Documentation
¶
Index ¶
- Constants
- Variables
- type CustomSecretParameters
- type Filter
- type FilterNameStringType
- type RotationRulesType
- type Secret
- func (in *Secret) DeepCopy() *Secret
- func (in *Secret) DeepCopyInto(out *Secret)
- func (in *Secret) DeepCopyObject() runtime.Object
- func (mg *Secret) GetCondition(ct xpv1.ConditionType) xpv1.Condition
- func (mg *Secret) GetDeletionPolicy() xpv1.DeletionPolicy
- func (mg *Secret) GetManagementPolicies() xpv1.ManagementPolicies
- func (mg *Secret) GetProviderConfigReference() *xpv1.Reference
- func (mg *Secret) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo
- func (mg *Secret) GetWriteConnectionSecretToReference() *xpv1.SecretReference
- func (mg *Secret) ResolveReferences(ctx context.Context, c client.Reader) error
- func (mg *Secret) SetConditions(c ...xpv1.Condition)
- func (mg *Secret) SetDeletionPolicy(r xpv1.DeletionPolicy)
- func (mg *Secret) SetManagementPolicies(r xpv1.ManagementPolicies)
- func (mg *Secret) SetProviderConfigReference(r *xpv1.Reference)
- func (mg *Secret) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)
- func (mg *Secret) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)
- type SecretList
- type SecretListEntry
- type SecretObservation
- type SecretParameters
- type SecretReference
- type SecretSpec
- type SecretStatus
- type SecretVersionsListEntry
- type SortOrderType
- type Tag
Constants ¶
const ( CRDGroup = "secretsmanager.aws.crossplane.io" CRDVersion = "v1alpha1" )
Package type metadata.
Variables ¶
var ( SecretKind = "Secret" SecretGroupKind = schema.GroupKind{Group: CRDGroup, Kind: SecretKind}.String() SecretKindAPIVersion = SecretKind + "." + GroupVersion.String() SecretGroupVersionKind = GroupVersion.WithKind(SecretKind) )
Repository type metadata.
var ( // GroupVersion is the API Group Version used to register the objects GroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
Functions ¶
This section is empty.
Types ¶
type CustomSecretParameters ¶
type CustomSecretParameters struct {
// KMSKeyIDRef is a reference to an kms/v1alpha1.Key used
// to set the KMSKeyID field.
// +optional
KMSKeyIDRef *xpv1.Reference `json:"kmsKeyIDRef,omitempty"`
// KMSKeyIDSelector selects references to kms/v1alpha1.Key
// used to set the KMSKeyID.
// +optional
KMSKeyIDSelector *xpv1.Selector `json:"kmsKeyIDSelector,omitempty"`
// StringSecretRef points to the Kubernetes Secret whose data will be sent
// as string to AWS. If key parameter is given, only the value of that key
// will be used. Otherwise, all data in the Secret will be marshalled into
// JSON and sent to AWS.
// Either StringSecretRef or BinarySecretRef must be set, but not both.
StringSecretRef *SecretReference `json:"stringSecretRef,omitempty"`
// BinarySecretRef points to the Kubernetes Secret whose data will be encoded
// as binary data to AWS. If key parameter is given, only the value of that
// key will be used. Otherwise, all data in the Secret will be marshalled
// into JSON and sent to AWS.
// Either StringSecretRef or BinarySecretRef must be set, but not both.
BinarySecretRef *SecretReference `json:"binarySecretRef,omitempty"`
// (Optional) Specifies that the secret is to be deleted without any recovery
// window. You can't use both this parameter and the RecoveryWindowInDays parameter
// in the same API call.
//
// An asynchronous background process performs the actual deletion, so there
// can be a short delay before the operation completes. If you write code to
// delete and then immediately recreate a secret with the same name, ensure
// that your code includes appropriate back off and retry logic.
//
// Use this parameter with caution. This parameter causes the operation to skip
// the normal waiting period before the permanent deletion that AWS would normally
// impose with the RecoveryWindowInDays parameter. If you delete a secret with
// the ForceDeleteWithouRecovery parameter, then you have no opportunity to
// recover the secret. It is permanently lost.
ForceDeleteWithoutRecovery *bool `json:"forceDeleteWithoutRecovery,omitempty"`
// (Optional) Specifies the number of days that Secrets Manager waits before
// it can delete the secret. You can't use both this parameter and the ForceDeleteWithoutRecovery
// parameter in the same API call.
//
// This value can range from 7 to 30 days. The default value is 30.
RecoveryWindowInDays *int64 `json:"recoveryWindowInDays,omitempty"`
// A JSON-formatted string constructed according to the grammar and syntax for
// an Amazon Web Services resource-based policy. The policy in the string identifies
// who can access or manage this secret and its versions. For information on
// how to format a JSON parameter for the various command line tool environments,
// see Using JSON for Parameters (http://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json)
// in the CLI User Guide.
//
// ResourcePolicy is a required field
// +optional
ResourcePolicy *string `json:"resourcePolicy,omitempty"`
}
CustomSecretParameters contains the additional fields for SecretParameters.
func (*CustomSecretParameters) DeepCopy ¶
func (in *CustomSecretParameters) DeepCopy() *CustomSecretParameters
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomSecretParameters.
func (*CustomSecretParameters) DeepCopyInto ¶
func (in *CustomSecretParameters) DeepCopyInto(out *CustomSecretParameters)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Filter ¶
type Filter struct {
Key *string `json:"key,omitempty"`
Values []*string `json:"values,omitempty"`
}
+kubebuilder:skipversion
func (*Filter) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Filter.
func (*Filter) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type FilterNameStringType ¶
type FilterNameStringType string
const ( FilterNameStringType_description FilterNameStringType = "description" FilterNameStringType_name FilterNameStringType = "name" FilterNameStringType_tag_key FilterNameStringType = "tag-key" FilterNameStringType_tag_value FilterNameStringType = "tag-value" FilterNameStringType_all FilterNameStringType = "all" )
type RotationRulesType ¶
type RotationRulesType struct {
AutomaticallyAfterDays *int64 `json:"automaticallyAfterDays,omitempty"`
}
+kubebuilder:skipversion
func (*RotationRulesType) DeepCopy ¶
func (in *RotationRulesType) DeepCopy() *RotationRulesType
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RotationRulesType.
func (*RotationRulesType) DeepCopyInto ¶
func (in *RotationRulesType) DeepCopyInto(out *RotationRulesType)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Secret ¶
type Secret struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec SecretSpec `json:"spec"`
Status SecretStatus `json:"status,omitempty"`
}
Secret is the Schema for the Secrets API +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:subresource:status +kubebuilder:deprecatedversion:warning="Please use v1beta1 version of this resource." +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}
func (*Secret) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Secret.
func (*Secret) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Secret) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*Secret) GetCondition ¶
func (mg *Secret) GetCondition(ct xpv1.ConditionType) xpv1.Condition
GetCondition of this Secret.
func (*Secret) GetDeletionPolicy ¶
func (mg *Secret) GetDeletionPolicy() xpv1.DeletionPolicy
GetDeletionPolicy of this Secret.
func (*Secret) GetManagementPolicies ¶ added in v0.43.0
func (mg *Secret) GetManagementPolicies() xpv1.ManagementPolicies
GetManagementPolicies of this Secret.
func (*Secret) GetProviderConfigReference ¶
GetProviderConfigReference of this Secret.
func (*Secret) GetPublishConnectionDetailsTo ¶
func (mg *Secret) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo
GetPublishConnectionDetailsTo of this Secret.
func (*Secret) GetWriteConnectionSecretToReference ¶
func (mg *Secret) GetWriteConnectionSecretToReference() *xpv1.SecretReference
GetWriteConnectionSecretToReference of this Secret.
func (*Secret) ResolveReferences ¶
ResolveReferences of this Secret
func (*Secret) SetConditions ¶
SetConditions of this Secret.
func (*Secret) SetDeletionPolicy ¶
func (mg *Secret) SetDeletionPolicy(r xpv1.DeletionPolicy)
SetDeletionPolicy of this Secret.
func (*Secret) SetManagementPolicies ¶ added in v0.43.0
func (mg *Secret) SetManagementPolicies(r xpv1.ManagementPolicies)
SetManagementPolicies of this Secret.
func (*Secret) SetProviderConfigReference ¶
SetProviderConfigReference of this Secret.
func (*Secret) SetPublishConnectionDetailsTo ¶
func (mg *Secret) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)
SetPublishConnectionDetailsTo of this Secret.
func (*Secret) SetWriteConnectionSecretToReference ¶
func (mg *Secret) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)
SetWriteConnectionSecretToReference of this Secret.
type SecretList ¶
type SecretList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []Secret `json:"items"`
}
SecretList contains a list of Secrets
func (*SecretList) DeepCopy ¶
func (in *SecretList) DeepCopy() *SecretList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretList.
func (*SecretList) DeepCopyInto ¶
func (in *SecretList) DeepCopyInto(out *SecretList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*SecretList) DeepCopyObject ¶
func (in *SecretList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*SecretList) GetItems ¶
func (l *SecretList) GetItems() []resource.Managed
GetItems of this SecretList.
type SecretListEntry ¶
type SecretListEntry struct {
ARN *string `json:"arn,omitempty"`
CreatedDate *metav1.Time `json:"createdDate,omitempty"`
DeletedDate *metav1.Time `json:"deletedDate,omitempty"`
Description *string `json:"description,omitempty"`
KMSKeyID *string `json:"kmsKeyID,omitempty"`
LastAccessedDate *metav1.Time `json:"lastAccessedDate,omitempty"`
LastChangedDate *metav1.Time `json:"lastChangedDate,omitempty"`
LastRotatedDate *metav1.Time `json:"lastRotatedDate,omitempty"`
Name *string `json:"name,omitempty"`
OwningService *string `json:"owningService,omitempty"`
RotationEnabled *bool `json:"rotationEnabled,omitempty"`
RotationLambdaARN *string `json:"rotationLambdaARN,omitempty"`
// A structure that defines the rotation configuration for the secret.
RotationRules *RotationRulesType `json:"rotationRules,omitempty"`
SecretVersionsToStages map[string][]*string `json:"secretVersionsToStages,omitempty"`
Tags []*Tag `json:"tags,omitempty"`
}
+kubebuilder:skipversion
func (*SecretListEntry) DeepCopy ¶
func (in *SecretListEntry) DeepCopy() *SecretListEntry
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretListEntry.
func (*SecretListEntry) DeepCopyInto ¶
func (in *SecretListEntry) DeepCopyInto(out *SecretListEntry)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SecretObservation ¶
type SecretObservation struct {
// The Amazon Resource Name (ARN) of the secret that you just created.
//
// Secrets Manager automatically adds several random characters to the name
// at the end of the ARN when you initially create a secret. This affects only
// the ARN and not the actual friendly name. This ensures that if you create
// a new secret with the same name as an old secret that you previously deleted,
// then users with access to the old secret don't automatically get access to
// the new secret because the ARNs are different.
ARN *string `json:"arn,omitempty"`
}
SecretObservation defines the observed state of Secret
func (*SecretObservation) DeepCopy ¶
func (in *SecretObservation) DeepCopy() *SecretObservation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretObservation.
func (*SecretObservation) DeepCopyInto ¶
func (in *SecretObservation) DeepCopyInto(out *SecretObservation)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SecretParameters ¶
type SecretParameters struct {
// Region is which region the Secret will be created.
// +kubebuilder:validation:Required
Region string `json:"region"`
// (Optional) Specifies a user-provided description of the secret.
Description *string `json:"description,omitempty"`
// (Optional) Specifies the ARN, Key ID, or alias of the AWS KMS customer master
// key (CMK) to be used to encrypt the SecretString or SecretBinary values in
// the versions stored in this secret.
//
// You can specify any of the supported ways to identify a AWS KMS key ID. If
// you need to reference a CMK in a different account, you can use only the
// key ARN or the alias ARN.
//
// If you don't specify this value, then Secrets Manager defaults to using the
// AWS account's default CMK (the one named aws/secretsmanager). If a AWS KMS
// CMK with that name doesn't yet exist, then Secrets Manager creates it for
// you automatically the first time it needs to encrypt a version's SecretString
// or SecretBinary fields.
//
// You can use the account default CMK to encrypt and decrypt only if you call
// this operation using credentials from the same account that owns the secret.
// If the secret resides in a different account, then you must create a custom
// CMK and specify the ARN in this field.
KMSKeyID *string `json:"kmsKeyID,omitempty"`
// (Optional) Specifies a list of user-defined tags that are attached to the
// secret. Each tag is a "Key" and "Value" pair of strings. This operation only
// appends tags to the existing list of tags. To remove tags, you must use UntagResource.
//
// * Secrets Manager tag key names are case sensitive. A tag with the key
// "ABC" is a different tag from one with key "abc".
//
// * If you check tags in IAM policy Condition elements as part of your security
// strategy, then adding or removing a tag can change permissions. If the
// successful completion of this operation would result in you losing your
// permissions for this secret, then this operation is blocked and returns
// an Access Denied error.
//
// This parameter requires a JSON text string argument. For information on how
// to format a JSON parameter for the various command line tool environments,
// see Using JSON for Parameters (https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json)
// in the AWS CLI User Guide. For example:
//
// [{"Key":"CostCenter","Value":"12345"},{"Key":"environment","Value":"production"}]
//
// If your command-line tool or SDK requires quotation marks around the parameter,
// you should use single quotes to avoid confusion with the double quotes required
// in the JSON text.
//
// The following basic restrictions apply to tags:
//
// * Maximum number of tags per secret—50
//
// * Maximum key length—127 Unicode characters in UTF-8
//
// * Maximum value length—255 Unicode characters in UTF-8
//
// * Tag keys and values are case sensitive.
//
// * Do not use the aws: prefix in your tag names or values because AWS reserves
// it for AWS use. You can't edit or delete tag names or values with this
// prefix. Tags with this prefix do not count against your tags per secret
// limit.
//
// * If you use your tagging schema across multiple services and resources,
// remember other services might have restrictions on allowed characters.
// Generally allowed characters: letters, spaces, and numbers representable
// in UTF-8, plus the following special characters: + - = . _ : / @.
Tags []*Tag `json:"tags,omitempty"`
CustomSecretParameters `json:",inline"`
}
SecretParameters defines the desired state of Secret
func (*SecretParameters) DeepCopy ¶
func (in *SecretParameters) DeepCopy() *SecretParameters
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretParameters.
func (*SecretParameters) DeepCopyInto ¶
func (in *SecretParameters) DeepCopyInto(out *SecretParameters)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SecretReference ¶
type SecretReference struct {
// Name of the secret.
Name string `json:"name"`
// Namespace of the secret.
Namespace string `json:"namespace"`
// Key whose value will be used. If not given, the whole map in the Secret
// data will be used.
Key *string `json:"key,omitempty"`
}
A SecretReference is a reference to a secret in an arbitrary namespace.
func (*SecretReference) DeepCopy ¶
func (in *SecretReference) DeepCopy() *SecretReference
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretReference.
func (*SecretReference) DeepCopyInto ¶
func (in *SecretReference) DeepCopyInto(out *SecretReference)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SecretSpec ¶
type SecretSpec struct {
xpv1.ResourceSpec `json:",inline"`
ForProvider SecretParameters `json:"forProvider"`
}
SecretSpec defines the desired state of Secret
func (*SecretSpec) DeepCopy ¶
func (in *SecretSpec) DeepCopy() *SecretSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretSpec.
func (*SecretSpec) DeepCopyInto ¶
func (in *SecretSpec) DeepCopyInto(out *SecretSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SecretStatus ¶
type SecretStatus struct {
xpv1.ResourceStatus `json:",inline"`
AtProvider SecretObservation `json:"atProvider,omitempty"`
}
SecretStatus defines the observed state of Secret.
func (*SecretStatus) DeepCopy ¶
func (in *SecretStatus) DeepCopy() *SecretStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretStatus.
func (*SecretStatus) DeepCopyInto ¶
func (in *SecretStatus) DeepCopyInto(out *SecretStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SecretVersionsListEntry ¶
type SecretVersionsListEntry struct {
LastAccessedDate *metav1.Time `json:"lastAccessedDate,omitempty"`
VersionStages []*string `json:"versionStages,omitempty"`
}
+kubebuilder:skipversion
func (*SecretVersionsListEntry) DeepCopy ¶
func (in *SecretVersionsListEntry) DeepCopy() *SecretVersionsListEntry
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretVersionsListEntry.
func (*SecretVersionsListEntry) DeepCopyInto ¶
func (in *SecretVersionsListEntry) DeepCopyInto(out *SecretVersionsListEntry)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type SortOrderType ¶
type SortOrderType string
const ( SortOrderType_asc SortOrderType = "asc" SortOrderType_desc SortOrderType = "desc" )
Source Files