v1alpha1

package
v0.38.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 8, 2023 License: Apache-2.0 Imports: 10 Imported by: 2

Documentation

Index

Constants

View Source
const (
	CRDGroup   = "kms.aws.crossplane.io"
	CRDVersion = "v1alpha1"
)

Package type metadata.

Variables

View Source
var (
	AliasKind             = "Alias"
	AliasGroupKind        = schema.GroupKind{Group: CRDGroup, Kind: AliasKind}.String()
	AliasKindAPIVersion   = AliasKind + "." + GroupVersion.String()
	AliasGroupVersionKind = GroupVersion.WithKind(AliasKind)
)

Repository type metadata.

View Source
var (
	// GroupVersion is the API Group Version used to register the objects
	GroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source
var (
	KeyKind             = "Key"
	KeyGroupKind        = schema.GroupKind{Group: CRDGroup, Kind: KeyKind}.String()
	KeyKindAPIVersion   = KeyKind + "." + GroupVersion.String()
	KeyGroupVersionKind = GroupVersion.WithKind(KeyKind)
)

Repository type metadata.

Functions

func KMSKeyARN

func KMSKeyARN() reference.ExtractValueFn

KMSKeyARN returns the status.atProvider.ARN of an KMSKey.

Types

type AlgorithmSpec

type AlgorithmSpec string
const (
	AlgorithmSpec_RSAES_PKCS1_V1_5   AlgorithmSpec = "RSAES_PKCS1_V1_5"
	AlgorithmSpec_RSAES_OAEP_SHA_1   AlgorithmSpec = "RSAES_OAEP_SHA_1"
	AlgorithmSpec_RSAES_OAEP_SHA_256 AlgorithmSpec = "RSAES_OAEP_SHA_256"
)

type Alias

type Alias struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              AliasSpec   `json:"spec"`
	Status            AliasStatus `json:"status,omitempty"`
}

Alias is the Schema for the Aliases API +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}

func (*Alias) DeepCopy

func (in *Alias) DeepCopy() *Alias

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Alias.

func (*Alias) DeepCopyInto

func (in *Alias) DeepCopyInto(out *Alias)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Alias) DeepCopyObject

func (in *Alias) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Alias) GetCondition

func (mg *Alias) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this Alias.

func (*Alias) GetDeletionPolicy

func (mg *Alias) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this Alias.

func (*Alias) GetProviderConfigReference

func (mg *Alias) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this Alias.

func (*Alias) GetProviderReference

func (mg *Alias) GetProviderReference() *xpv1.Reference

GetProviderReference of this Alias. Deprecated: Use GetProviderConfigReference.

func (*Alias) GetPublishConnectionDetailsTo

func (mg *Alias) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this Alias.

func (*Alias) GetWriteConnectionSecretToReference

func (mg *Alias) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this Alias.

func (*Alias) ResolveReferences

func (mg *Alias) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this Alias.

func (*Alias) SetConditions

func (mg *Alias) SetConditions(c ...xpv1.Condition)

SetConditions of this Alias.

func (*Alias) SetDeletionPolicy

func (mg *Alias) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this Alias.

func (*Alias) SetProviderConfigReference

func (mg *Alias) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this Alias.

func (*Alias) SetProviderReference

func (mg *Alias) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this Alias. Deprecated: Use SetProviderConfigReference.

func (*Alias) SetPublishConnectionDetailsTo

func (mg *Alias) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this Alias.

func (*Alias) SetWriteConnectionSecretToReference

func (mg *Alias) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this Alias.

type AliasList

type AliasList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Alias `json:"items"`
}

AliasList contains a list of Aliases

func (*AliasList) DeepCopy

func (in *AliasList) DeepCopy() *AliasList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasList.

func (*AliasList) DeepCopyInto

func (in *AliasList) DeepCopyInto(out *AliasList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AliasList) DeepCopyObject

func (in *AliasList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AliasList) GetItems

func (l *AliasList) GetItems() []resource.Managed

GetItems of this AliasList.

type AliasListEntry

type AliasListEntry struct {
	AliasARN *string `json:"aliasARN,omitempty"`

	CreationDate *metav1.Time `json:"creationDate,omitempty"`

	LastUpdatedDate *metav1.Time `json:"lastUpdatedDate,omitempty"`

	TargetKeyID *string `json:"targetKeyID,omitempty"`
}

+kubebuilder:skipversion

func (*AliasListEntry) DeepCopy

func (in *AliasListEntry) DeepCopy() *AliasListEntry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasListEntry.

func (*AliasListEntry) DeepCopyInto

func (in *AliasListEntry) DeepCopyInto(out *AliasListEntry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AliasObservation

type AliasObservation struct {
}

AliasObservation defines the observed state of Alias

func (*AliasObservation) DeepCopy

func (in *AliasObservation) DeepCopy() *AliasObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasObservation.

func (*AliasObservation) DeepCopyInto

func (in *AliasObservation) DeepCopyInto(out *AliasObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AliasParameters

type AliasParameters struct {
	// Region is which region the Alias will be created.
	// +kubebuilder:validation:Required
	Region string `json:"region"`

	// Associates the alias with the specified customer managed CMK (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk).
	// The CMK must be in the same AWS Region.
	//
	// A valid CMK ID is required. If you supply a null or empty string value, this
	// operation returns an error.
	//
	// For help finding the key ID and ARN, see Finding the Key ID and ARN (https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn)
	// in the AWS Key Management Service Developer Guide.
	//
	// Specify the key ID or the Amazon Resource Name (ARN) of the CMK.
	//
	// For example:
	//
	//    * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
	//
	//    * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
	//
	// To get the key ID and key ARN for a CMK, use ListKeys or DescribeKey.
	// +crossplane:generate:reference:type=Key
	TargetKeyID *string `json:"targetKeyId,omitempty"`

	// TargetKeyIDRef is a reference to a KMS Key used to set TargetKeyID.
	// +optional
	TargetKeyIDRef *xpv1.Reference `json:"targetKeyIdRef,omitempty"`

	// TargetKeyIDSelector selects a reference to a KMS Key used to set TargetKeyID.
	// +optional
	TargetKeyIDSelector *xpv1.Selector `json:"targetKeyIdSelector,omitempty"`
}

AliasParameters defines the desired state of Alias

func (*AliasParameters) DeepCopy

func (in *AliasParameters) DeepCopy() *AliasParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasParameters.

func (*AliasParameters) DeepCopyInto

func (in *AliasParameters) DeepCopyInto(out *AliasParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AliasSpec

type AliasSpec struct {
	xpv1.ResourceSpec `json:",inline"`
	ForProvider       AliasParameters `json:"forProvider"`
}

AliasSpec defines the desired state of Alias

func (*AliasSpec) DeepCopy

func (in *AliasSpec) DeepCopy() *AliasSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasSpec.

func (*AliasSpec) DeepCopyInto

func (in *AliasSpec) DeepCopyInto(out *AliasSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AliasStatus

type AliasStatus struct {
	xpv1.ResourceStatus `json:",inline"`
	AtProvider          AliasObservation `json:"atProvider,omitempty"`
}

AliasStatus defines the observed state of Alias.

func (*AliasStatus) DeepCopy

func (in *AliasStatus) DeepCopy() *AliasStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasStatus.

func (*AliasStatus) DeepCopyInto

func (in *AliasStatus) DeepCopyInto(out *AliasStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConnectionErrorCodeType

type ConnectionErrorCodeType string
const (
	ConnectionErrorCodeType_INVALID_CREDENTIALS                            ConnectionErrorCodeType = "INVALID_CREDENTIALS"
	ConnectionErrorCodeType_CLUSTER_NOT_FOUND                              ConnectionErrorCodeType = "CLUSTER_NOT_FOUND"
	ConnectionErrorCodeType_NETWORK_ERRORS                                 ConnectionErrorCodeType = "NETWORK_ERRORS"
	ConnectionErrorCodeType_INTERNAL_ERROR                                 ConnectionErrorCodeType = "INTERNAL_ERROR"
	ConnectionErrorCodeType_INSUFFICIENT_CLOUDHSM_HSMS                     ConnectionErrorCodeType = "INSUFFICIENT_CLOUDHSM_HSMS"
	ConnectionErrorCodeType_USER_LOCKED_OUT                                ConnectionErrorCodeType = "USER_LOCKED_OUT"
	ConnectionErrorCodeType_USER_NOT_FOUND                                 ConnectionErrorCodeType = "USER_NOT_FOUND"
	ConnectionErrorCodeType_USER_LOGGED_IN                                 ConnectionErrorCodeType = "USER_LOGGED_IN"
	ConnectionErrorCodeType_SUBNET_NOT_FOUND                               ConnectionErrorCodeType = "SUBNET_NOT_FOUND"
	ConnectionErrorCodeType_INSUFFICIENT_FREE_ADDRESSES_IN_SUBNET          ConnectionErrorCodeType = "INSUFFICIENT_FREE_ADDRESSES_IN_SUBNET"
	ConnectionErrorCodeType_XKS_PROXY_ACCESS_DENIED                        ConnectionErrorCodeType = "XKS_PROXY_ACCESS_DENIED"
	ConnectionErrorCodeType_XKS_PROXY_NOT_REACHABLE                        ConnectionErrorCodeType = "XKS_PROXY_NOT_REACHABLE"
	ConnectionErrorCodeType_XKS_VPC_ENDPOINT_SERVICE_NOT_FOUND             ConnectionErrorCodeType = "XKS_VPC_ENDPOINT_SERVICE_NOT_FOUND"
	ConnectionErrorCodeType_XKS_PROXY_INVALID_RESPONSE                     ConnectionErrorCodeType = "XKS_PROXY_INVALID_RESPONSE"
	ConnectionErrorCodeType_XKS_PROXY_INVALID_CONFIGURATION                ConnectionErrorCodeType = "XKS_PROXY_INVALID_CONFIGURATION"
	ConnectionErrorCodeType_XKS_VPC_ENDPOINT_SERVICE_INVALID_CONFIGURATION ConnectionErrorCodeType = "XKS_VPC_ENDPOINT_SERVICE_INVALID_CONFIGURATION"
	ConnectionErrorCodeType_XKS_PROXY_TIMED_OUT                            ConnectionErrorCodeType = "XKS_PROXY_TIMED_OUT"
	ConnectionErrorCodeType_XKS_PROXY_INVALID_TLS_CONFIGURATION            ConnectionErrorCodeType = "XKS_PROXY_INVALID_TLS_CONFIGURATION"
)

type ConnectionStateType

type ConnectionStateType string
const (
	ConnectionStateType_CONNECTED     ConnectionStateType = "CONNECTED"
	ConnectionStateType_CONNECTING    ConnectionStateType = "CONNECTING"
	ConnectionStateType_FAILED        ConnectionStateType = "FAILED"
	ConnectionStateType_DISCONNECTED  ConnectionStateType = "DISCONNECTED"
	ConnectionStateType_DISCONNECTING ConnectionStateType = "DISCONNECTING"
)

type CustomKeyParameters

type CustomKeyParameters struct {
	// Specifies whether the CMK is enabled.
	Enabled *bool `json:"enabled,omitempty"`

	// Specifies how many days the Key is retained when scheduled for deletion. Defaults to 30 days.
	PendingWindowInDays *int64 `json:"pendingWindowInDays,omitempty"`

	// Specifies if key rotation is enabled for the corresponding key
	EnableKeyRotation *bool `json:"enableKeyRotation,omitempty"`
}

CustomKeyParameters are custom parameters for Key.

func (*CustomKeyParameters) DeepCopy

func (in *CustomKeyParameters) DeepCopy() *CustomKeyParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomKeyParameters.

func (*CustomKeyParameters) DeepCopyInto

func (in *CustomKeyParameters) DeepCopyInto(out *CustomKeyParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomKeyStoreType added in v0.38.0

type CustomKeyStoreType string
const (
	CustomKeyStoreType_AWS_CLOUDHSM       CustomKeyStoreType = "AWS_CLOUDHSM"
	CustomKeyStoreType_EXTERNAL_KEY_STORE CustomKeyStoreType = "EXTERNAL_KEY_STORE"
)

type CustomKeyStoresListEntry

type CustomKeyStoresListEntry struct {
	CloudHsmClusterID *string `json:"cloudHsmClusterID,omitempty"`

	CreationDate *metav1.Time `json:"creationDate,omitempty"`

	CustomKeyStoreID *string `json:"customKeyStoreID,omitempty"`
}

+kubebuilder:skipversion

func (*CustomKeyStoresListEntry) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomKeyStoresListEntry.

func (*CustomKeyStoresListEntry) DeepCopyInto

func (in *CustomKeyStoresListEntry) DeepCopyInto(out *CustomKeyStoresListEntry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CustomerMasterKeySpec

type CustomerMasterKeySpec string
const (
	CustomerMasterKeySpec_RSA_2048          CustomerMasterKeySpec = "RSA_2048"
	CustomerMasterKeySpec_RSA_3072          CustomerMasterKeySpec = "RSA_3072"
	CustomerMasterKeySpec_RSA_4096          CustomerMasterKeySpec = "RSA_4096"
	CustomerMasterKeySpec_ECC_NIST_P256     CustomerMasterKeySpec = "ECC_NIST_P256"
	CustomerMasterKeySpec_ECC_NIST_P384     CustomerMasterKeySpec = "ECC_NIST_P384"
	CustomerMasterKeySpec_ECC_NIST_P521     CustomerMasterKeySpec = "ECC_NIST_P521"
	CustomerMasterKeySpec_ECC_SECG_P256K1   CustomerMasterKeySpec = "ECC_SECG_P256K1"
	CustomerMasterKeySpec_SYMMETRIC_DEFAULT CustomerMasterKeySpec = "SYMMETRIC_DEFAULT"
	CustomerMasterKeySpec_HMAC_224          CustomerMasterKeySpec = "HMAC_224"
	CustomerMasterKeySpec_HMAC_256          CustomerMasterKeySpec = "HMAC_256"
	CustomerMasterKeySpec_HMAC_384          CustomerMasterKeySpec = "HMAC_384"
	CustomerMasterKeySpec_HMAC_512          CustomerMasterKeySpec = "HMAC_512"
	CustomerMasterKeySpec_SM2               CustomerMasterKeySpec = "SM2"
)

type DataKeyPairSpec

type DataKeyPairSpec string
const (
	DataKeyPairSpec_RSA_2048        DataKeyPairSpec = "RSA_2048"
	DataKeyPairSpec_RSA_3072        DataKeyPairSpec = "RSA_3072"
	DataKeyPairSpec_RSA_4096        DataKeyPairSpec = "RSA_4096"
	DataKeyPairSpec_ECC_NIST_P256   DataKeyPairSpec = "ECC_NIST_P256"
	DataKeyPairSpec_ECC_NIST_P384   DataKeyPairSpec = "ECC_NIST_P384"
	DataKeyPairSpec_ECC_NIST_P521   DataKeyPairSpec = "ECC_NIST_P521"
	DataKeyPairSpec_ECC_SECG_P256K1 DataKeyPairSpec = "ECC_SECG_P256K1"
	DataKeyPairSpec_SM2             DataKeyPairSpec = "SM2"
)

type DataKeySpec

type DataKeySpec string
const (
	DataKeySpec_AES_256 DataKeySpec = "AES_256"
	DataKeySpec_AES_128 DataKeySpec = "AES_128"
)

type EncryptionAlgorithmSpec

type EncryptionAlgorithmSpec string
const (
	EncryptionAlgorithmSpec_SYMMETRIC_DEFAULT  EncryptionAlgorithmSpec = "SYMMETRIC_DEFAULT"
	EncryptionAlgorithmSpec_RSAES_OAEP_SHA_1   EncryptionAlgorithmSpec = "RSAES_OAEP_SHA_1"
	EncryptionAlgorithmSpec_RSAES_OAEP_SHA_256 EncryptionAlgorithmSpec = "RSAES_OAEP_SHA_256"
	EncryptionAlgorithmSpec_SM2PKE             EncryptionAlgorithmSpec = "SM2PKE"
)

type ExpirationModelType

type ExpirationModelType string
const (
	ExpirationModelType_KEY_MATERIAL_EXPIRES         ExpirationModelType = "KEY_MATERIAL_EXPIRES"
	ExpirationModelType_KEY_MATERIAL_DOES_NOT_EXPIRE ExpirationModelType = "KEY_MATERIAL_DOES_NOT_EXPIRE"
)

type GrantListEntry

type GrantListEntry struct {
	CreationDate *metav1.Time `json:"creationDate,omitempty"`

	KeyID *string `json:"keyID,omitempty"`
}

+kubebuilder:skipversion

func (*GrantListEntry) DeepCopy

func (in *GrantListEntry) DeepCopy() *GrantListEntry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrantListEntry.

func (*GrantListEntry) DeepCopyInto

func (in *GrantListEntry) DeepCopyInto(out *GrantListEntry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GrantOperation

type GrantOperation string
const (
	GrantOperation_Decrypt                             GrantOperation = "Decrypt"
	GrantOperation_Encrypt                             GrantOperation = "Encrypt"
	GrantOperation_GenerateDataKey                     GrantOperation = "GenerateDataKey"
	GrantOperation_GenerateDataKeyWithoutPlaintext     GrantOperation = "GenerateDataKeyWithoutPlaintext"
	GrantOperation_ReEncryptFrom                       GrantOperation = "ReEncryptFrom"
	GrantOperation_ReEncryptTo                         GrantOperation = "ReEncryptTo"
	GrantOperation_Sign                                GrantOperation = "Sign"
	GrantOperation_Verify                              GrantOperation = "Verify"
	GrantOperation_GetPublicKey                        GrantOperation = "GetPublicKey"
	GrantOperation_CreateGrant                         GrantOperation = "CreateGrant"
	GrantOperation_RetireGrant                         GrantOperation = "RetireGrant"
	GrantOperation_DescribeKey                         GrantOperation = "DescribeKey"
	GrantOperation_GenerateDataKeyPair                 GrantOperation = "GenerateDataKeyPair"
	GrantOperation_GenerateDataKeyPairWithoutPlaintext GrantOperation = "GenerateDataKeyPairWithoutPlaintext"
	GrantOperation_GenerateMac                         GrantOperation = "GenerateMac"
	GrantOperation_VerifyMac                           GrantOperation = "VerifyMac"
)

type Key

type Key struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              KeySpec   `json:"spec"`
	Status            KeyStatus `json:"status,omitempty"`
}

Key is the Schema for the Keys API +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:subresource:status +kubebuilder:storageversion +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}

func (*Key) DeepCopy

func (in *Key) DeepCopy() *Key

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Key.

func (*Key) DeepCopyInto

func (in *Key) DeepCopyInto(out *Key)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Key) DeepCopyObject

func (in *Key) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Key) GetCondition

func (mg *Key) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this Key.

func (*Key) GetDeletionPolicy

func (mg *Key) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this Key.

func (*Key) GetProviderConfigReference

func (mg *Key) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this Key.

func (*Key) GetProviderReference

func (mg *Key) GetProviderReference() *xpv1.Reference

GetProviderReference of this Key. Deprecated: Use GetProviderConfigReference.

func (*Key) GetPublishConnectionDetailsTo

func (mg *Key) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this Key.

func (*Key) GetWriteConnectionSecretToReference

func (mg *Key) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this Key.

func (*Key) SetConditions

func (mg *Key) SetConditions(c ...xpv1.Condition)

SetConditions of this Key.

func (*Key) SetDeletionPolicy

func (mg *Key) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this Key.

func (*Key) SetProviderConfigReference

func (mg *Key) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this Key.

func (*Key) SetProviderReference

func (mg *Key) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this Key. Deprecated: Use SetProviderConfigReference.

func (*Key) SetPublishConnectionDetailsTo

func (mg *Key) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this Key.

func (*Key) SetWriteConnectionSecretToReference

func (mg *Key) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this Key.

type KeyList

type KeyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Key `json:"items"`
}

KeyList contains a list of Keys

func (*KeyList) DeepCopy

func (in *KeyList) DeepCopy() *KeyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyList.

func (*KeyList) DeepCopyInto

func (in *KeyList) DeepCopyInto(out *KeyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KeyList) DeepCopyObject

func (in *KeyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*KeyList) GetItems

func (l *KeyList) GetItems() []resource.Managed

GetItems of this KeyList.

type KeyListEntry

type KeyListEntry struct {
	KeyARN *string `json:"keyARN,omitempty"`

	KeyID *string `json:"keyID,omitempty"`
}

+kubebuilder:skipversion

func (*KeyListEntry) DeepCopy

func (in *KeyListEntry) DeepCopy() *KeyListEntry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyListEntry.

func (*KeyListEntry) DeepCopyInto

func (in *KeyListEntry) DeepCopyInto(out *KeyListEntry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeyManagerType

type KeyManagerType string
const (
	KeyManagerType_AWS      KeyManagerType = "AWS"
	KeyManagerType_CUSTOMER KeyManagerType = "CUSTOMER"
)

type KeyMetadata

type KeyMetadata struct {
	AWSAccountID *string `json:"awsAccountID,omitempty"`

	ARN *string `json:"arn,omitempty"`

	CloudHsmClusterID *string `json:"cloudHsmClusterID,omitempty"`

	CreationDate *metav1.Time `json:"creationDate,omitempty"`

	CustomKeyStoreID *string `json:"customKeyStoreID,omitempty"`

	CustomerMasterKeySpec *string `json:"customerMasterKeySpec,omitempty"`

	DeletionDate *metav1.Time `json:"deletionDate,omitempty"`

	Description *string `json:"description,omitempty"`

	Enabled *bool `json:"enabled,omitempty"`

	EncryptionAlgorithms []*string `json:"encryptionAlgorithms,omitempty"`

	ExpirationModel *string `json:"expirationModel,omitempty"`

	KeyID *string `json:"keyID,omitempty"`

	KeyManager *string `json:"keyManager,omitempty"`

	KeySpec *string `json:"keySpec,omitempty"`

	KeyState *string `json:"keyState,omitempty"`

	KeyUsage *string `json:"keyUsage,omitempty"`

	MacAlgorithms []*string `json:"macAlgorithms,omitempty"`

	MultiRegion *bool `json:"multiRegion,omitempty"`
	// Describes the configuration of this multi-Region key. This field appears
	// only when the KMS key is a primary or replica of a multi-Region key.
	//
	// For more information about any listed KMS key, use the DescribeKey operation.
	MultiRegionConfiguration *MultiRegionConfiguration `json:"multiRegionConfiguration,omitempty"`

	Origin *string `json:"origin,omitempty"`

	PendingDeletionWindowInDays *int64 `json:"pendingDeletionWindowInDays,omitempty"`

	SigningAlgorithms []*string `json:"signingAlgorithms,omitempty"`

	ValidTo *metav1.Time `json:"validTo,omitempty"`
	// Information about the external key (https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html#concept-external-key)that
	// is associated with a KMS key in an external key store.
	//
	// This element appears in a CreateKey or DescribeKey response only for a KMS
	// key in an external key store.
	//
	// The external key is a symmetric encryption key that is hosted by an external
	// key manager outside of Amazon Web Services. When you use the KMS key in an
	// external key store in a cryptographic operation, the cryptographic operation
	// is performed in the external key manager using the specified external key.
	// For more information, see External key (https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html#concept-external-key)
	// in the Key Management Service Developer Guide.
	XksKeyConfiguration *XksKeyConfigurationType `json:"xksKeyConfiguration,omitempty"`
}

+kubebuilder:skipversion

func (*KeyMetadata) DeepCopy

func (in *KeyMetadata) DeepCopy() *KeyMetadata

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyMetadata.

func (*KeyMetadata) DeepCopyInto

func (in *KeyMetadata) DeepCopyInto(out *KeyMetadata)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeyObservation

type KeyObservation struct {
	// The twelve-digit account ID of the Amazon Web Services account that owns
	// the KMS key.
	AWSAccountID *string `json:"awsAccountID,omitempty"`
	// The Amazon Resource Name (ARN) of the KMS key. For examples, see Key Management
	// Service (KMS) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-kms)
	// in the Example ARNs section of the Amazon Web Services General Reference.
	ARN *string `json:"arn,omitempty"`
	// The cluster ID of the CloudHSM cluster that contains the key material for
	// the KMS key. When you create a KMS key in an CloudHSM custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html),
	// KMS creates the key material for the KMS key in the associated CloudHSM cluster.
	// This field is present only when the KMS key is created in an CloudHSM key
	// store.
	CloudHsmClusterID *string `json:"cloudHsmClusterID,omitempty"`
	// The date and time when the KMS key was created.
	CreationDate *metav1.Time `json:"creationDate,omitempty"`
	// The date and time after which KMS deletes this KMS key. This value is present
	// only when the KMS key is scheduled for deletion, that is, when its KeyState
	// is PendingDeletion.
	//
	// When the primary key in a multi-Region key is scheduled for deletion but
	// still has replica keys, its key state is PendingReplicaDeletion and the length
	// of its waiting period is displayed in the PendingDeletionWindowInDays field.
	DeletionDate *metav1.Time `json:"deletionDate,omitempty"`
	// Specifies whether the KMS key is enabled. When KeyState is Enabled this value
	// is true, otherwise it is false.
	Enabled *bool `json:"enabled,omitempty"`
	// The encryption algorithms that the KMS key supports. You cannot use the KMS
	// key with other encryption algorithms within KMS.
	//
	// This value is present only when the KeyUsage of the KMS key is ENCRYPT_DECRYPT.
	EncryptionAlgorithms []*string `json:"encryptionAlgorithms,omitempty"`
	// Specifies whether the KMS key's key material expires. This value is present
	// only when Origin is EXTERNAL, otherwise this value is omitted.
	ExpirationModel *string `json:"expirationModel,omitempty"`
	// The globally unique identifier for the KMS key.
	KeyID *string `json:"keyID,omitempty"`
	// The manager of the KMS key. KMS keys in your Amazon Web Services account
	// are either customer managed or Amazon Web Services managed. For more information
	// about the difference, see KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#kms_keys)
	// in the Key Management Service Developer Guide.
	KeyManager *string `json:"keyManager,omitempty"`
	// The current status of the KMS key.
	//
	// For more information about how key state affects the use of a KMS key, see
	// Key states of KMS keys (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
	// in the Key Management Service Developer Guide.
	KeyState *string `json:"keyState,omitempty"`
	// The message authentication code (MAC) algorithm that the HMAC KMS key supports.
	//
	// This value is present only when the KeyUsage of the KMS key is GENERATE_VERIFY_MAC.
	MacAlgorithms []*string `json:"macAlgorithms,omitempty"`
	// Lists the primary and replica keys in same multi-Region key. This field is
	// present only when the value of the MultiRegion field is True.
	//
	// For more information about any listed KMS key, use the DescribeKey operation.
	//
	//    * MultiRegionKeyType indicates whether the KMS key is a PRIMARY or REPLICA
	//    key.
	//
	//    * PrimaryKey displays the key ARN and Region of the primary key. This
	//    field displays the current KMS key if it is the primary key.
	//
	//    * ReplicaKeys displays the key ARNs and Regions of all replica keys. This
	//    field includes the current KMS key if it is a replica key.
	MultiRegionConfiguration *MultiRegionConfiguration `json:"multiRegionConfiguration,omitempty"`
	// The waiting period before the primary key in a multi-Region key is deleted.
	// This waiting period begins when the last of its replica keys is deleted.
	// This value is present only when the KeyState of the KMS key is PendingReplicaDeletion.
	// That indicates that the KMS key is the primary key in a multi-Region key,
	// it is scheduled for deletion, and it still has existing replica keys.
	//
	// When a single-Region KMS key or a multi-Region replica key is scheduled for
	// deletion, its deletion date is displayed in the DeletionDate field. However,
	// when the primary key in a multi-Region key is scheduled for deletion, its
	// waiting period doesn't begin until all of its replica keys are deleted. This
	// value displays that waiting period. When the last replica key in the multi-Region
	// key is deleted, the KeyState of the scheduled primary key changes from PendingReplicaDeletion
	// to PendingDeletion and the deletion date appears in the DeletionDate field.
	PendingDeletionWindowInDays *int64 `json:"pendingDeletionWindowInDays,omitempty"`
	// The signing algorithms that the KMS key supports. You cannot use the KMS
	// key with other signing algorithms within KMS.
	//
	// This field appears only when the KeyUsage of the KMS key is SIGN_VERIFY.
	SigningAlgorithms []*string `json:"signingAlgorithms,omitempty"`
	// The time at which the imported key material expires. When the key material
	// expires, KMS deletes the key material and the KMS key becomes unusable. This
	// value is present only for KMS keys whose Origin is EXTERNAL and whose ExpirationModel
	// is KEY_MATERIAL_EXPIRES, otherwise this value is omitted.
	ValidTo *metav1.Time `json:"validTo,omitempty"`
	// Information about the external key that is associated with a KMS key in an
	// external key store.
	//
	// For more information, see External key (https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html#concept-external-key)
	// in the Key Management Service Developer Guide.
	XksKeyConfiguration *XksKeyConfigurationType `json:"xksKeyConfiguration,omitempty"`
}

KeyObservation defines the observed state of Key

func (*KeyObservation) DeepCopy

func (in *KeyObservation) DeepCopy() *KeyObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyObservation.

func (*KeyObservation) DeepCopyInto

func (in *KeyObservation) DeepCopyInto(out *KeyObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeyParameters

type KeyParameters struct {
	// Region is which region the Key will be created.
	// +kubebuilder:validation:Required
	Region string `json:"region"`
	// A flag to indicate whether to bypass the key policy lockout safety check.
	//
	// Setting this value to true increases the risk that the KMS key becomes unmanageable.
	// Do not set this value to true indiscriminately.
	//
	// For more information, refer to the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam)
	// section in the Key Management Service Developer Guide .
	//
	// Use this parameter only when you include a policy in the request and you
	// intend to prevent the principal that is making the request from making a
	// subsequent PutKeyPolicy request on the KMS key.
	//
	// The default value is false.
	BypassPolicyLockoutSafetyCheck *bool `json:"bypassPolicyLockoutSafetyCheck,omitempty"`
	// Creates the KMS key in the specified custom key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html).
	// The ConnectionState of the custom key store must be CONNECTED. To find the
	// CustomKeyStoreID and ConnectionState use the DescribeCustomKeyStores operation.
	//
	// This parameter is valid only for symmetric encryption KMS keys in a single
	// Region. You cannot create any other type of KMS key in a custom key store.
	//
	// When you create a KMS key in an CloudHSM key store, KMS generates a non-exportable
	// 256-bit symmetric key in its associated CloudHSM cluster and associates it
	// with the KMS key. When you create a KMS key in an external key store, you
	// must use the XksKeyId parameter to specify an external key that serves as
	// key material for the KMS key.
	CustomKeyStoreID *string `json:"customKeyStoreID,omitempty"`
	// Instead, use the KeySpec parameter.
	//
	// The KeySpec and CustomerMasterKeySpec parameters work the same way. Only
	// the names differ. We recommend that you use KeySpec parameter in your code.
	// However, to avoid breaking changes, KMS supports both parameters.
	CustomerMasterKeySpec *string `json:"customerMasterKeySpec,omitempty"`
	// A description of the KMS key.
	//
	// Use a description that helps you decide whether the KMS key is appropriate
	// for a task. The default value is an empty string (no description).
	//
	// To set or change the description after the key is created, use UpdateKeyDescription.
	Description *string `json:"description,omitempty"`
	// Specifies the type of KMS key to create. The default value, SYMMETRIC_DEFAULT,
	// creates a KMS key with a 256-bit AES-GCM key that is used for encryption
	// and decryption, except in China Regions, where it creates a 128-bit symmetric
	// key that uses SM4 encryption. For help choosing a key spec for your KMS key,
	// see Choosing a KMS key type (https://docs.aws.amazon.com/kms/latest/developerguide/key-types.html#symm-asymm-choose)
	// in the Key Management Service Developer Guide .
	//
	// The KeySpec determines whether the KMS key contains a symmetric key or an
	// asymmetric key pair. It also determines the algorithms that the KMS key supports.
	// You can't change the KeySpec after the KMS key is created. To further restrict
	// the algorithms that can be used with the KMS key, use a condition key in
	// its key policy or IAM policy. For more information, see kms:EncryptionAlgorithm
	// (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-encryption-algorithm),
	// kms:MacAlgorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-mac-algorithm)
	// or kms:Signing Algorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-signing-algorithm)
	// in the Key Management Service Developer Guide .
	//
	// Amazon Web Services services that are integrated with KMS (http://aws.amazon.com/kms/features/#AWS_Service_Integration)
	// use symmetric encryption KMS keys to protect your data. These services do
	// not support asymmetric KMS keys or HMAC KMS keys.
	//
	// KMS supports the following key specs for KMS keys:
	//
	//    * Symmetric encryption key (default) SYMMETRIC_DEFAULT
	//
	//    * HMAC keys (symmetric) HMAC_224 HMAC_256 HMAC_384 HMAC_512
	//
	//    * Asymmetric RSA key pairs RSA_2048 RSA_3072 RSA_4096
	//
	//    * Asymmetric NIST-recommended elliptic curve key pairs ECC_NIST_P256 (secp256r1)
	//    ECC_NIST_P384 (secp384r1) ECC_NIST_P521 (secp521r1)
	//
	//    * Other asymmetric elliptic curve key pairs ECC_SECG_P256K1 (secp256k1),
	//    commonly used for cryptocurrencies.
	//
	//    * SM2 key pairs (China Regions only) SM2
	KeySpec *string `json:"keySpec,omitempty"`
	// Determines the cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)
	// for which you can use the KMS key. The default value is ENCRYPT_DECRYPT.
	// This parameter is optional when you are creating a symmetric encryption KMS
	// key; otherwise, it is required. You can't change the KeyUsage value after
	// the KMS key is created.
	//
	// Select only one valid value.
	//
	//    * For symmetric encryption KMS keys, omit the parameter or specify ENCRYPT_DECRYPT.
	//
	//    * For HMAC KMS keys (symmetric), specify GENERATE_VERIFY_MAC.
	//
	//    * For asymmetric KMS keys with RSA key material, specify ENCRYPT_DECRYPT
	//    or SIGN_VERIFY.
	//
	//    * For asymmetric KMS keys with ECC key material, specify SIGN_VERIFY.
	//
	//    * For asymmetric KMS keys with SM2 key material (China Regions only),
	//    specify ENCRYPT_DECRYPT or SIGN_VERIFY.
	KeyUsage *string `json:"keyUsage,omitempty"`
	// Creates a multi-Region primary key that you can replicate into other Amazon
	// Web Services Regions. You cannot change this value after you create the KMS
	// key.
	//
	// For a multi-Region key, set this parameter to True. For a single-Region KMS
	// key, omit this parameter or set it to False. The default value is False.
	//
	// This operation supports multi-Region keys, an KMS feature that lets you create
	// multiple interoperable KMS keys in different Amazon Web Services Regions.
	// Because these KMS keys have the same key ID, key material, and other metadata,
	// you can use them interchangeably to encrypt data in one Amazon Web Services
	// Region and decrypt it in a different Amazon Web Services Region without re-encrypting
	// the data or making a cross-Region call. For more information about multi-Region
	// keys, see Multi-Region keys in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/multi-region-keys-overview.html)
	// in the Key Management Service Developer Guide.
	//
	// This value creates a primary key, not a replica. To create a replica key,
	// use the ReplicateKey operation.
	//
	// You can create a symmetric or asymmetric multi-Region key, and you can create
	// a multi-Region key with imported key material. However, you cannot create
	// a multi-Region key in a custom key store.
	MultiRegion *bool `json:"multiRegion,omitempty"`
	// The source of the key material for the KMS key. You cannot change the origin
	// after you create the KMS key. The default is AWS_KMS, which means that KMS
	// creates the key material.
	//
	// To create a KMS key with no key material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys-create-cmk.html)
	// (for imported key material), set this value to EXTERNAL. For more information
	// about importing key material into KMS, see Importing Key Material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html)
	// in the Key Management Service Developer Guide. The EXTERNAL origin value
	// is valid only for symmetric KMS keys.
	//
	// To create a KMS key in an CloudHSM key store (https://docs.aws.amazon.com/kms/latest/developerguide/create-cmk-keystore.html)
	// and create its key material in the associated CloudHSM cluster, set this
	// value to AWS_CLOUDHSM. You must also use the CustomKeyStoreId parameter to
	// identify the CloudHSM key store. The KeySpec value must be SYMMETRIC_DEFAULT.
	//
	// To create a KMS key in an external key store (https://docs.aws.amazon.com/kms/latest/developerguide/create-xks-keys.html),
	// set this value to EXTERNAL_KEY_STORE. You must also use the CustomKeyStoreId
	// parameter to identify the external key store and the XksKeyId parameter to
	// identify the associated external key. The KeySpec value must be SYMMETRIC_DEFAULT.
	Origin *string `json:"origin,omitempty"`
	// The key policy to attach to the KMS key.
	//
	// If you provide a key policy, it must meet the following criteria:
	//
	//    * If you don't set BypassPolicyLockoutSafetyCheck to true, the key policy
	//    must allow the principal that is making the CreateKey request to make
	//    a subsequent PutKeyPolicy request on the KMS key. This reduces the risk
	//    that the KMS key becomes unmanageable. For more information, refer to
	//    the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam)
	//    section of the Key Management Service Developer Guide .
	//
	//    * Each statement in the key policy must contain one or more principals.
	//    The principals in the key policy must exist and be visible to KMS. When
	//    you create a new Amazon Web Services principal (for example, an IAM user
	//    or role), you might need to enforce a delay before including the new principal
	//    in a key policy because the new principal might not be immediately visible
	//    to KMS. For more information, see Changes that I make are not always immediately
	//    visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
	//    in the Amazon Web Services Identity and Access Management User Guide.
	//
	// If you do not provide a key policy, KMS attaches a default key policy to
	// the KMS key. For more information, see Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default)
	// in the Key Management Service Developer Guide.
	//
	// The key policy size quota is 32 kilobytes (32768 bytes).
	//
	// For help writing and formatting a JSON policy document, see the IAM JSON
	// Policy Reference (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html)
	// in the Identity and Access Management User Guide .
	Policy *string `json:"policy,omitempty"`
	// Assigns one or more tags to the KMS key. Use this parameter to tag the KMS
	// key when it is created. To tag an existing KMS key, use the TagResource operation.
	//
	// Tagging or untagging a KMS key can allow or deny permission to the KMS key.
	// For details, see ABAC for KMS (https://docs.aws.amazon.com/kms/latest/developerguide/abac.html)
	// in the Key Management Service Developer Guide.
	//
	// To use this parameter, you must have kms:TagResource (https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html)
	// permission in an IAM policy.
	//
	// Each tag consists of a tag key and a tag value. Both the tag key and the
	// tag value are required, but the tag value can be an empty (null) string.
	// You cannot have more than one tag on a KMS key with the same tag key. If
	// you specify an existing tag key with a different tag value, KMS replaces
	// the current tag value with the specified one.
	//
	// When you add tags to an Amazon Web Services resource, Amazon Web Services
	// generates a cost allocation report with usage and costs aggregated by tags.
	// Tags can also be used to control access to a KMS key. For details, see Tagging
	// Keys (https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html).
	Tags []*Tag `json:"tags,omitempty"`
	// Identifies the external key (https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html#concept-external-key)
	// that serves as key material for the KMS key in an external key store (https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html).
	// Specify the ID that the external key store proxy (https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html#concept-xks-proxy)
	// uses to refer to the external key. For help, see the documentation for your
	// external key store proxy.
	//
	// This parameter is required for a KMS key with an Origin value of EXTERNAL_KEY_STORE.
	// It is not valid for KMS keys with any other Origin value.
	//
	// The external key must be an existing 256-bit AES symmetric encryption key
	// hosted outside of Amazon Web Services in an external key manager associated
	// with the external key store specified by the CustomKeyStoreId parameter.
	// This key must be enabled and configured to perform encryption and decryption.
	// Each KMS key in an external key store must use a different external key.
	// For details, see Requirements for a KMS key in an external key store (https://docs.aws.amazon.com/create-xks-keys.html#xks-key-requirements)
	// in the Key Management Service Developer Guide.
	//
	// Each KMS key in an external key store is associated two backing keys. One
	// is key material that KMS generates. The other is the external key specified
	// by this parameter. When you use the KMS key in an external key store to encrypt
	// data, the encryption operation is performed first by KMS using the KMS key
	// material, and then by the external key manager using the specified external
	// key, a process known as double encryption. For details, see Double encryption
	// (https://docs.aws.amazon.com/kms/latest/developerguide/keystore-external.html#concept-double-encryption)
	// in the Key Management Service Developer Guide.
	XksKeyID            *string `json:"xksKeyID,omitempty"`
	CustomKeyParameters `json:",inline"`
}

KeyParameters defines the desired state of Key

func (*KeyParameters) DeepCopy

func (in *KeyParameters) DeepCopy() *KeyParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyParameters.

func (*KeyParameters) DeepCopyInto

func (in *KeyParameters) DeepCopyInto(out *KeyParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeySpec

type KeySpec struct {
	xpv1.ResourceSpec `json:",inline"`
	ForProvider       KeyParameters `json:"forProvider"`
}

KeySpec defines the desired state of Key

func (*KeySpec) DeepCopy

func (in *KeySpec) DeepCopy() *KeySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeySpec.

func (*KeySpec) DeepCopyInto

func (in *KeySpec) DeepCopyInto(out *KeySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeySpec_SDK

type KeySpec_SDK string
const (
	KeySpec_SDK_RSA_2048          KeySpec_SDK = "RSA_2048"
	KeySpec_SDK_RSA_3072          KeySpec_SDK = "RSA_3072"
	KeySpec_SDK_RSA_4096          KeySpec_SDK = "RSA_4096"
	KeySpec_SDK_ECC_NIST_P256     KeySpec_SDK = "ECC_NIST_P256"
	KeySpec_SDK_ECC_NIST_P384     KeySpec_SDK = "ECC_NIST_P384"
	KeySpec_SDK_ECC_NIST_P521     KeySpec_SDK = "ECC_NIST_P521"
	KeySpec_SDK_ECC_SECG_P256K1   KeySpec_SDK = "ECC_SECG_P256K1"
	KeySpec_SDK_SYMMETRIC_DEFAULT KeySpec_SDK = "SYMMETRIC_DEFAULT"
	KeySpec_SDK_HMAC_224          KeySpec_SDK = "HMAC_224"
	KeySpec_SDK_HMAC_256          KeySpec_SDK = "HMAC_256"
	KeySpec_SDK_HMAC_384          KeySpec_SDK = "HMAC_384"
	KeySpec_SDK_HMAC_512          KeySpec_SDK = "HMAC_512"
	KeySpec_SDK_SM2               KeySpec_SDK = "SM2"
)

type KeyState

type KeyState string
const (
	KeyState_Creating               KeyState = "Creating"
	KeyState_Enabled                KeyState = "Enabled"
	KeyState_Disabled               KeyState = "Disabled"
	KeyState_PendingDeletion        KeyState = "PendingDeletion"
	KeyState_PendingImport          KeyState = "PendingImport"
	KeyState_PendingReplicaDeletion KeyState = "PendingReplicaDeletion"
	KeyState_Unavailable            KeyState = "Unavailable"
	KeyState_Updating               KeyState = "Updating"
)

type KeyStatus

type KeyStatus struct {
	xpv1.ResourceStatus `json:",inline"`
	AtProvider          KeyObservation `json:"atProvider,omitempty"`
}

KeyStatus defines the observed state of Key.

func (*KeyStatus) DeepCopy

func (in *KeyStatus) DeepCopy() *KeyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyStatus.

func (*KeyStatus) DeepCopyInto

func (in *KeyStatus) DeepCopyInto(out *KeyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeyUsageType

type KeyUsageType string
const (
	KeyUsageType_SIGN_VERIFY         KeyUsageType = "SIGN_VERIFY"
	KeyUsageType_ENCRYPT_DECRYPT     KeyUsageType = "ENCRYPT_DECRYPT"
	KeyUsageType_GENERATE_VERIFY_MAC KeyUsageType = "GENERATE_VERIFY_MAC"
)

type MacAlgorithmSpec added in v0.34.0

type MacAlgorithmSpec string
const (
	MacAlgorithmSpec_HMAC_SHA_224 MacAlgorithmSpec = "HMAC_SHA_224"
	MacAlgorithmSpec_HMAC_SHA_256 MacAlgorithmSpec = "HMAC_SHA_256"
	MacAlgorithmSpec_HMAC_SHA_384 MacAlgorithmSpec = "HMAC_SHA_384"
	MacAlgorithmSpec_HMAC_SHA_512 MacAlgorithmSpec = "HMAC_SHA_512"
)

type MessageType

type MessageType string
const (
	MessageType_RAW    MessageType = "RAW"
	MessageType_DIGEST MessageType = "DIGEST"
)

type MultiRegionConfiguration

type MultiRegionConfiguration struct {
	MultiRegionKeyType *string `json:"multiRegionKeyType,omitempty"`
	// Describes the primary or replica key in a multi-Region key.
	PrimaryKey *MultiRegionKey `json:"primaryKey,omitempty"`

	ReplicaKeys []*MultiRegionKey `json:"replicaKeys,omitempty"`
}

+kubebuilder:skipversion

func (*MultiRegionConfiguration) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MultiRegionConfiguration.

func (*MultiRegionConfiguration) DeepCopyInto

func (in *MultiRegionConfiguration) DeepCopyInto(out *MultiRegionConfiguration)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MultiRegionKey

type MultiRegionKey struct {
	ARN *string `json:"arn,omitempty"`

	Region *string `json:"region,omitempty"`
}

+kubebuilder:skipversion

func (*MultiRegionKey) DeepCopy

func (in *MultiRegionKey) DeepCopy() *MultiRegionKey

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new MultiRegionKey.

func (*MultiRegionKey) DeepCopyInto

func (in *MultiRegionKey) DeepCopyInto(out *MultiRegionKey)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type MultiRegionKeyType

type MultiRegionKeyType string
const (
	MultiRegionKeyType_PRIMARY MultiRegionKeyType = "PRIMARY"
	MultiRegionKeyType_REPLICA MultiRegionKeyType = "REPLICA"
)

type OriginType

type OriginType string
const (
	OriginType_AWS_KMS            OriginType = "AWS_KMS"
	OriginType_EXTERNAL           OriginType = "EXTERNAL"
	OriginType_AWS_CLOUDHSM       OriginType = "AWS_CLOUDHSM"
	OriginType_EXTERNAL_KEY_STORE OriginType = "EXTERNAL_KEY_STORE"
)

type SigningAlgorithmSpec

type SigningAlgorithmSpec string
const (
	SigningAlgorithmSpec_RSASSA_PSS_SHA_256        SigningAlgorithmSpec = "RSASSA_PSS_SHA_256"
	SigningAlgorithmSpec_RSASSA_PSS_SHA_384        SigningAlgorithmSpec = "RSASSA_PSS_SHA_384"
	SigningAlgorithmSpec_RSASSA_PSS_SHA_512        SigningAlgorithmSpec = "RSASSA_PSS_SHA_512"
	SigningAlgorithmSpec_RSASSA_PKCS1_V1_5_SHA_256 SigningAlgorithmSpec = "RSASSA_PKCS1_V1_5_SHA_256"
	SigningAlgorithmSpec_RSASSA_PKCS1_V1_5_SHA_384 SigningAlgorithmSpec = "RSASSA_PKCS1_V1_5_SHA_384"
	SigningAlgorithmSpec_RSASSA_PKCS1_V1_5_SHA_512 SigningAlgorithmSpec = "RSASSA_PKCS1_V1_5_SHA_512"
	SigningAlgorithmSpec_ECDSA_SHA_256             SigningAlgorithmSpec = "ECDSA_SHA_256"
	SigningAlgorithmSpec_ECDSA_SHA_384             SigningAlgorithmSpec = "ECDSA_SHA_384"
	SigningAlgorithmSpec_ECDSA_SHA_512             SigningAlgorithmSpec = "ECDSA_SHA_512"
	SigningAlgorithmSpec_SM2DSA                    SigningAlgorithmSpec = "SM2DSA"
)

type Tag

type Tag struct {
	TagKey *string `json:"tagKey,omitempty"`

	TagValue *string `json:"tagValue,omitempty"`
}

+kubebuilder:skipversion

func (*Tag) DeepCopy

func (in *Tag) DeepCopy() *Tag

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Tag.

func (*Tag) DeepCopyInto

func (in *Tag) DeepCopyInto(out *Tag)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type WrappingKeySpec

type WrappingKeySpec string
const (
	WrappingKeySpec_RSA_2048 WrappingKeySpec = "RSA_2048"
)

type XksKeyConfigurationType added in v0.38.0

type XksKeyConfigurationType struct {
	ID *string `json:"id,omitempty"`
}

+kubebuilder:skipversion

func (*XksKeyConfigurationType) DeepCopy added in v0.38.0

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new XksKeyConfigurationType.

func (*XksKeyConfigurationType) DeepCopyInto added in v0.38.0

func (in *XksKeyConfigurationType) DeepCopyInto(out *XksKeyConfigurationType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type XksProxyConnectivityType added in v0.38.0

type XksProxyConnectivityType string
const (
	XksProxyConnectivityType_PUBLIC_ENDPOINT      XksProxyConnectivityType = "PUBLIC_ENDPOINT"
	XksProxyConnectivityType_VPC_ENDPOINT_SERVICE XksProxyConnectivityType = "VPC_ENDPOINT_SERVICE"
)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL