v1alpha3

package
v0.36.1 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 18, 2023 License: Apache-2.0 Imports: 14 Imported by: 2

Documentation

Overview

Package v1alpha3 contains configuration resources for AWS S3 services such as S3. +kubebuilder:object:generate=true +groupName=s3.aws.crossplane.io +versionName=v1alpha3

Index

Constants

View Source
const (
	Group   = "s3.aws.crossplane.io"
	Version = "v1alpha3"
)

Package type metadata.

Variables

View Source
var (
	// SchemeGroupVersion is group version used to register these objects
	SchemeGroupVersion = schema.GroupVersion{Group: Group, Version: Version}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}
)
View Source
var (
	BucketPolicyKind             = reflect.TypeOf(BucketPolicy{}).Name()
	BucketPolicyGroupKind        = schema.GroupKind{Group: Group, Kind: BucketPolicyKind}.String()
	BucketPolicyKindAPIVersion   = BucketPolicyKind + "." + SchemeGroupVersion.String()
	BucketPolicyGroupVersionKind = SchemeGroupVersion.WithKind(BucketPolicyKind)
)

BucketPolicy type metadata.

Functions

func ResolvePrincipal

func ResolvePrincipal(ctx context.Context, r *reference.APIResolver, principal *BucketPrincipal, statementIndex int) error

ResolvePrincipal resolves all the User and Role references in a BucketPrincipal

Types

type AWSPrincipal

type AWSPrincipal struct {
	// UserARN contains the ARN of an IAM user
	// +optional
	// +immutable
	UserARN *string `json:"iamUserArn,omitempty"`

	// UserARNRef contains the reference to an User
	// +optional
	UserARNRef *xpv1.Reference `json:"iamUserArnRef,omitempty"`

	// UserARNSelector queries for an User to retrieve its userName
	// +optional
	UserARNSelector *xpv1.Selector `json:"iamUserArnSelector,omitempty"`

	// AWSAccountID identifies an AWS account as the principal
	// +optional
	// +immutable
	AWSAccountID *string `json:"awsAccountId,omitempty"`

	// IAMRoleARN contains the ARN of an IAM role
	// +optional
	// +immutable
	IAMRoleARN *string `json:"iamRoleArn,omitempty"`

	// IAMRoleARNRef contains the reference to an IAMRole
	// +optional
	IAMRoleARNRef *xpv1.Reference `json:"iamRoleArnRef,omitempty"`

	// IAMRoleARNSelector queries for an IAM role to retrieve its userName
	// +optional
	IAMRoleARNSelector *xpv1.Selector `json:"iamRoleArnSelector,omitempty"`
}

AWSPrincipal wraps the potential values a policy principal can take. Only one of the values should be set.

func (*AWSPrincipal) DeepCopy

func (in *AWSPrincipal) DeepCopy() *AWSPrincipal

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSPrincipal.

func (*AWSPrincipal) DeepCopyInto

func (in *AWSPrincipal) DeepCopyInto(out *AWSPrincipal)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BucketPolicy

type BucketPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   BucketPolicySpec   `json:"spec"`
	Status BucketPolicyStatus `json:"status,omitempty"`
}

An BucketPolicy is a managed resource that represents an AWS Bucket policy. +kubebuilder:printcolumn:name="BUCKETNAME",type="string",JSONPath=".spec.forProvider.bucketName" +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}

func (*BucketPolicy) DeepCopy

func (in *BucketPolicy) DeepCopy() *BucketPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BucketPolicy.

func (*BucketPolicy) DeepCopyInto

func (in *BucketPolicy) DeepCopyInto(out *BucketPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*BucketPolicy) DeepCopyObject

func (in *BucketPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*BucketPolicy) GetCondition

func (mg *BucketPolicy) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this BucketPolicy.

func (*BucketPolicy) GetDeletionPolicy

func (mg *BucketPolicy) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this BucketPolicy.

func (*BucketPolicy) GetProviderConfigReference

func (mg *BucketPolicy) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this BucketPolicy.

func (*BucketPolicy) GetProviderReference

func (mg *BucketPolicy) GetProviderReference() *xpv1.Reference

GetProviderReference of this BucketPolicy. Deprecated: Use GetProviderConfigReference.

func (*BucketPolicy) GetPublishConnectionDetailsTo

func (mg *BucketPolicy) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this BucketPolicy.

func (*BucketPolicy) GetWriteConnectionSecretToReference

func (mg *BucketPolicy) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this BucketPolicy.

func (*BucketPolicy) ResolveReferences

func (mg *BucketPolicy) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this BucketPolicy

func (*BucketPolicy) SetConditions

func (mg *BucketPolicy) SetConditions(c ...xpv1.Condition)

SetConditions of this BucketPolicy.

func (*BucketPolicy) SetDeletionPolicy

func (mg *BucketPolicy) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this BucketPolicy.

func (*BucketPolicy) SetProviderConfigReference

func (mg *BucketPolicy) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this BucketPolicy.

func (*BucketPolicy) SetProviderReference

func (mg *BucketPolicy) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this BucketPolicy. Deprecated: Use SetProviderConfigReference.

func (*BucketPolicy) SetPublishConnectionDetailsTo

func (mg *BucketPolicy) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this BucketPolicy.

func (*BucketPolicy) SetWriteConnectionSecretToReference

func (mg *BucketPolicy) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this BucketPolicy.

type BucketPolicyBody

type BucketPolicyBody struct {
	// Version is the current IAM policy version
	// +kubebuilder:validation:Enum="2012-10-17";"2008-10-17"
	// +kubebuilder:default:="2012-10-17"
	Version string `json:"version"`

	// ID is the policy's optional identifier
	// +immutable
	// +optional
	ID string `json:"id,omitempty"`

	// Statements is the list of statement this policy applies
	// either jsonStatements or statements must be specified in the policy
	// +optional
	Statements []BucketPolicyStatement `json:"statements,omitempty"`
}

BucketPolicyBody represents an S3 bucket policy in the manifest

func (*BucketPolicyBody) DeepCopy

func (in *BucketPolicyBody) DeepCopy() *BucketPolicyBody

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BucketPolicyBody.

func (*BucketPolicyBody) DeepCopyInto

func (in *BucketPolicyBody) DeepCopyInto(out *BucketPolicyBody)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BucketPolicyList

type BucketPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []BucketPolicy `json:"items"`
}

BucketPolicyList contains a list of BucketPolicies

func (*BucketPolicyList) DeepCopy

func (in *BucketPolicyList) DeepCopy() *BucketPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BucketPolicyList.

func (*BucketPolicyList) DeepCopyInto

func (in *BucketPolicyList) DeepCopyInto(out *BucketPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*BucketPolicyList) DeepCopyObject

func (in *BucketPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*BucketPolicyList) GetItems

func (l *BucketPolicyList) GetItems() []resource.Managed

GetItems of this BucketPolicyList.

type BucketPolicyParameters

type BucketPolicyParameters struct {
	// Region is where the Bucket referenced by this BucketPolicy resides.
	// +immutable
	Region string `json:"region"`

	// RawPolicy is a stringified version of the S3 Bucket Policy.
	// either policy or rawPolicy must be specified in the policy
	// +optional
	RawPolicy *string `json:"rawPolicy,omitempty"`

	// Policy is a well defined type which can be parsed into an JSON S3 Bucket Policy
	// either policy or rawPolicy must be specified in the policy
	// +optional
	Policy *BucketPolicyBody `json:"policy,omitempty"`

	// BucketName presents the name of the bucket.
	// +optional
	// +immutable
	BucketName *string `json:"bucketName,omitempty"`

	// BucketNameRef references to an S3Bucket to retrieve its bucketName
	// +optional
	BucketNameRef *xpv1.Reference `json:"bucketNameRef,omitempty"`

	// BucketNameSelector selects a reference to an S3Bucket to retrieve its bucketName
	// +optional
	BucketNameSelector *xpv1.Selector `json:"bucketNameSelector,omitempty"`
}

BucketPolicyParameters define the desired state of an AWS BucketPolicy.

func (*BucketPolicyParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BucketPolicyParameters.

func (*BucketPolicyParameters) DeepCopyInto

func (in *BucketPolicyParameters) DeepCopyInto(out *BucketPolicyParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BucketPolicySpec

type BucketPolicySpec struct {
	xpv1.ResourceSpec `json:",inline"`
	Parameters        BucketPolicyParameters `json:"forProvider"`
}

An BucketPolicySpec defines the desired state of an BucketPolicy.

func (*BucketPolicySpec) DeepCopy

func (in *BucketPolicySpec) DeepCopy() *BucketPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BucketPolicySpec.

func (*BucketPolicySpec) DeepCopyInto

func (in *BucketPolicySpec) DeepCopyInto(out *BucketPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BucketPolicyStatement

type BucketPolicyStatement struct {
	// Optional identifier for this statement, must be unique within the
	// policy if provided.
	// +optional
	SID *string `json:"sid,omitempty"`

	// The effect is required and specifies whether the statement results
	// in an allow or an explicit deny. Valid values for Effect are Allow and Deny.
	// +kubebuilder:validation:Enum=Allow;Deny
	Effect string `json:"effect"`

	// Used with the S3 policy to specify the principal that is allowed
	// or denied access to a resource.
	// +optional
	Principal *BucketPrincipal `json:"principal,omitempty"`

	// Used with the S3 policy to specify the users which are not included
	// in this policy
	// +optional
	NotPrincipal *BucketPrincipal `json:"notPrincipal,omitempty"`

	// Each element of the PolicyAction array describes the specific
	// action or actions that will be allowed or denied with this PolicyStatement.
	// +optional
	Action []string `json:"action,omitempty"`

	// Each element of the NotPolicyAction array will allow the property to match
	// all but the listed actions.
	// +optional
	NotAction []string `json:"notAction,omitempty"`

	// The paths on which this resource will apply
	// +optional
	Resource []string `json:"resource,omitempty"`

	// This will explicitly match all resource paths except the ones
	// specified in this array
	// +optional
	NotResource []string `json:"notResource,omitempty"`

	// Condition specifies where conditions for policy are in effect.
	// https://docs.aws.amazon.com/AmazonS3/latest/dev/amazon-s3-policy-keys.html
	// +optional
	Condition []Condition `json:"condition,omitempty"`
}

BucketPolicyStatement defines an individual statement within the BucketPolicyBody

func (*BucketPolicyStatement) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BucketPolicyStatement.

func (*BucketPolicyStatement) DeepCopyInto

func (in *BucketPolicyStatement) DeepCopyInto(out *BucketPolicyStatement)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BucketPolicyStatus

type BucketPolicyStatus struct {
	xpv1.ResourceStatus `json:",inline"`
}

An BucketPolicyStatus represents the observed state of an BucketPolicy.

func (*BucketPolicyStatus) DeepCopy

func (in *BucketPolicyStatus) DeepCopy() *BucketPolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BucketPolicyStatus.

func (*BucketPolicyStatus) DeepCopyInto

func (in *BucketPolicyStatus) DeepCopyInto(out *BucketPolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type BucketPrincipal

type BucketPrincipal struct {
	// This flag indicates if the policy should be made available
	// to all anonymous users.
	// +optional
	AllowAnon bool `json:"allowAnon,omitempty"`

	// This list contains the all of the AWS IAM users which are affected
	// by the policy statement.
	// +optional
	AWSPrincipals []AWSPrincipal `json:"awsPrincipals,omitempty"`

	// This string contains the identifier for any federated web identity
	// provider.
	// +optional
	Federated *string `json:"federated,omitempty"`

	// Service define the services which can have access to this bucket
	// +optional
	Service []string `json:"service,omitempty"`
}

BucketPrincipal defines the principal users affected by the BucketPolicyStatement Please see the AWS S3 docs for more information https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements_principal.html

func (*BucketPrincipal) DeepCopy

func (in *BucketPrincipal) DeepCopy() *BucketPrincipal

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BucketPrincipal.

func (*BucketPrincipal) DeepCopyInto

func (in *BucketPrincipal) DeepCopyInto(out *BucketPrincipal)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Condition

type Condition struct {
	// OperatorKey matches the condition key and value in the policy against values in the request context
	OperatorKey string `json:"operatorKey"`

	// Conditions represents each of the key/value pairs for the operator key
	Conditions []ConditionPair `json:"conditions"`
}

Condition represents a set of condition pairs for a bucket policy

func (*Condition) DeepCopy

func (in *Condition) DeepCopy() *Condition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition.

func (*Condition) DeepCopyInto

func (in *Condition) DeepCopyInto(out *Condition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConditionPair

type ConditionPair struct {
	// ConditionKey is the key condition being applied to the parent condition
	ConditionKey string `json:"key"`

	// ConditionStringValue is the expected string value of the key from the parent condition
	// +optional
	ConditionStringValue *string `json:"stringValue,omitempty"`

	// ConditionDateValue is the expected string value of the key from the parent condition. The
	// date value must be in ISO 8601 format. The time is always midnight UTC.
	// +optional
	ConditionDateValue *metav1.Time `json:"dateValue,omitempty"`

	// ConditionNumericValue is the expected string value of the key from the parent condition
	// +optional
	ConditionNumericValue *int64 `json:"numericValue,omitempty"`

	// ConditionBooleanValue is the expected boolean value of the key from the parent condition
	// +optional
	ConditionBooleanValue *bool `json:"booleanValue,omitempty"`

	// ConditionListValue is the list value of the key from the parent condition
	// +optional
	ConditionListValue []string `json:"listValue,omitempty"`
}

ConditionPair represents one condition inside of the set of conditions for a bucket policy

func (*ConditionPair) DeepCopy

func (in *ConditionPair) DeepCopy() *ConditionPair

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConditionPair.

func (*ConditionPair) DeepCopyInto

func (in *ConditionPair) DeepCopyInto(out *ConditionPair)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL