v1alpha1

package
v0.22.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 10, 2022 License: Apache-2.0 Imports: 12 Imported by: 0

Documentation

Overview

Package v1alpha1 contains managed resources, such as KeyRing, for KMS services. +kubebuilder:object:generate=true +groupName=kms.gcp.crossplane.io +versionName=v1alpha1

Index

Constants

View Source 
const (
	Group   = "kms.gcp.crossplane.io"
	Version = "v1alpha1"
)

Package type metadata.

Variables

View Source 
var (
	// SchemeGroupVersion is group version used to register these objects
	SchemeGroupVersion = schema.GroupVersion{Group: Group, Version: Version}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: SchemeGroupVersion}
)
View Source 
var (
	KeyRingKind             = reflect.TypeOf(KeyRing{}).Name()
	KeyRingGroupKind        = schema.GroupKind{Group: Group, Kind: KeyRingKind}.String()
	KeyRingKindAPIVersion   = KeyRingKind + "." + SchemeGroupVersion.String()
	KeyRingGroupVersionKind = SchemeGroupVersion.WithKind(KeyRingKind)
)

KeyRing type metadata.

View Source 
var (
	CryptoKeyKind             = reflect.TypeOf(CryptoKey{}).Name()
	CryptoKeyGroupKind        = schema.GroupKind{Group: Group, Kind: CryptoKeyKind}.String()
	CryptoKeyKindAPIVersion   = CryptoKeyKind + "." + SchemeGroupVersion.String()
	CryptoKeyGroupVersionKind = SchemeGroupVersion.WithKind(CryptoKeyKind)
)

CryptoKey type metadata.

View Source 
var (
	CryptoKeyPolicyKind             = reflect.TypeOf(CryptoKeyPolicy{}).Name()
	CryptoKeyPolicyGroupKind        = schema.GroupKind{Group: Group, Kind: CryptoKeyPolicyKind}.String()
	CryptoKeyPolicyKindAPIVersion   = CryptoKeyPolicyKind + "." + SchemeGroupVersion.String()
	CryptoKeyPolicyGroupVersionKind = SchemeGroupVersion.WithKind(CryptoKeyPolicyKind)
)

CryptoKeyPolicy type metadata.

Functions

func CryptoKeyRRN 

func CryptoKeyRRN() reference.ExtractValueFn

CryptoKeyRRN extracts the partially qualified URL of a Network.

func KeyRingRRN 

func KeyRingRRN() reference.ExtractValueFn

KeyRingRRN extracts the partially qualified URL of a Network.

Types

type CryptoKey 

type CryptoKey struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   CryptoKeySpec   `json:"spec"`
	Status CryptoKeyStatus `json:"status,omitempty"`
}

CryptoKey is a managed resource that represents a Google KMS Crypto Key. +kubebuilder:subresource:status +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="PURPOSE",type="string",JSONPath=".spec.forProvider.purpose" +kubebuilder:resource:scope=Cluster +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,gcp}

func (*CryptoKey) DeepCopy 

func (in *CryptoKey) DeepCopy() *CryptoKey

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CryptoKey.

func (*CryptoKey) DeepCopyInto 

func (in *CryptoKey) DeepCopyInto(out *CryptoKey)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CryptoKey) DeepCopyObject 

func (in *CryptoKey) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*CryptoKey) GetCondition 

func (mg *CryptoKey) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this CryptoKey.

func (*CryptoKey) GetDeletionPolicy 

func (mg *CryptoKey) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this CryptoKey.

func (*CryptoKey) GetProviderConfigReference 

func (mg *CryptoKey) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this CryptoKey.

func (*CryptoKey) GetProviderReference 

func (mg *CryptoKey) GetProviderReference() *xpv1.Reference

GetProviderReference of this CryptoKey. Deprecated: Use GetProviderConfigReference.

func (*CryptoKey) GetPublishConnectionDetailsTo 

func (mg *CryptoKey) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this CryptoKey.

func (*CryptoKey) GetWriteConnectionSecretToReference 

func (mg *CryptoKey) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this CryptoKey.

func (*CryptoKey) ResolveReferences 

func (in *CryptoKey) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this CryptoKey

func (*CryptoKey) SetConditions 

func (mg *CryptoKey) SetConditions(c ...xpv1.Condition)

SetConditions of this CryptoKey.

func (*CryptoKey) SetDeletionPolicy 

func (mg *CryptoKey) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this CryptoKey.

func (*CryptoKey) SetProviderConfigReference 

func (mg *CryptoKey) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this CryptoKey.

func (*CryptoKey) SetProviderReference 

func (mg *CryptoKey) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this CryptoKey. Deprecated: Use SetProviderConfigReference.

func (*CryptoKey) SetPublishConnectionDetailsTo 

func (mg *CryptoKey) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this CryptoKey.

func (*CryptoKey) SetWriteConnectionSecretToReference 

func (mg *CryptoKey) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this CryptoKey.

type CryptoKeyList 

type CryptoKeyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []CryptoKey `json:"items"`
}

CryptoKeyList contains a list of CryptoKey types

func (*CryptoKeyList) DeepCopy 

func (in *CryptoKeyList) DeepCopy() *CryptoKeyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CryptoKeyList.

func (*CryptoKeyList) DeepCopyInto 

func (in *CryptoKeyList) DeepCopyInto(out *CryptoKeyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CryptoKeyList) DeepCopyObject 

func (in *CryptoKeyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*CryptoKeyList) GetItems 

func (l *CryptoKeyList) GetItems() []resource.Managed

GetItems of this CryptoKeyList.

type CryptoKeyObservation 

type CryptoKeyObservation struct {
	// CreateTime: Output only. The time at which this CryptoKey was
	// created.
	CreateTime string `json:"createTime,omitempty"`

	// Name: Output only. The resource name for this CryptoKey in the
	// format
	// `projects/*/locations/*/keyRings/*/cryptoKeys/*`.
	Name string `json:"name,omitempty"`

	// NextRotationTime: At next_rotation_time, the Key Management Service
	// will automatically:
	//
	// 1. Create a new version of this CryptoKey.
	// 2. Mark the new version as primary.
	//
	// Key rotations performed manually via
	// CreateCryptoKeyVersion and
	// UpdateCryptoKeyPrimaryVersion
	// do not affect next_rotation_time.
	//
	// Keys with purpose
	// ENCRYPT_DECRYPT support
	// automatic rotation. For other keys, this field must be omitted.
	NextRotationTime string `json:"nextRotationTime,omitempty"`

	// Primary: Output only. A copy of the "primary" CryptoKeyVersion that
	// will be used
	// by Encrypt when this CryptoKey is given
	// in EncryptRequest.name.
	//
	// The CryptoKey's primary version can be updated
	// via
	// UpdateCryptoKeyPrimaryVersion.
	//
	// Keys with purpose
	// ENCRYPT_DECRYPT may have a
	// primary. For other keys, this field will be omitted.
	Primary *CryptoKeyVersion `json:"primary,omitempty"`
}

CryptoKeyObservation is used to show the observed state of the CryptoKey resource on GCP. All fields in this structure should only be populated from GCP responses; any changes made to the k8s resource outside of the crossplane gcp controller will be ignored and overwritten.

func (*CryptoKeyObservation) DeepCopy 

func (in *CryptoKeyObservation) DeepCopy() *CryptoKeyObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CryptoKeyObservation.

func (*CryptoKeyObservation) DeepCopyInto 

func (in *CryptoKeyObservation) DeepCopyInto(out *CryptoKeyObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CryptoKeyParameters 

type CryptoKeyParameters struct {
	// KeyRing: The RRN of the KeyRing to which this CryptoKey belongs,
	// provided by the client when initially creating the CryptoKey.
	// +optional
	// +immutable
	KeyRing *string `json:"keyRing,omitempty"`

	// KeyRingRef references a KeyRing and retrieves its URI
	// +optional
	// +immutable
	KeyRingRef *xpv1.Reference `json:"keyRingRef,omitempty"`

	// KeyRingSelector selects a reference to a KeyRing
	// +optional
	KeyRingSelector *xpv1.Selector `json:"keyRingSelector,omitempty"`

	// Labels: Labels with user-defined metadata. For more information,
	// see
	// [Labeling Keys](/kms/docs/labeling-keys).
	// +optional
	Labels map[string]string `json:"labels,omitempty"`

	// Purpose: Immutable. The immutable purpose of this CryptoKey.
	//
	// Possible values:
	//   "CRYPTO_KEY_PURPOSE_UNSPECIFIED" - Not specified.
	//   "ENCRYPT_DECRYPT" - CryptoKeys with this purpose may be used
	// with
	// Encrypt and
	// Decrypt.
	//   "ASYMMETRIC_SIGN" - CryptoKeys with this purpose may be used
	// with
	// AsymmetricSign and
	// GetPublicKey.
	//   "ASYMMETRIC_DECRYPT" - CryptoKeys with this purpose may be used
	// with
	// AsymmetricDecrypt and
	// GetPublicKey.
	// +immutable
	// +kubebuilder:validation:Enum=ENCRYPT_DECRYPT;ASYMMETRIC_SIGN;ASYMMETRIC_DECRYPT
	Purpose string `json:"purpose"`

	// RotationPeriod: next_rotation_time will be advanced by this period
	// when the service
	// automatically rotates a key. Must be at least 24 hours and at
	// most
	// 876,000 hours.
	//
	// If rotation_period is set, next_rotation_time must also be set.
	//
	// Keys with purpose
	// ENCRYPT_DECRYPT support
	// automatic rotation. For other keys, this field must be omitted.
	// +optional
	RotationPeriod *string `json:"rotationPeriod,omitempty"`

	// NextRotationTime: At next_rotation_time, the Key Management Service
	// will automatically:
	//
	// 1. Create a new version of this CryptoKey.
	// 2. Mark the new version as primary.
	//
	// Key rotations performed manually via
	// CreateCryptoKeyVersion and
	// UpdateCryptoKeyPrimaryVersion
	// do not affect next_rotation_time.
	//
	// Keys with purpose
	// ENCRYPT_DECRYPT support
	// automatic rotation. For other keys, this field must be omitted.
	// +optional
	NextRotationTime *string `json:"nextRotationTime,omitempty"`

	// VersionTemplate: A template describing settings for new
	// CryptoKeyVersion instances.
	// The properties of new CryptoKeyVersion instances created by
	// either
	// CreateCryptoKeyVersion or
	// auto-rotation are controlled by this template.
	// +optional
	VersionTemplate *CryptoKeyVersionTemplate `json:"versionTemplate,omitempty"`
}

CryptoKeyParameters defines parameters for a desired KMS CryptoKey https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys

func (*CryptoKeyParameters) DeepCopy 

func (in *CryptoKeyParameters) DeepCopy() *CryptoKeyParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CryptoKeyParameters.

func (*CryptoKeyParameters) DeepCopyInto 

func (in *CryptoKeyParameters) DeepCopyInto(out *CryptoKeyParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CryptoKeyPolicy 

type CryptoKeyPolicy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   CryptoKeyPolicySpec   `json:"spec"`
	Status CryptoKeyPolicyStatus `json:"status,omitempty"`
}

CryptoKeyPolicy is a managed resource that represents a Google KMS Crypto Key. +kubebuilder:subresource:status +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:resource:scope=Cluster +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,gcp}

func (*CryptoKeyPolicy) DeepCopy 

func (in *CryptoKeyPolicy) DeepCopy() *CryptoKeyPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CryptoKeyPolicy.

func (*CryptoKeyPolicy) DeepCopyInto 

func (in *CryptoKeyPolicy) DeepCopyInto(out *CryptoKeyPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CryptoKeyPolicy) DeepCopyObject 

func (in *CryptoKeyPolicy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*CryptoKeyPolicy) GetCondition 

func (mg *CryptoKeyPolicy) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this CryptoKeyPolicy.

func (*CryptoKeyPolicy) GetDeletionPolicy 

func (mg *CryptoKeyPolicy) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this CryptoKeyPolicy.

func (*CryptoKeyPolicy) GetProviderConfigReference 

func (mg *CryptoKeyPolicy) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this CryptoKeyPolicy.

func (*CryptoKeyPolicy) GetProviderReference 

func (mg *CryptoKeyPolicy) GetProviderReference() *xpv1.Reference

GetProviderReference of this CryptoKeyPolicy. Deprecated: Use GetProviderConfigReference.

func (*CryptoKeyPolicy) GetPublishConnectionDetailsTo 

func (mg *CryptoKeyPolicy) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this CryptoKeyPolicy.

func (*CryptoKeyPolicy) GetWriteConnectionSecretToReference 

func (mg *CryptoKeyPolicy) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this CryptoKeyPolicy.

func (*CryptoKeyPolicy) ResolveReferences 

func (in *CryptoKeyPolicy) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this CryptoKeyPolicy

func (*CryptoKeyPolicy) SetConditions 

func (mg *CryptoKeyPolicy) SetConditions(c ...xpv1.Condition)

SetConditions of this CryptoKeyPolicy.

func (*CryptoKeyPolicy) SetDeletionPolicy 

func (mg *CryptoKeyPolicy) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this CryptoKeyPolicy.

func (*CryptoKeyPolicy) SetProviderConfigReference 

func (mg *CryptoKeyPolicy) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this CryptoKeyPolicy.

func (*CryptoKeyPolicy) SetProviderReference 

func (mg *CryptoKeyPolicy) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this CryptoKeyPolicy. Deprecated: Use SetProviderConfigReference.

func (*CryptoKeyPolicy) SetPublishConnectionDetailsTo 

func (mg *CryptoKeyPolicy) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this CryptoKeyPolicy.

func (*CryptoKeyPolicy) SetWriteConnectionSecretToReference 

func (mg *CryptoKeyPolicy) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this CryptoKeyPolicy.

type CryptoKeyPolicyList 

type CryptoKeyPolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []CryptoKeyPolicy `json:"items"`
}

CryptoKeyPolicyList contains a list of CryptoKeyPolicy types

func (*CryptoKeyPolicyList) DeepCopy 

func (in *CryptoKeyPolicyList) DeepCopy() *CryptoKeyPolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CryptoKeyPolicyList.

func (*CryptoKeyPolicyList) DeepCopyInto 

func (in *CryptoKeyPolicyList) DeepCopyInto(out *CryptoKeyPolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CryptoKeyPolicyList) DeepCopyObject 

func (in *CryptoKeyPolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*CryptoKeyPolicyList) GetItems 

func (l *CryptoKeyPolicyList) GetItems() []resource.Managed

GetItems of this CryptoKeyPolicyList.

type CryptoKeyPolicyParameters 

type CryptoKeyPolicyParameters struct {
	// CryptoKey: The RRN of the CryptoKey to which this CryptoKeyPolicy belongs.
	// +optional
	// +immutable
	CryptoKey *string `json:"cryptoKey,omitempty"`

	// CryptoKeyRef references a CryptoKey and retrieves its URI
	// +optional
	// +immutable
	CryptoKeyRef *xpv1.Reference `json:"cryptoKeyRef,omitempty"`

	// CryptoKeySelector selects a reference to a CryptoKey
	// +optional
	CryptoKeySelector *xpv1.Selector `json:"cryptoKeySelector,omitempty"`

	// Policy: An Identity and Access Management (IAM) policy, which
	// specifies access controls for Google Cloud resources.
	Policy iamv1alpha1.Policy `json:"policy"`
}

CryptoKeyPolicyParameters defines parameters for a desired KMS CryptoKeyPolicy https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings.cryptoKeys

func (*CryptoKeyPolicyParameters) DeepCopy 

func (in *CryptoKeyPolicyParameters) DeepCopy() *CryptoKeyPolicyParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CryptoKeyPolicyParameters.

func (*CryptoKeyPolicyParameters) DeepCopyInto 

func (in *CryptoKeyPolicyParameters) DeepCopyInto(out *CryptoKeyPolicyParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CryptoKeyPolicySpec 

type CryptoKeyPolicySpec struct {
	xpv1.ResourceSpec `json:",inline"`
	ForProvider       CryptoKeyPolicyParameters `json:"forProvider"`
}

CryptoKeyPolicySpec defines the desired state of a CryptoKeyPolicy.

func (*CryptoKeyPolicySpec) DeepCopy 

func (in *CryptoKeyPolicySpec) DeepCopy() *CryptoKeyPolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CryptoKeyPolicySpec.

func (*CryptoKeyPolicySpec) DeepCopyInto 

func (in *CryptoKeyPolicySpec) DeepCopyInto(out *CryptoKeyPolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CryptoKeyPolicyStatus 

type CryptoKeyPolicyStatus struct {
	xpv1.ResourceStatus `json:",inline"`
}

CryptoKeyPolicyStatus represents the observed state of a CryptoKeyPolicy.

func (*CryptoKeyPolicyStatus) DeepCopy 

func (in *CryptoKeyPolicyStatus) DeepCopy() *CryptoKeyPolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CryptoKeyPolicyStatus.

func (*CryptoKeyPolicyStatus) DeepCopyInto 

func (in *CryptoKeyPolicyStatus) DeepCopyInto(out *CryptoKeyPolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CryptoKeySpec 

type CryptoKeySpec struct {
	xpv1.ResourceSpec `json:",inline"`
	ForProvider       CryptoKeyParameters `json:"forProvider"`
}

CryptoKeySpec defines the desired state of a CryptoKey.

func (*CryptoKeySpec) DeepCopy 

func (in *CryptoKeySpec) DeepCopy() *CryptoKeySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CryptoKeySpec.

func (*CryptoKeySpec) DeepCopyInto 

func (in *CryptoKeySpec) DeepCopyInto(out *CryptoKeySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CryptoKeyStatus 

type CryptoKeyStatus struct {
	xpv1.ResourceStatus `json:",inline"`
	AtProvider          CryptoKeyObservation `json:"atProvider,omitempty"`
}

CryptoKeyStatus represents the observed state of a CryptoKey.

func (*CryptoKeyStatus) DeepCopy 

func (in *CryptoKeyStatus) DeepCopy() *CryptoKeyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CryptoKeyStatus.

func (*CryptoKeyStatus) DeepCopyInto 

func (in *CryptoKeyStatus) DeepCopyInto(out *CryptoKeyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CryptoKeyVersion 

type CryptoKeyVersion struct {
	// Algorithm: Output only. The CryptoKeyVersionAlgorithm that
	// this
	// CryptoKeyVersion supports.
	//
	// Possible values:
	//   "CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED" - Not specified.
	//   "GOOGLE_SYMMETRIC_ENCRYPTION" - Creates symmetric encryption keys.
	//   "RSA_SIGN_PSS_2048_SHA256" - RSASSA-PSS 2048 bit key with a SHA256
	// digest.
	//   "RSA_SIGN_PSS_3072_SHA256" - RSASSA-PSS 3072 bit key with a SHA256
	// digest.
	//   "RSA_SIGN_PSS_4096_SHA256" - RSASSA-PSS 4096 bit key with a SHA256
	// digest.
	//   "RSA_SIGN_PSS_4096_SHA512" - RSASSA-PSS 4096 bit key with a SHA512
	// digest.
	//   "RSA_SIGN_PKCS1_2048_SHA256" - RSASSA-PKCS1-v1_5 with a 2048 bit
	// key and a SHA256 digest.
	//   "RSA_SIGN_PKCS1_3072_SHA256" - RSASSA-PKCS1-v1_5 with a 3072 bit
	// key and a SHA256 digest.
	//   "RSA_SIGN_PKCS1_4096_SHA256" - RSASSA-PKCS1-v1_5 with a 4096 bit
	// key and a SHA256 digest.
	//   "RSA_SIGN_PKCS1_4096_SHA512" - RSASSA-PKCS1-v1_5 with a 4096 bit
	// key and a SHA512 digest.
	//   "RSA_DECRYPT_OAEP_2048_SHA256" - RSAES-OAEP 2048 bit key with a
	// SHA256 digest.
	//   "RSA_DECRYPT_OAEP_3072_SHA256" - RSAES-OAEP 3072 bit key with a
	// SHA256 digest.
	//   "RSA_DECRYPT_OAEP_4096_SHA256" - RSAES-OAEP 4096 bit key with a
	// SHA256 digest.
	//   "RSA_DECRYPT_OAEP_4096_SHA512" - RSAES-OAEP 4096 bit key with a
	// SHA512 digest.
	//   "EC_SIGN_P256_SHA256" - ECDSA on the NIST P-256 curve with a SHA256
	// digest.
	//   "EC_SIGN_P384_SHA384" - ECDSA on the NIST P-384 curve with a SHA384
	// digest.
	//   "EXTERNAL_SYMMETRIC_ENCRYPTION" - Algorithm representing symmetric
	// encryption by an external key manager.
	Algorithm string `json:"algorithm,omitempty"`

	// Attestation: Output only. Statement that was generated and signed by
	// the HSM at key
	// creation time. Use this statement to verify attributes of the key as
	// stored
	// on the HSM, independently of Google. Only provided for key versions
	// with
	// protection_level HSM.
	Attestation *KeyOperationAttestation `json:"attestation,omitempty"`

	// CreateTime: Output only. The time at which this CryptoKeyVersion was
	// created.
	CreateTime string `json:"createTime,omitempty"`

	// DestroyEventTime: Output only. The time this CryptoKeyVersion's key
	// material was
	// destroyed. Only present if state is
	// DESTROYED.
	DestroyEventTime string `json:"destroyEventTime,omitempty"`

	// DestroyTime: Output only. The time this CryptoKeyVersion's key
	// material is scheduled
	// for destruction. Only present if state is
	// DESTROY_SCHEDULED.
	DestroyTime string `json:"destroyTime,omitempty"`

	// ExternalProtectionLevelOptions: ExternalProtectionLevelOptions stores
	// a group of additional fields for
	// configuring a CryptoKeyVersion that are specific to the
	// EXTERNAL protection level.
	ExternalProtectionLevelOptions *ExternalProtectionLevelOptions `json:"externalProtectionLevelOptions,omitempty"`

	// GenerateTime: Output only. The time this CryptoKeyVersion's key
	// material was
	// generated.
	GenerateTime string `json:"generateTime,omitempty"`

	// ImportFailureReason: Output only. The root cause of an import
	// failure. Only present if
	// state is
	// IMPORT_FAILED.
	ImportFailureReason string `json:"importFailureReason,omitempty"`

	// ImportJob: Output only. The name of the ImportJob used to import
	// this
	// CryptoKeyVersion. Only present if the underlying key material
	// was
	// imported.
	ImportJob string `json:"importJob,omitempty"`

	// ImportTime: Output only. The time at which this CryptoKeyVersion's
	// key material
	// was imported.
	ImportTime string `json:"importTime,omitempty"`

	// Name: Output only. The resource name for this CryptoKeyVersion in the
	// format
	// `projects/*/locations/*/keyRings/*/cryptoKeys/*/cryptoKeyVersio
	// ns/*`.
	Name string `json:"name,omitempty"`

	// ProtectionLevel: Output only. The ProtectionLevel describing how
	// crypto operations are
	// performed with this CryptoKeyVersion.
	//
	// Possible values:
	//   "PROTECTION_LEVEL_UNSPECIFIED" - Not specified.
	//   "SOFTWARE" - Crypto operations are performed in software.
	//   "HSM" - Crypto operations are performed in a Hardware Security
	// Module.
	//   "EXTERNAL" - Crypto operations are performed by an external key
	// manager.
	ProtectionLevel string `json:"protectionLevel,omitempty"`

	// State: The current state of the CryptoKeyVersion.
	//
	// Possible values:
	//   "CRYPTO_KEY_VERSION_STATE_UNSPECIFIED" - Not specified.
	//   "PENDING_GENERATION" - This version is still being generated. It
	// may not be used, enabled,
	// disabled, or destroyed yet. Cloud KMS will automatically mark
	// this
	// version ENABLED as soon as the version is ready.
	//   "ENABLED" - This version may be used for cryptographic operations.
	//   "DISABLED" - This version may not be used, but the key material is
	// still available,
	// and the version can be placed back into the ENABLED state.
	//   "DESTROYED" - This version is destroyed, and the key material is no
	// longer stored.
	// A version may not leave this state once entered.
	//   "DESTROY_SCHEDULED" - This version is scheduled for destruction,
	// and will be destroyed soon.
	// Call
	// RestoreCryptoKeyVersion
	// to put it back into the DISABLED state.
	//   "PENDING_IMPORT" - This version is still being imported. It may not
	// be used, enabled,
	// disabled, or destroyed yet. Cloud KMS will automatically mark
	// this
	// version ENABLED as soon as the version is ready.
	//   "IMPORT_FAILED" - This version was not imported successfully. It
	// may not be used, enabled,
	// disabled, or destroyed. The submitted key material has been
	// discarded.
	// Additional details can be found
	// in
	// CryptoKeyVersion.import_failure_reason.
	State string `json:"state,omitempty"`
}

A CryptoKeyVersion represents an individual cryptographic key, and the associated key material.

An ENABLED version can be used for cryptographic operations.

For security reasons, the raw cryptographic key material represented by a CryptoKeyVersion can never be viewed or exported. It can only be used to encrypt, decrypt, or sign data when an authorized user or application invokes Cloud KMS.

func (*CryptoKeyVersion) DeepCopy 

func (in *CryptoKeyVersion) DeepCopy() *CryptoKeyVersion

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CryptoKeyVersion.

func (*CryptoKeyVersion) DeepCopyInto 

func (in *CryptoKeyVersion) DeepCopyInto(out *CryptoKeyVersion)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CryptoKeyVersionTemplate 

type CryptoKeyVersionTemplate struct {
	// Algorithm: Required. Algorithm to use
	// when creating a CryptoKeyVersion based on this template.
	//
	// For backwards compatibility, GOOGLE_SYMMETRIC_ENCRYPTION is implied
	// if both
	// this field is omitted and CryptoKey.purpose is
	// ENCRYPT_DECRYPT.
	//
	// Possible values:
	//   "CRYPTO_KEY_VERSION_ALGORITHM_UNSPECIFIED" - Not specified.
	//   "GOOGLE_SYMMETRIC_ENCRYPTION" - Creates symmetric encryption keys.
	//   "RSA_SIGN_PSS_2048_SHA256" - RSASSA-PSS 2048 bit key with a SHA256
	// digest.
	//   "RSA_SIGN_PSS_3072_SHA256" - RSASSA-PSS 3072 bit key with a SHA256
	// digest.
	//   "RSA_SIGN_PSS_4096_SHA256" - RSASSA-PSS 4096 bit key with a SHA256
	// digest.
	//   "RSA_SIGN_PSS_4096_SHA512" - RSASSA-PSS 4096 bit key with a SHA512
	// digest.
	//   "RSA_SIGN_PKCS1_2048_SHA256" - RSASSA-PKCS1-v1_5 with a 2048 bit
	// key and a SHA256 digest.
	//   "RSA_SIGN_PKCS1_3072_SHA256" - RSASSA-PKCS1-v1_5 with a 3072 bit
	// key and a SHA256 digest.
	//   "RSA_SIGN_PKCS1_4096_SHA256" - RSASSA-PKCS1-v1_5 with a 4096 bit
	// key and a SHA256 digest.
	//   "RSA_SIGN_PKCS1_4096_SHA512" - RSASSA-PKCS1-v1_5 with a 4096 bit
	// key and a SHA512 digest.
	//   "RSA_DECRYPT_OAEP_2048_SHA256" - RSAES-OAEP 2048 bit key with a
	// SHA256 digest.
	//   "RSA_DECRYPT_OAEP_3072_SHA256" - RSAES-OAEP 3072 bit key with a
	// SHA256 digest.
	//   "RSA_DECRYPT_OAEP_4096_SHA256" - RSAES-OAEP 4096 bit key with a
	// SHA256 digest.
	//   "RSA_DECRYPT_OAEP_4096_SHA512" - RSAES-OAEP 4096 bit key with a
	// SHA512 digest.
	//   "EC_SIGN_P256_SHA256" - ECDSA on the NIST P-256 curve with a SHA256
	// digest.
	//   "EC_SIGN_P384_SHA384" - ECDSA on the NIST P-384 curve with a SHA384
	// digest.
	//   "EXTERNAL_SYMMETRIC_ENCRYPTION" - Algorithm representing symmetric
	// encryption by an external key manager.
	// +optional
	Algorithm *string `json:"algorithm,omitempty"`

	// ProtectionLevel: ProtectionLevel to use when creating a
	// CryptoKeyVersion based on
	// this template. Immutable. Defaults to SOFTWARE.
	//
	// Possible values:
	//   "PROTECTION_LEVEL_UNSPECIFIED" - Not specified.
	//   "SOFTWARE" - Crypto operations are performed in software.
	//   "HSM" - Crypto operations are performed in a Hardware Security
	// Module.
	//   "EXTERNAL" - Crypto operations are performed by an external key
	// manager.
	// +optional
	// +kubebuilder:validation:Enum=SOFTWARE;HSM;EXTERNAL
	ProtectionLevel *string `json:"protectionLevel,omitempty"`
}

A CryptoKeyVersionTemplate specifies the properties to use when creating a new CryptoKeyVersion, either manually with CreateCryptoKeyVersion or automatically as a result of auto-rotation.

func (*CryptoKeyVersionTemplate) DeepCopy 

func (in *CryptoKeyVersionTemplate) DeepCopy() *CryptoKeyVersionTemplate

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CryptoKeyVersionTemplate.

func (*CryptoKeyVersionTemplate) DeepCopyInto 

func (in *CryptoKeyVersionTemplate) DeepCopyInto(out *CryptoKeyVersionTemplate)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalProtectionLevelOptions 

type ExternalProtectionLevelOptions struct {
	// ExternalKeyUri: The URI for an external resource that this
	// CryptoKeyVersion represents.
	ExternalKeyUri string `json:"externalKeyUri,omitempty"` // nolint:golint
}

ExternalProtectionLevelOptions stores a group of additional fields for configuring a CryptoKeyVersion that are specific to the EXTERNAL protection level.

func (*ExternalProtectionLevelOptions) DeepCopy 

func (in *ExternalProtectionLevelOptions) DeepCopy() *ExternalProtectionLevelOptions

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalProtectionLevelOptions.

func (*ExternalProtectionLevelOptions) DeepCopyInto 

func (in *ExternalProtectionLevelOptions) DeepCopyInto(out *ExternalProtectionLevelOptions)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeyOperationAttestation 

type KeyOperationAttestation struct {
	// Content: Output only. The attestation data provided by the HSM when
	// the key
	// operation was performed.
	Content string `json:"content,omitempty"`

	// Format: Output only. The format of the attestation data.
	//
	// Possible values:
	//   "ATTESTATION_FORMAT_UNSPECIFIED" - Not specified.
	//   "CAVIUM_V1_COMPRESSED" - Cavium HSM attestation compressed with
	// gzip. Note that this format is
	// defined by Cavium and subject to change at any time.
	//   "CAVIUM_V2_COMPRESSED" - Cavium HSM attestation V2 compressed with
	// gzip. This is a new format
	// introduced in Cavium's version 3.2-08.
	Format string `json:"format,omitempty"`
}

KeyOperationAttestation contains an HSM-generated attestation about a key operation. For more information, see [Verifying attestations] (https://cloud.google.com/kms/docs/attest-key).

func (*KeyOperationAttestation) DeepCopy 

func (in *KeyOperationAttestation) DeepCopy() *KeyOperationAttestation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyOperationAttestation.

func (*KeyOperationAttestation) DeepCopyInto 

func (in *KeyOperationAttestation) DeepCopyInto(out *KeyOperationAttestation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeyRing 

type KeyRing struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   KeyRingSpec   `json:"spec"`
	Status KeyRingStatus `json:"status,omitempty"`
}

KeyRing is a managed resource that represents a Google KMS KeyRing +kubebuilder:subresource:status +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="LOCATION",type="string",JSONPath=".spec.forProvider.location" +kubebuilder:resource:scope=Cluster +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,gcp}

func (*KeyRing) DeepCopy 

func (in *KeyRing) DeepCopy() *KeyRing

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyRing.

func (*KeyRing) DeepCopyInto 

func (in *KeyRing) DeepCopyInto(out *KeyRing)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KeyRing) DeepCopyObject 

func (in *KeyRing) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*KeyRing) GetCondition 

func (mg *KeyRing) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this KeyRing.

func (*KeyRing) GetDeletionPolicy 

func (mg *KeyRing) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this KeyRing.

func (*KeyRing) GetProviderConfigReference 

func (mg *KeyRing) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this KeyRing.

func (*KeyRing) GetProviderReference 

func (mg *KeyRing) GetProviderReference() *xpv1.Reference

GetProviderReference of this KeyRing. Deprecated: Use GetProviderConfigReference.

func (*KeyRing) GetPublishConnectionDetailsTo 

func (mg *KeyRing) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this KeyRing.

func (*KeyRing) GetWriteConnectionSecretToReference 

func (mg *KeyRing) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this KeyRing.

func (*KeyRing) SetConditions 

func (mg *KeyRing) SetConditions(c ...xpv1.Condition)

SetConditions of this KeyRing.

func (*KeyRing) SetDeletionPolicy 

func (mg *KeyRing) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this KeyRing.

func (*KeyRing) SetProviderConfigReference 

func (mg *KeyRing) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this KeyRing.

func (*KeyRing) SetProviderReference 

func (mg *KeyRing) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this KeyRing. Deprecated: Use SetProviderConfigReference.

func (*KeyRing) SetPublishConnectionDetailsTo 

func (mg *KeyRing) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this KeyRing.

func (*KeyRing) SetWriteConnectionSecretToReference 

func (mg *KeyRing) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this KeyRing.

type KeyRingList 

type KeyRingList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []KeyRing `json:"items"`
}

KeyRingList contains a list of KeyRing types

func (*KeyRingList) DeepCopy 

func (in *KeyRingList) DeepCopy() *KeyRingList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyRingList.

func (*KeyRingList) DeepCopyInto 

func (in *KeyRingList) DeepCopyInto(out *KeyRingList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KeyRingList) DeepCopyObject 

func (in *KeyRingList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*KeyRingList) GetItems 

func (l *KeyRingList) GetItems() []resource.Managed

GetItems of this KeyRingList.

type KeyRingObservation 

type KeyRingObservation struct {
	// CreateTime: Output only. The time at which this KeyRing was created.
	CreateTime string `json:"createTime,omitempty"`

	// Name: Output only. The resource name for the KeyRing in the
	// format `projects/*/locations/*/keyRings/*`.
	Name string `json:"name,omitempty"`
}

KeyRingObservation is used to show the observed state of the KeyRing resource on GCP. All fields in this structure should only be populated from GCP responses; any changes made to the k8s resource outside of the crossplane gcp controller will be ignored and overwritten.

func (*KeyRingObservation) DeepCopy 

func (in *KeyRingObservation) DeepCopy() *KeyRingObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyRingObservation.

func (*KeyRingObservation) DeepCopyInto 

func (in *KeyRingObservation) DeepCopyInto(out *KeyRingObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeyRingParameters 

type KeyRingParameters struct {
	// The location for the KeyRing.
	// A full list of valid locations can be found by running 'gcloud kms locations list'.
	// +immutable
	Location string `json:"location"`
}

KeyRingParameters defines parameters for a desired KMS KeyRing https://cloud.google.com/kms/docs/reference/rest/v1/projects.locations.keyRings The name of the key ring (ie the `keyRingId` parameter of the Create call) is determined by the value of the `crossplane.io/external-name` annotation. Unless overridden by the user, this annotation is automatically populated with the value of the `metadata.name` attribute.

func (*KeyRingParameters) DeepCopy 

func (in *KeyRingParameters) DeepCopy() *KeyRingParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyRingParameters.

func (*KeyRingParameters) DeepCopyInto 

func (in *KeyRingParameters) DeepCopyInto(out *KeyRingParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeyRingSpec 

type KeyRingSpec struct {
	xpv1.ResourceSpec `json:",inline"`
	ForProvider       KeyRingParameters `json:"forProvider"`
}

KeyRingSpec defines the desired state of a KeyRing.

func (*KeyRingSpec) DeepCopy 

func (in *KeyRingSpec) DeepCopy() *KeyRingSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyRingSpec.

func (*KeyRingSpec) DeepCopyInto 

func (in *KeyRingSpec) DeepCopyInto(out *KeyRingSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeyRingStatus 

type KeyRingStatus struct {
	xpv1.ResourceStatus `json:",inline"`
	AtProvider          KeyRingObservation `json:"atProvider,omitempty"`
}

KeyRingStatus represents the observed state of a KeyRing.

func (*KeyRingStatus) DeepCopy 

func (in *KeyRingStatus) DeepCopy() *KeyRingStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyRingStatus.

func (*KeyRingStatus) DeepCopyInto 

func (in *KeyRingStatus) DeepCopyInto(out *KeyRingStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.