CONNECTED ConnectionStateType = "CONNECTED" ConnectionStateType_CONNECTING ConnectionStateType = "CONNECTING" ConnectionStateType_FAILED ConnectionStateType = "FAILED" ConnectionStateType_DISCONNECTED ConnectionStateType = "DISCONNECTED" ConnectionStateType_DISCONNECTING ConnectionStateType = "DISCONNECTING" )
type CustomKeyParameters ¶
type CustomKeyParameters struct {
// Specifies whether the CMK is enabled.
Enabled *bool `json:"enabled,omitempty"`
// Specifies how many days the Key is retained when scheduled for deletion. Defaults to 30 days.
PendingWindowInDays *int64 `json:"pendingWindowInDays,omitempty"`
// Specifies if key rotation is enabled for the corresponding key
EnableKeyRotation *bool `json:"enableKeyRotation,omitempty"`
}
CustomKeyParameters are custom parameters for Key.
func (*CustomKeyParameters) DeepCopy ¶
func (in *CustomKeyParameters) DeepCopy() *CustomKeyParameters
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomKeyParameters.
func (*CustomKeyParameters) DeepCopyInto ¶
func (in *CustomKeyParameters) DeepCopyInto(out *CustomKeyParameters)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CustomKeyStoresListEntry ¶
type CustomKeyStoresListEntry struct {
CloudHsmClusterID *string `json:"cloudHsmClusterID,omitempty"`
CreationDate *metav1.Time `json:"creationDate,omitempty"`
CustomKeyStoreID *string `json:"customKeyStoreID,omitempty"`
}
+kubebuilder:skipversion
func (*CustomKeyStoresListEntry) DeepCopy ¶
func (in *CustomKeyStoresListEntry) DeepCopy() *CustomKeyStoresListEntry
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomKeyStoresListEntry.
func (*CustomKeyStoresListEntry) DeepCopyInto ¶
func (in *CustomKeyStoresListEntry) DeepCopyInto(out *CustomKeyStoresListEntry)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CustomerMasterKeySpec ¶
type CustomerMasterKeySpec string
const ( CustomerMasterKeySpec_RSA_2048 CustomerMasterKeySpec = "RSA_2048" CustomerMasterKeySpec_RSA_3072 CustomerMasterKeySpec = "RSA_3072" CustomerMasterKeySpec_RSA_4096 CustomerMasterKeySpec = "RSA_4096" CustomerMasterKeySpec_ECC_NIST_P256 CustomerMasterKeySpec = "ECC_NIST_P256" CustomerMasterKeySpec_ECC_NIST_P384 CustomerMasterKeySpec = "ECC_NIST_P384" CustomerMasterKeySpec_ECC_NIST_P521 CustomerMasterKeySpec = "ECC_NIST_P521" CustomerMasterKeySpec_ECC_SECG_P256K1 CustomerMasterKeySpec = "ECC_SECG_P256K1" CustomerMasterKeySpec_SYMMETRIC_DEFAULT CustomerMasterKeySpec = "SYMMETRIC_DEFAULT" CustomerMasterKeySpec_HMAC_224 CustomerMasterKeySpec = "HMAC_224" CustomerMasterKeySpec_HMAC_256 CustomerMasterKeySpec = "HMAC_256" CustomerMasterKeySpec_HMAC_384 CustomerMasterKeySpec = "HMAC_384" CustomerMasterKeySpec_HMAC_512 CustomerMasterKeySpec = "HMAC_512" )
type DataKeyPairSpec ¶
type DataKeyPairSpec string
const ( DataKeyPairSpec_RSA_2048 DataKeyPairSpec = "RSA_2048" DataKeyPairSpec_RSA_3072 DataKeyPairSpec = "RSA_3072" DataKeyPairSpec_RSA_4096 DataKeyPairSpec = "RSA_4096" DataKeyPairSpec_ECC_NIST_P256 DataKeyPairSpec = "ECC_NIST_P256" DataKeyPairSpec_ECC_NIST_P384 DataKeyPairSpec = "ECC_NIST_P384" DataKeyPairSpec_ECC_NIST_P521 DataKeyPairSpec = "ECC_NIST_P521" DataKeyPairSpec_ECC_SECG_P256K1 DataKeyPairSpec = "ECC_SECG_P256K1" )
type DataKeySpec ¶
type DataKeySpec string
const ( DataKeySpec_AES_256 DataKeySpec = "AES_256" DataKeySpec_AES_128 DataKeySpec = "AES_128" )
type EncryptionAlgorithmSpec ¶
type EncryptionAlgorithmSpec string
const ( EncryptionAlgorithmSpec_SYMMETRIC_DEFAULT EncryptionAlgorithmSpec = "SYMMETRIC_DEFAULT" EncryptionAlgorithmSpec_RSAES_OAEP_SHA_1 EncryptionAlgorithmSpec = "RSAES_OAEP_SHA_1" EncryptionAlgorithmSpec_RSAES_OAEP_SHA_256 EncryptionAlgorithmSpec = "RSAES_OAEP_SHA_256" )
type ExpirationModelType ¶
type ExpirationModelType string
const ( ExpirationModelType_KEY_MATERIAL_EXPIRES ExpirationModelType = "KEY_MATERIAL_EXPIRES" ExpirationModelType_KEY_MATERIAL_DOES_NOT_EXPIRE ExpirationModelType = "KEY_MATERIAL_DOES_NOT_EXPIRE" )
type GrantListEntry ¶
type GrantListEntry struct {
CreationDate *metav1.Time `json:"creationDate,omitempty"`
KeyID *string `json:"keyID,omitempty"`
}
+kubebuilder:skipversion
func (*GrantListEntry) DeepCopy ¶
func (in *GrantListEntry) DeepCopy() *GrantListEntry
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrantListEntry.
func (*GrantListEntry) DeepCopyInto ¶
func (in *GrantListEntry) DeepCopyInto(out *GrantListEntry)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type GrantOperation ¶
type GrantOperation string
const ( GrantOperation_Decrypt GrantOperation = "Decrypt" GrantOperation_Encrypt GrantOperation = "Encrypt" GrantOperation_GenerateDataKey GrantOperation = "GenerateDataKey" GrantOperation_GenerateDataKeyWithoutPlaintext GrantOperation = "GenerateDataKeyWithoutPlaintext" GrantOperation_ReEncryptFrom GrantOperation = "ReEncryptFrom" GrantOperation_ReEncryptTo GrantOperation = "ReEncryptTo" GrantOperation_Sign GrantOperation = "Sign" GrantOperation_Verify GrantOperation = "Verify" GrantOperation_GetPublicKey GrantOperation = "GetPublicKey" GrantOperation_CreateGrant GrantOperation = "CreateGrant" GrantOperation_RetireGrant GrantOperation = "RetireGrant" GrantOperation_DescribeKey GrantOperation = "DescribeKey" GrantOperation_GenerateDataKeyPair GrantOperation = "GenerateDataKeyPair" GrantOperation_GenerateDataKeyPairWithoutPlaintext GrantOperation = "GenerateDataKeyPairWithoutPlaintext" GrantOperation_GenerateMac GrantOperation = "GenerateMac" GrantOperation_VerifyMac GrantOperation = "VerifyMac" )
type Key ¶
type Key struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec KeySpec `json:"spec"`
Status KeyStatus `json:"status,omitempty"`
}
Key is the Schema for the Keys API +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:subresource:status +kubebuilder:storageversion +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}
func (*Key) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Key.
func (*Key) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Key) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*Key) GetCondition ¶
func (mg *Key) GetCondition(ct xpv1.ConditionType) xpv1.Condition
GetCondition of this Key.
func (*Key) GetDeletionPolicy ¶
func (mg *Key) GetDeletionPolicy() xpv1.DeletionPolicy
GetDeletionPolicy of this Key.
func (*Key) GetProviderConfigReference ¶
GetProviderConfigReference of this Key.
func (*Key) GetProviderReference ¶
GetProviderReference of this Key. Deprecated: Use GetProviderConfigReference.
func (*Key) GetPublishConnectionDetailsTo ¶
func (mg *Key) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo
GetPublishConnectionDetailsTo of this Key.
func (*Key) GetWriteConnectionSecretToReference ¶
func (mg *Key) GetWriteConnectionSecretToReference() *xpv1.SecretReference
GetWriteConnectionSecretToReference of this Key.
func (*Key) SetConditions ¶
SetConditions of this Key.
func (*Key) SetDeletionPolicy ¶
func (mg *Key) SetDeletionPolicy(r xpv1.DeletionPolicy)
SetDeletionPolicy of this Key.
func (*Key) SetProviderConfigReference ¶
SetProviderConfigReference of this Key.
func (*Key) SetProviderReference ¶
SetProviderReference of this Key. Deprecated: Use SetProviderConfigReference.
func (*Key) SetPublishConnectionDetailsTo ¶
func (mg *Key) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)
SetPublishConnectionDetailsTo of this Key.
func (*Key) SetWriteConnectionSecretToReference ¶
func (mg *Key) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)
SetWriteConnectionSecretToReference of this Key.
type KeyList ¶
type KeyList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []Key `json:"items"`
}
KeyList contains a list of Keys
func (*KeyList) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyList.
func (*KeyList) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*KeyList) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type KeyListEntry ¶
type KeyListEntry struct {
KeyARN *string `json:"keyARN,omitempty"`
KeyID *string `json:"keyID,omitempty"`
}
+kubebuilder:skipversion
func (*KeyListEntry) DeepCopy ¶
func (in *KeyListEntry) DeepCopy() *KeyListEntry
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyListEntry.
func (*KeyListEntry) DeepCopyInto ¶
func (in *KeyListEntry) DeepCopyInto(out *KeyListEntry)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KeyManagerType ¶
type KeyManagerType string
const ( KeyManagerType_AWS KeyManagerType = "AWS" KeyManagerType_CUSTOMER KeyManagerType = "CUSTOMER" )
type KeyMetadata ¶
type KeyMetadata struct {
AWSAccountID *string `json:"awsAccountID,omitempty"`
ARN *string `json:"arn,omitempty"`
CloudHsmClusterID *string `json:"cloudHsmClusterID,omitempty"`
CreationDate *metav1.Time `json:"creationDate,omitempty"`
CustomKeyStoreID *string `json:"customKeyStoreID,omitempty"`
CustomerMasterKeySpec *string `json:"customerMasterKeySpec,omitempty"`
DeletionDate *metav1.Time `json:"deletionDate,omitempty"`
Description *string `json:"description,omitempty"`
Enabled *bool `json:"enabled,omitempty"`
EncryptionAlgorithms []*string `json:"encryptionAlgorithms,omitempty"`
ExpirationModel *string `json:"expirationModel,omitempty"`
KeyID *string `json:"keyID,omitempty"`
KeyManager *string `json:"keyManager,omitempty"`
KeySpec *string `json:"keySpec,omitempty"`
KeyState *string `json:"keyState,omitempty"`
KeyUsage *string `json:"keyUsage,omitempty"`
MacAlgorithms []*string `json:"macAlgorithms,omitempty"`
MultiRegion *bool `json:"multiRegion,omitempty"`
// Describes the configuration of this multi-Region key. This field appears
// only when the KMS key is a primary or replica of a multi-Region key.
//
// For more information about any listed KMS key, use the DescribeKey operation.
MultiRegionConfiguration *MultiRegionConfiguration `json:"multiRegionConfiguration,omitempty"`
Origin *string `json:"origin,omitempty"`
PendingDeletionWindowInDays *int64 `json:"pendingDeletionWindowInDays,omitempty"`
SigningAlgorithms []*string `json:"signingAlgorithms,omitempty"`
ValidTo *metav1.Time `json:"validTo,omitempty"`
}
+kubebuilder:skipversion
func (*KeyMetadata) DeepCopy ¶
func (in *KeyMetadata) DeepCopy() *KeyMetadata
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyMetadata.
func (*KeyMetadata) DeepCopyInto ¶
func (in *KeyMetadata) DeepCopyInto(out *KeyMetadata)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KeyObservation ¶
type KeyObservation struct {
// The twelve-digit account ID of the Amazon Web Services account that owns
// the KMS key.
AWSAccountID *string `json:"awsAccountID,omitempty"`
// The Amazon Resource Name (ARN) of the KMS key. For examples, see Key Management
// Service (KMS) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-kms)
// in the Example ARNs section of the Amazon Web Services General Reference.
ARN *string `json:"arn,omitempty"`
// The cluster ID of the CloudHSM cluster that contains the key material for
// the KMS key. When you create a KMS key in a custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html),
// KMS creates the key material for the KMS key in the associated CloudHSM cluster.
// This value is present only when the KMS key is created in a custom key store.
CloudHsmClusterID *string `json:"cloudHsmClusterID,omitempty"`
// The date and time when the KMS key was created.
CreationDate *metav1.Time `json:"creationDate,omitempty"`
// The date and time after which KMS deletes this KMS key. This value is present
// only when the KMS key is scheduled for deletion, that is, when its KeyState
// is PendingDeletion.
//
// When the primary key in a multi-Region key is scheduled for deletion but
// still has replica keys, its key state is PendingReplicaDeletion and the length
// of its waiting period is displayed in the PendingDeletionWindowInDays field.
DeletionDate *metav1.Time `json:"deletionDate,omitempty"`
// Specifies whether the KMS key is enabled. When KeyState is Enabled this value
// is true, otherwise it is false.
Enabled *bool `json:"enabled,omitempty"`
// The encryption algorithms that the KMS key supports. You cannot use the KMS
// key with other encryption algorithms within KMS.
//
// This value is present only when the KeyUsage of the KMS key is ENCRYPT_DECRYPT.
EncryptionAlgorithms []*string `json:"encryptionAlgorithms,omitempty"`
// Specifies whether the KMS key's key material expires. This value is present
// only when Origin is EXTERNAL, otherwise this value is omitted.
ExpirationModel *string `json:"expirationModel,omitempty"`
// The globally unique identifier for the KMS key.
KeyID *string `json:"keyID,omitempty"`
// The manager of the KMS key. KMS keys in your Amazon Web Services account
// are either customer managed or Amazon Web Services managed. For more information
// about the difference, see KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#kms_keys)
// in the Key Management Service Developer Guide.
KeyManager *string `json:"keyManager,omitempty"`
// The current status of the KMS key.
//
// For more information about how key state affects the use of a KMS key, see
// Key states of KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
// in the Key Management Service Developer Guide.
KeyState *string `json:"keyState,omitempty"`
// The message authentication code (MAC) algorithm that the HMAC KMS key supports.
//
// This value is present only when the KeyUsage of the KMS key is GENERATE_VERIFY_MAC.
MacAlgorithms []*string `json:"macAlgorithms,omitempty"`
// Lists the primary and replica keys in same multi-Region key. This field is
// present only when the value of the MultiRegion field is True.
//
// For more information about any listed KMS key, use the DescribeKey operation.
//
// * MultiRegionKeyType indicates whether the KMS key is a PRIMARY or REPLICA
// key.
//
// * PrimaryKey displays the key ARN and Region of the primary key. This
// field displays the current KMS key if it is the primary key.
//
// * ReplicaKeys displays the key ARNs and Regions of all replica keys. This
// field includes the current KMS key if it is a replica key.
MultiRegionConfiguration *MultiRegionConfiguration `json:"multiRegionConfiguration,omitempty"`
// The waiting period before the primary key in a multi-Region key is deleted.
// This waiting period begins when the last of its replica keys is deleted.
// This value is present only when the KeyState of the KMS key is PendingReplicaDeletion.
// That indicates that the KMS key is the primary key in a multi-Region key,
// it is scheduled for deletion, and it still has existing replica keys.
//
// When a single-Region KMS key or a multi-Region replica key is scheduled for
// deletion, its deletion date is displayed in the DeletionDate field. However,
// when the primary key in a multi-Region key is scheduled for deletion, its
// waiting period doesn't begin until all of its replica keys are deleted. This
// value displays that waiting period. When the last replica key in the multi-Region
// key is deleted, the KeyState of the scheduled primary key changes from PendingReplicaDeletion
// to PendingDeletion and the deletion date appears in the DeletionDate field.
PendingDeletionWindowInDays *int64 `json:"pendingDeletionWindowInDays,omitempty"`
// The signing algorithms that the KMS key supports. You cannot use the KMS
// key with other signing algorithms within KMS.
//
// This field appears only when the KeyUsage of the KMS key is SIGN_VERIFY.
SigningAlgorithms []*string `json:"signingAlgorithms,omitempty"`
// The time at which the imported key material expires. When the key material
// expires, KMS deletes the key material and the KMS key becomes unusable. This
// value is present only for KMS keys whose Origin is EXTERNAL and whose ExpirationModel
// is KEY_MATERIAL_EXPIRES, otherwise this value is omitted.
ValidTo *metav1.Time `json:"validTo,omitempty"`
}
KeyObservation defines the observed state of Key
func (*KeyObservation) DeepCopy ¶
func (in *KeyObservation) DeepCopy() *KeyObservation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyObservation.
func (*KeyObservation) DeepCopyInto ¶
func (in *KeyObservation) DeepCopyInto(out *KeyObservation)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KeyParameters ¶
type KeyParameters struct {
// Region is which region the Key will be created.
// +kubebuilder:validation:Required
Region string `json:"region"`
// A flag to indicate whether to bypass the key policy lockout safety check.
//
// Setting this value to true increases the risk that the KMS key becomes unmanageable.
// Do not set this value to true indiscriminately.
//
// For more information, refer to the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam)
// section in the Key Management Service Developer Guide .
//
// Use this parameter only when you include a policy in the request and you
// intend to prevent the principal that is making the request from making a
// subsequent PutKeyPolicy request on the KMS key.
//
// The default value is false.
BypassPolicyLockoutSafetyCheck *bool `json:"bypassPolicyLockoutSafetyCheck,omitempty"`
// Creates the KMS key in the specified custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
// and the key material in its associated CloudHSM cluster. To create a KMS
// key in a custom key store, you must also specify the Origin parameter with
// a value of AWS_CLOUDHSM. The CloudHSM cluster that is associated with the
// custom key store must have at least two active HSMs, each in a different
// Availability Zone in the Region.
//
// This parameter is valid only for symmetric encryption KMS keys in a single
// Region. You cannot create any other type of KMS key in a custom key store.
//
// To find the ID of a custom key store, use the DescribeCustomKeyStores operation.
//
// The response includes the custom key store ID and the ID of the CloudHSM
// cluster.
//
// This operation is part of the Custom Key Store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
// feature in KMS, which combines the convenience and extensive integration
// of KMS with the isolation and control of a single-tenant key store.
CustomKeyStoreID *string `json:"customKeyStoreID,omitempty"`
// Instead, use the KeySpec parameter.
//
// The KeySpec and CustomerMasterKeySpec parameters work the same way. Only
// the names differ. We recommend that you use KeySpec parameter in your code.
// However, to avoid breaking changes, KMS will support both parameters.
CustomerMasterKeySpec *string `json:"customerMasterKeySpec,omitempty"`
// A description of the KMS key.
//
// Use a description that helps you decide whether the KMS key is appropriate
// for a task. The default value is an empty string (no description).
//
// To set or change the description after the key is created, use UpdateKeyDescription.
Description *string `json:"description,omitempty"`
// Specifies the type of KMS key to create. The default value, SYMMETRIC_DEFAULT,
// creates a KMS key with a 256-bit symmetric key for encryption and decryption.
// For help choosing a key spec for your KMS key, see Choosing a KMS key type
// (https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html#symm-asymm-choose)
// in the Key Management Service Developer Guide .
//
// The KeySpec determines whether the KMS key contains a symmetric key or an
// asymmetric key pair. It also determines the algorithms that the KMS key supports.
// You can't change the KeySpec after the KMS key is created. To further restrict
// the algorithms that can be used with the KMS key, use a condition key in
// its key policy or IAM policy. For more information, see kms:EncryptionAlgorithm
// (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-encryption-algorithm),
// kms:MacAlgorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-mac-algorithm)
// or kms:Signing Algorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-signing-algorithm)
// in the Key Management Service Developer Guide .
//
// Amazon Web Services services that are integrated with KMS (http://aws.amazon.com/kms/features/#AWS_Service_Integration)
// use symmetric encryption KMS keys to protect your data. These services do
// not support asymmetric KMS keys or HMAC KMS keys.
//
// KMS supports the following key specs for KMS keys:
//
// * Symmetric encryption key (default) SYMMETRIC_DEFAULT (AES-256-GCM)
//
// * HMAC keys (symmetric) HMAC_224 HMAC_256 HMAC_384 HMAC_512
//
// * Asymmetric RSA key pairs RSA_2048 RSA_3072 RSA_4096
//
// * Asymmetric NIST-recommended elliptic curve key pairs ECC_NIST_P256 (secp256r1)
// ECC_NIST_P384 (secp384r1) ECC_NIST_P521 (secp521r1)
//
// * Other asymmetric elliptic curve key pairs ECC_SECG_P256K1 (secp256k1),
// commonly used for cryptocurrencies.
KeySpec *string `json:"keySpec,omitempty"`
// Determines the cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)
// for which you can use the KMS key. The default value is ENCRYPT_DECRYPT.
// This parameter is optional when you are creating a symmetric encryption KMS
// key; otherwise, it is required. You can't change the KeyUsage value after
// the KMS key is created.
//
// Select only one valid value.
//
// * For symmetric encryption KMS keys, omit the parameter or specify ENCRYPT_DECRYPT.
//
// * For HMAC KMS keys (symmetric), specify GENERATE_VERIFY_MAC.
//
// * For asymmetric KMS keys with RSA key material, specify ENCRYPT_DECRYPT
// or SIGN_VERIFY.
//
// * For asymmetric KMS keys with ECC key material, specify SIGN_VERIFY.
KeyUsage *string `json:"keyUsage,omitempty"`
// Creates a multi-Region primary key that you can replicate into other Amazon
// Web Services Regions. You cannot change this value after you create the KMS
// key.
//
// For a multi-Region key, set this parameter to True. For a single-Region KMS
// key, omit this parameter or set it to False. The default value is False.
//
// This operation supports multi-Region keys, an KMS feature that lets you create
// multiple interoperable KMS keys in different Amazon Web Services Regions.
// Because these KMS keys have the same key ID, key material, and other metadata,
// you can use them interchangeably to encrypt data in one Amazon Web Services
// Region and decrypt it in a different Amazon Web Services Region without re-encrypting
// the data or making a cross-Region call. For more information about multi-Region
// keys, see Multi-Region keys in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html)
// in the Key Management Service Developer Guide.
//
// This value creates a primary key, not a replica. To create a replica key,
// use the ReplicateKey operation.
//
// You can create a symmetric or asymmetric multi-Region key, and you can create
// a multi-Region key with imported key material. However, you cannot create
// a multi-Region key in a custom key store.
MultiRegion *bool `json:"multiRegion,omitempty"`
// The source of the key material for the KMS key. You cannot change the origin
// after you create the KMS key. The default is AWS_KMS, which means that KMS
// creates the key material.
//
// To create a KMS key with no key material (for imported key material), set
// the value to EXTERNAL. For more information about importing key material
// into KMS, see Importing Key Material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html)
// in the Key Management Service Developer Guide. This value is valid only for
// symmetric encryption KMS keys.
//
// To create a KMS key in an KMS custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
// and create its key material in the associated CloudHSM cluster, set this
// value to AWS_CLOUDHSM. You must also use the CustomKeyStoreId parameter to
// identify the custom key store. This value is valid only for symmetric encryption
// KMS keys.
Origin *string `json:"origin,omitempty"`
// The key policy to attach to the KMS key.
//
// If you provide a key policy, it must meet the following criteria:
//
// * If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy
// must allow the principal that is making the CreateKey request to make
// a subsequent PutKeyPolicy request on the KMS key. This reduces the risk
// that the KMS key becomes unmanageable. For more information, refer to
// the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam)
// section of the Key Management Service Developer Guide .
//
// * Each statement in the key policy must contain one or more principals.
// The principals in the key policy must exist and be visible to KMS. When
// you create a new Amazon Web Services principal (for example, an IAM user
// or role), you might need to enforce a delay before including the new principal
// in a key policy because the new principal might not be immediately visible
// to KMS. For more information, see Changes that I make are not always immediately
// visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
// in the Amazon Web Services Identity and Access Management User Guide.
//
// If you do not provide a key policy, KMS attaches a default key policy to
// the KMS key. For more information, see Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default)
// in the Key Management Service Developer Guide.
//
// The key policy size quota is 32 kilobytes (32768 bytes).
//
// For help writing and formatting a JSON policy document, see the IAM JSON
// Policy Reference (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html)
// in the Identity and Access Management User Guide .
Policy *string `json:"policy,omitempty"`
// Assigns one or more tags to the KMS key. Use this parameter to tag the KMS
// key when it is created. To tag an existing KMS key, use the TagResource operation.
//
// Tagging or untagging a KMS key can allow or deny permission to the KMS key.
// For details, see ABAC in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/abac.html)
// in the Key Management Service Developer Guide.
//
// To use this parameter, you must have kms:TagResource (https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html)
// permission in an IAM policy.
//
// Each tag consists of a tag key and a tag value. Both the tag key and the
// tag value are required, but the tag value can be an empty (null) string.
// You cannot have more than one tag on a KMS key with the same tag key. If
// you specify an existing tag key with a different tag value, KMS replaces
// the current tag value with the specified one.
//
// When you add tags to an Amazon Web Services resource, Amazon Web Services
// generates a cost allocation report with usage and costs aggregated by tags.
// Tags can also be used to control access to a KMS key. For details, see Tagging
// Keys (https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html).
Tags []*Tag `json:"tags,omitempty"`
CustomKeyParameters `json:",inline"`
}
KeyParameters defines the desired state of Key
func (*KeyParameters) DeepCopy ¶
func (in *KeyParameters) DeepCopy() *KeyParameters
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyParameters.
func (*KeyParameters) DeepCopyInto ¶
func (in *KeyParameters) DeepCopyInto(out *KeyParameters)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KeySpec ¶
type KeySpec struct {
xpv1.ResourceSpec `json:",inline"`
ForProvider KeyParameters `json:"forProvider"`
}
KeySpec defines the desired state of Key
func (*KeySpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeySpec.
func (*KeySpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KeySpec_SDK ¶
type KeySpec_SDK string
const ( KeySpec_SDK_RSA_2048 KeySpec_SDK = "RSA_2048" KeySpec_SDK_RSA_3072 KeySpec_SDK = "RSA_3072" KeySpec_SDK_RSA_4096 KeySpec_SDK = "RSA_4096" KeySpec_SDK_ECC_NIST_P256 KeySpec_SDK = "ECC_NIST_P256" KeySpec_SDK_ECC_NIST_P384 KeySpec_SDK = "ECC_NIST_P384" KeySpec_SDK_ECC_NIST_P521 KeySpec_SDK = "ECC_NIST_P521" KeySpec_SDK_ECC_SECG_P256K1 KeySpec_SDK = "ECC_SECG_P256K1" KeySpec_SDK_SYMMETRIC_DEFAULT KeySpec_SDK = "SYMMETRIC_DEFAULT" KeySpec_SDK_HMAC_224 KeySpec_SDK = "HMAC_224" KeySpec_SDK_HMAC_256 KeySpec_SDK = "HMAC_256" KeySpec_SDK_HMAC_384 KeySpec_SDK = "HMAC_384" KeySpec_SDK_HMAC_512 KeySpec_SDK = "HMAC_512" )
type KeyState ¶
type KeyState string
const ( KeyState_Creating KeyState = "Creating" KeyState_Enabled KeyState = "Enabled" KeyState_Disabled KeyState = "Disabled" KeyState_PendingDeletion KeyState = "PendingDeletion" KeyState_PendingImport KeyState = "PendingImport" KeyState_PendingReplicaDeletion KeyState = "PendingReplicaDeletion" KeyState_Updating KeyState = "Updating" )
type KeyStatus ¶
type KeyStatus struct {
xpv1.ResourceStatus `json:",inline"`
AtProvider KeyObservation `json:"atProvider,omitempty"`
}
KeyStatus defines the observed state of Key.
func (*KeyStatus) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyStatus.
func (*KeyStatus) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KeyUsageType ¶
type KeyUsageType string
const ( KeyUsageType_SIGN_VERIFY KeyUsageType = "SIGN_VERIFY" KeyUsageType_ENCRYPT_DECRYPT KeyUsageType = "ENCRYPT_DECRYPT" KeyUsageType_GENERATE_VERIFY_MAC KeyUsageType = "GENERATE_VERIFY_MAC" )
type MacAlgorithmSpec ¶ added in v0.34.0
type MacAlgorithmSpec string
const ( MacAlgorithmSpec_HMAC_SHA_224 MacAlgorithmSpec = "HMAC_SHA_224" MacAlgorithmSpec_HMAC_SHA_256 MacAlgorithmSpec = "HMAC_SHA_256" MacAlgorithmSpec_HMAC_SHA_384 MacAlgorithmSpec = "HMAC_SHA_384" MacAlgorithmSpec_HMAC_SHA_512 MacAlgorithmSpec = "HMAC_SHA_512" )
type MessageType ¶
type MessageType string
const ( MessageType_RAW MessageType = "RAW" MessageType_DIGEST MessageType = "DIGEST" )
type MultiRegionConfiguration ¶
type MultiRegionConfiguration struct {
MultiRegionKeyType *string `json:"multiRegionKeyType,omitempty"`
// Describes the primary or replica key in a multi-Region key.
PrimaryKey *MultiRegionKey `json:"primaryKey,omitempty"`
ReplicaKeys []*MultiRegionKey `json:"replicaKeys,omitempty"`
}
+kubebuilder:skipversion
func (*MultiRegionConfiguration) DeepCopy ¶
func (in *MultiRegionConfiguration) DeepCopy() *MultiRegionConfiguration
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MultiRegionConfiguration.
func (*MultiRegionConfiguration) DeepCopyInto ¶
func (in *MultiRegionConfiguration) DeepCopyInto(out *MultiRegionConfiguration)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type MultiRegionKey ¶
type MultiRegionKey struct {
ARN *string `json:"arn,omitempty"`
Region *string `json:"region,omitempty"`
}
+kubebuilder:skipversion
func (*MultiRegionKey) DeepCopy ¶
func (in *MultiRegionKey) DeepCopy() *MultiRegionKey
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MultiRegionKey.
func (*MultiRegionKey) DeepCopyInto ¶
func (in *MultiRegionKey) DeepCopyInto(out *MultiRegionKey)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type MultiRegionKeyType ¶
type MultiRegionKeyType string
const ( MultiRegionKeyType_PRIMARY MultiRegionKeyType = "PRIMARY" MultiRegionKeyType_REPLICA MultiRegionKeyType = "REPLICA" )
type OriginType ¶
type OriginType string
const ( OriginType_AWS_KMS OriginType = "AWS_KMS" OriginType_EXTERNAL OriginType = "EXTERNAL" OriginType_AWS_CLOUDHSM OriginType = "AWS_CLOUDHSM" )
type SigningAlgorithmSpec ¶
type SigningAlgorithmSpec string
const ( SigningAlgorithmSpec_RSASSA_PSS_SHA_256 SigningAlgorithmSpec = "RSASSA_PSS_SHA_256" SigningAlgorithmSpec_RSASSA_PSS_SHA_384 SigningAlgorithmSpec = "RSASSA_PSS_SHA_384" SigningAlgorithmSpec_RSASSA_PSS_SHA_512 SigningAlgorithmSpec = "RSASSA_PSS_SHA_512" SigningAlgorithmSpec_RSASSA_PKCS1_V1_5_SHA_256 SigningAlgorithmSpec = "RSASSA_PKCS1_V1_5_SHA_256" SigningAlgorithmSpec_RSASSA_PKCS1_V1_5_SHA_384 SigningAlgorithmSpec = "RSASSA_PKCS1_V1_5_SHA_384" SigningAlgorithmSpec_RSASSA_PKCS1_V1_5_SHA_512 SigningAlgorithmSpec = "RSASSA_PKCS1_V1_5_SHA_512" SigningAlgorithmSpec_ECDSA_SHA_256 SigningAlgorithmSpec = "ECDSA_SHA_256" SigningAlgorithmSpec_ECDSA_SHA_384 SigningAlgorithmSpec = "ECDSA_SHA_384" SigningAlgorithmSpec_ECDSA_SHA_512 SigningAlgorithmSpec = "ECDSA_SHA_512" )
type Tag ¶
type Tag struct {
TagKey *string `json:"tagKey,omitempty"`
TagValue *string `json:"tagValue,omitempty"`
}
+kubebuilder:skipversion
func (*Tag) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Tag.
func (*Tag) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type WrappingKeySpec ¶
type WrappingKeySpec string
const (
WrappingKeySpec_RSA_2048 WrappingKeySpec = "RSA_2048"
)
Source Files
Click to show internal directories.
Click to hide internal directories.