v1alpha1

package
v0.0.0-...-a0d0389 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 2, 2022 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Overview

Package v1alpha1 contains API Schema definitions for the aws v1alpha1 API group +kubebuilder:object:generate=true +groupName=aws.managed.openshift.io

Index

Constants

View Source 
const (
	// AccountStatusRequested const for Requested status
	AccountStatusRequested AccountStateStatus = "Requested"
	// AccountStatusClaimed const for Claimed status
	AccountStatusClaimed AccountStateStatus = "Claimed"
	// AccountCrNamespace namespace where AWS accounts will be created
	AccountCrNamespace = "aws-account-operator"
	// AccountOperatorIAMRole is the name for IAM user creating resources in account
	AccountOperatorIAMRole = "OrganizationAccountAccessRole"
	// SREAccessRoleName for CCS Account Access
	SREAccessRoleName = "RH-SRE-CCS-Access"
	// AccountFinalizer is the string finalizer name
	AccountFinalizer = "finalizer.aws.managed.openshift.io"
)

Variables

View Source 
var (
	// GroupVersion is group version used to register these objects
	GroupVersion = schema.GroupVersion{Group: "aws.managed.openshift.io", Version: "v1alpha1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var AccountIDLabel = "awsAccountID"

AccountIDLabel is the string for the AWS Account ID label on AWS Federated Account Access CRs

View Source 
var AwsUSEastOneRegion = "us-east-1"

AwsUSEastOneRegion holds the key for the aws east one region

View Source 
var AwsUSGovEastOneRegion = "us-gov-east-1"

AwsUSGovEastOneRegion holds the key for the aws us gov east one region

View Source 
var CCSAccessARN = "CCS-Access-Arn"
View Source 
var ClusterAccountNameTagKey = "clusterAccountName"

ClusterAccountNameTagKey is the AWS key name for cluster account name

View Source 
var ClusterClaimLinkNamespaceTagKey = "clusterClaimLinkNamespace"

ClusterClaimLinkNamespaceTagKey is the AWS key name for cluster claim namespace

View Source 
var ClusterClaimLinkTagKey = "clusterClaimLink"

ClusterClaimLinkTagKey is the AWS key name for cluster claim

View Source 
var ClusterNamespaceTagKey = "clusterNamespace"

ClusterNamespaceTagKey is the AWS key name for cluster namespace

View Source 
var DefaultConfigMap = "aws-account-operator-configmap"

DefaultConfigMap holds the expected name for the operator's ConfigMap

View Source 
var DefaultConfigMapAccountLimit = 100

DefaultConfigMapAccountLimit holds the fallback limit of aws-accounts

View Source 
var EC2InstanceNameTagKey = "Name"

Used to name the EC2 instance we spin up when initializing an AWS region

View Source 
var EC2InstanceNameTagValue = "red-hat-region-init"
View Source 
var EmailID = "osd-creds-mgmt"

EmailID is the ID used for prefixing Account CR names

View Source 
var ErrAWSSecretRefMissing = errors.New("AWSSecretRefMissing")

ErrAWSSecretRefMissing is an error for missing AWS Secret References

View Source 
var ErrAccAlreadyInOU = errors.New("ErrAccAlreadyInOU")

ErrAccAlreadyInOU indicates that an account is already in an OU

View Source 
var ErrAccMoveRaceCondition = errors.New("ErrAccMoveRaceCondition")

ErrAccMoveRaceCondition indicates a race condition while moving the account

View Source 
var ErrAccessDenied = errors.New("AuthorizationError")

ErrAccessDenied indicates an AWS error from an API call

View Source 
var ErrAccountWatcherNoTotal = errors.New("AccountWatcherHasNoTotal")

ErrAccountWatcherNoTotal indicates the TotalAccountWatcher has not run successfully yet.

View Source 
var ErrAwsAccountLimitExceeded = errors.New("AccountLimitExceeded")

ErrAwsAccountLimitExceeded indicates the orgnization account limit has been reached.

View Source 
var ErrAwsCaseCreationLimitExceeded = errors.New("SupportCaseLimitExceeded")

ErrAwsCaseCreationLimitExceeded indicates that the support case limit for the account has been reached

View Source 
var ErrAwsFailedCreateAccount = errors.New("FailedCreateAccount")

ErrAwsFailedCreateAccount indicates that an account creation failed

View Source 
var ErrAwsFailedCreateSupportCase = errors.New("FailedCreateSupportCase")

ErrAwsFailedCreateSupportCase indicates that a support case creation failed

View Source 
var ErrAwsFailedDescribeSupportCase = errors.New("FailedDescribeSupportCase")

ErrAwsFailedDescribeSupportCase indicates that the support case describe failed

View Source 
var ErrAwsInternalFailure = errors.New("InternalFailure")

ErrAwsInternalFailure indicates that there was an internal failure on the aws api

View Source 
var ErrAwsSupportCaseIDNotFound = errors.New("SupportCaseIdNotfound")

ErrAwsSupportCaseIDNotFound indicates that the support case ID was not found

View Source 
var ErrAwsTooManyRequests = errors.New("TooManyRequestsException")

ErrAwsTooManyRequests indicates that to many requests were sent in a short period

View Source 
var ErrBYOCAccountIDMissing = errors.New("BYOCAccountIDMissing")

ErrBYOCAccountIDMissing is an error for missing Account ID

View Source 
var ErrBYOCSecretRefMissing = errors.New("BYOCSecretRefMissing")

ErrBYOCSecretRefMissing is an error for missing BYOC Secret References

View Source 
var ErrChildNotFound = errors.New("ChildNotFoundInOU")

ErrChildNotFound indicates that a child was not found inside an OU

View Source 
var ErrCreateEC2Instance = errors.New("EC2CreationTimeout")

ErrCreateEC2Instance indicates that the CreateEC2Instance function timed out

View Source 
var ErrFailedAWSTypecast = errors.New("FailedToTypecastAWSError")

ErrFailedAWSTypecast indicates that there was a failure while typecasting to aws error

View Source 
var ErrFailedToCreateSubnet = errors.New("FailedToCreateSubnet")

ErrFailedToCreateSubnet indicates that there was a failure while trying to create subnet

View Source 
var ErrFailedToCreateVpc = errors.New("FailedToCreateVpc")

ErrFailedToCreateVpc indicates that there was a failure while trying to create a VPC

View Source 
var ErrFailedToDeleteSubnet = errors.New("FailedToDeleteSubnet")

ErrFailedToDeleteSubnet indicates that there was a failure while trying to delete subnet

View Source 
var ErrFailedToDeleteVpc = errors.New("FailedToDeleteVpc")

ErrFailedToDeleteVpc indicates that there was a failure while trying to delete a VPC

View Source 
var ErrFederationTokenOutputNil = errors.New("FederationTokenOutputNil")

ErrFederationTokenOutputNil indicates that getting a federation token from AWS failed

View Source 
var ErrInvalidConfigMap = errors.New("ConfigMapInvalid")

ErrInvalidConfigMap indicates that the ConfigMap has invalid fields

View Source 
var ErrInvalidToken = errors.New("InvalidClientTokenId")

ErrInvalidToken indiacates an invalid token

View Source 
var ErrMissingDefaultConfigMap = errors.New("MissingDefaultConfigMap")

ErrMissingDefaultConfigMap indicates that the expected default confimap was not found

View Source 
var ErrNonexistentOU = errors.New("OUWithNameNotFound")

ErrNonexistentOU indicates that an OU does not exist

View Source 
var ErrSTSRoleARNMissing = errors.New("STSRoleARNMissing")

ErrSTSRoleARNMissing is an error for missing STS Role ARN definition in the AccountClaim

View Source 
var ErrUnexpectedValue = errors.New("UnexpectedValue")

ErrUnexpectedValue indicates that a given variable has an unespected nil value

View Source 
var FedrampManagedOpenShiftSupportRoleARN = "arn:aws-us-gov:iam::%s:role/ManagedOpenShift-Support-%s"

fedramp arn

View Source 
var IAMUserIDLabel = "iamUserId"

IAMUserIDLabel label key for IAM user suffix

View Source 
var InstanceResourceType = "instance"

InstanceResourceType is the resource type used when building Instance tags

View Source 
var ManagedOpenShiftSupportRole = "ManagedOpenShift-Support"

ManagedOpenShift-Support role used to access non-STS clusters.

View Source 
var ManagedOpenShiftSupportRoleARN = "arn:aws:iam::%s:role/ManagedOpenShift-Support-%s"
View Source 
var ManagedTagsConfigMapKey = "aws-managed-tags"

ManagedTagsConfigMapKey defines the default key for the configmap to add the defined tags to AWS resources

View Source 
var SubnetResourceType = "subnet"

SubnetResourceType is the resource type used when building Subnet tags

View Source 
var SupportJumpRole = "support-jump-role"
View Source 
var UIDLabel = "uid"

UIDLabel is the string for the uid label on AWS Federated Account Access CRs

View Source 
var VolumeResourceType = "volume"

VolumeResourceType is the resource type used when building Volume tags

View Source 
var VpcResourceType = "vpc"

VpcResourceType is the resource type used when building Vpc tags

Functions

func GetOpenAPIDefinitions 

func GetOpenAPIDefinitions(ref common.ReferenceCallback) map[string]common.OpenAPIDefinition

Types

type AWSCustomPolicy 

type AWSCustomPolicy struct {
	Name        string           `json:"name"`
	Description string           `json:"description"`
	Statements  []StatementEntry `json:"awsStatements"`
}

AWSCustomPolicy holds the data required to create a custom policy in aws.

func (*AWSCustomPolicy) DeepCopy 

func (in *AWSCustomPolicy) DeepCopy() *AWSCustomPolicy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSCustomPolicy.

func (*AWSCustomPolicy) DeepCopyInto 

func (in *AWSCustomPolicy) DeepCopyInto(out *AWSCustomPolicy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AWSFederatedAccountAccess 

type AWSFederatedAccountAccess struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AWSFederatedAccountAccessSpec   `json:"spec,omitempty"`
	Status AWSFederatedAccountAccessStatus `json:"status,omitempty"`
}

AWSFederatedAccountAccess is the Schema for the awsfederatedaccountaccesses API +k8s:openapi-gen=true +kubebuilder:subresource:status +kubebuilder:printcolumn:name="State",type="string",JSONPath=".status.state",description="Status the federated account access user" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp",description="Age since federated account access user was created" +kubebuilder:resource:path=awsfederatedaccountaccesses,scope=Namespaced

func (*AWSFederatedAccountAccess) DeepCopy 

func (in *AWSFederatedAccountAccess) DeepCopy() *AWSFederatedAccountAccess

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSFederatedAccountAccess.

func (*AWSFederatedAccountAccess) DeepCopyInto 

func (in *AWSFederatedAccountAccess) DeepCopyInto(out *AWSFederatedAccountAccess)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AWSFederatedAccountAccess) DeepCopyObject 

func (in *AWSFederatedAccountAccess) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AWSFederatedAccountAccessCondition 

type AWSFederatedAccountAccessCondition struct {
	// Type is the type of the condition.
	Type AWSFederatedAccountAccessConditionType `json:"type"`
	// Status is the status of the condition
	Status corev1.ConditionStatus `json:"status"`
	// LastProbeTime is the last time we probed the condition.
	// +optional
	LastProbeTime metav1.Time `json:"lastProbeTime,omitempty"`
	// LastTransitionTime is the laste time the condition transitioned from one status to another.
	// +optional
	LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"`
	// Reason is a unique, one-word, CamelCase reason for the condition's last transition.
	// +optional
	Reason string `json:"reason,omitempty"`
	// Message is a human-readable message indicating details about last transition.
	// +optional
	Message string `json:"message,omitempty"`
}

AWSFederatedAccountAccessCondition defines a current condition state of the account

func (*AWSFederatedAccountAccessCondition) DeepCopy 

func (in *AWSFederatedAccountAccessCondition) DeepCopy() *AWSFederatedAccountAccessCondition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSFederatedAccountAccessCondition.

func (*AWSFederatedAccountAccessCondition) DeepCopyInto 

func (in *AWSFederatedAccountAccessCondition) DeepCopyInto(out *AWSFederatedAccountAccessCondition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AWSFederatedAccountAccessConditionType 

type AWSFederatedAccountAccessConditionType string

AWSFederatedAccountAccessConditionType is a valid value for AccountCondition.Type 

const (
	// AWSFederatedAccountInProgress is set when an Account access is in progress
	AWSFederatedAccountInProgress AWSFederatedAccountAccessConditionType = "InProgress"
	// AWSFederatedAccountReady is set when an Account access has been successfully applied
	AWSFederatedAccountReady AWSFederatedAccountAccessConditionType = "Ready"
	// AWSFederatedAccountFailed is set when account access has failed to apply
	AWSFederatedAccountFailed AWSFederatedAccountAccessConditionType = "Failed"
)

type AWSFederatedAccountAccessList 

type AWSFederatedAccountAccessList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AWSFederatedAccountAccess `json:"items"`
}

AWSFederatedAccountAccessList contains a list of AWSFederatedAccountAccess

func (*AWSFederatedAccountAccessList) DeepCopy 

func (in *AWSFederatedAccountAccessList) DeepCopy() *AWSFederatedAccountAccessList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSFederatedAccountAccessList.

func (*AWSFederatedAccountAccessList) DeepCopyInto 

func (in *AWSFederatedAccountAccessList) DeepCopyInto(out *AWSFederatedAccountAccessList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AWSFederatedAccountAccessList) DeepCopyObject 

func (in *AWSFederatedAccountAccessList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AWSFederatedAccountAccessSpec 

type AWSFederatedAccountAccessSpec struct {
	// ExternalCustomerAWSARN holds the external AWS IAM ARN
	ExternalCustomerAWSIAMARN string `json:"externalCustomerAWSIAMARN"`
	// AWSCustomerCredentialSecret holds the credentials to the cluster account where the role wil be created
	AWSCustomerCredentialSecret AWSSecretReference `json:"awsCustomerCredentialSecret"`
	// FederatedRoleName must be the name of a federatedrole cr that currently exists
	AWSFederatedRole AWSFederatedRoleRef `json:"awsFederatedRole"`
}

AWSFederatedAccountAccessSpec defines the desired state of AWSFederatedAccountAccess +k8s:openapi-gen=true

func (*AWSFederatedAccountAccessSpec) DeepCopy 

func (in *AWSFederatedAccountAccessSpec) DeepCopy() *AWSFederatedAccountAccessSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSFederatedAccountAccessSpec.

func (*AWSFederatedAccountAccessSpec) DeepCopyInto 

func (in *AWSFederatedAccountAccessSpec) DeepCopyInto(out *AWSFederatedAccountAccessSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AWSFederatedAccountAccessState 

type AWSFederatedAccountAccessState string

AWSFederatedAccountAccessState defines the various status an FederatedAccountAccess CR can have 

const (
	// AWSFederatedAccountAccessStateInProgress const for InProgress status state
	AWSFederatedAccountAccessStateInProgress AWSFederatedAccountAccessState = "InProgress"
	// AWSFederatedAccountStateReady const for Applied status state
	AWSFederatedAccountStateReady AWSFederatedAccountAccessState = "Ready"
	// AWSFederatedAccountStateFailed cont for Failed status state
	AWSFederatedAccountStateFailed AWSFederatedAccountAccessState = "Failed"
)

type AWSFederatedAccountAccessStatus 

type AWSFederatedAccountAccessStatus struct {
	// +listType=map
	// +listMapKey=type
	Conditions []AWSFederatedAccountAccessCondition `json:"conditions"`
	State      AWSFederatedAccountAccessState       `json:"state"`
	ConsoleURL string                               `json:"consoleURL,omitempty"`
}

AWSFederatedAccountAccessStatus defines the observed state of AWSFederatedAccountAccess +k8s:openapi-gen=true

func (*AWSFederatedAccountAccessStatus) DeepCopy 

func (in *AWSFederatedAccountAccessStatus) DeepCopy() *AWSFederatedAccountAccessStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSFederatedAccountAccessStatus.

func (*AWSFederatedAccountAccessStatus) DeepCopyInto 

func (in *AWSFederatedAccountAccessStatus) DeepCopyInto(out *AWSFederatedAccountAccessStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AWSFederatedRole 

type AWSFederatedRole struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AWSFederatedRoleSpec   `json:"spec,omitempty"`
	Status AWSFederatedRoleStatus `json:"status,omitempty"`
}

AWSFederatedRole is the Schema for the awsfederatedroles API +k8s:openapi-gen=true +kubebuilder:subresource:status +kubebuilder:printcolumn:name="State",type="string",JSONPath=".status.state",description="Status the federated role" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp",description="Age since federated role was created" +kubebuilder:resource:path=awsfederatedroles,scope=Namespaced

func (*AWSFederatedRole) DeepCopy 

func (in *AWSFederatedRole) DeepCopy() *AWSFederatedRole

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSFederatedRole.

func (*AWSFederatedRole) DeepCopyInto 

func (in *AWSFederatedRole) DeepCopyInto(out *AWSFederatedRole)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AWSFederatedRole) DeepCopyObject 

func (in *AWSFederatedRole) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AWSFederatedRoleCondition 

type AWSFederatedRoleCondition struct {
	// Type is the type of the condition.
	Type AWSFederatedRoleConditionType `json:"type"`
	// Status is the status of the condition
	Status corev1.ConditionStatus `json:"status"`
	// LastProbeTime is the last time we probed the condition.
	// +optional
	LastProbeTime metav1.Time `json:"lastProbeTime,omitempty"`
	// LastTransitionTime is the laste time the condition transitioned from one status to another.
	// +optional
	LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"`
	// Reason is a unique, one-word, CamelCase reason for the condition's last transition.
	// +optional
	Reason string `json:"reason,omitempty"`
	// Message is a human-readable message indicating details about last transition.
	// +optional
	Message string `json:"message,omitempty"`
}

AWSFederatedRoleCondition is a Kubernetes condition type for tracking AWS Federated Role status changes

func (*AWSFederatedRoleCondition) DeepCopy 

func (in *AWSFederatedRoleCondition) DeepCopy() *AWSFederatedRoleCondition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSFederatedRoleCondition.

func (*AWSFederatedRoleCondition) DeepCopyInto 

func (in *AWSFederatedRoleCondition) DeepCopyInto(out *AWSFederatedRoleCondition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AWSFederatedRoleConditionType 

type AWSFederatedRoleConditionType string

AWSFederatedRoleConditionType is a valid value for AWSFederatedStateCondition Type 

const (
	// AWSFederatedRoleInProgress is set when an awsfederated role is InProgress
	AWSFederatedRoleInProgress AWSFederatedRoleConditionType = "InProgress"
	// AWSFederatedRoleValid is set when an awsfederated role is valid
	AWSFederatedRoleValid AWSFederatedRoleConditionType = "Valid"
	// AWSFederatedRoleInvalid is set when an awsfederated role is invalid
	AWSFederatedRoleInvalid AWSFederatedRoleConditionType = "Invalid"
)

type AWSFederatedRoleList 

type AWSFederatedRoleList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AWSFederatedRole `json:"items"`
}

AWSFederatedRoleList contains a list of AWSFederatedRole

func (*AWSFederatedRoleList) DeepCopy 

func (in *AWSFederatedRoleList) DeepCopy() *AWSFederatedRoleList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSFederatedRoleList.

func (*AWSFederatedRoleList) DeepCopyInto 

func (in *AWSFederatedRoleList) DeepCopyInto(out *AWSFederatedRoleList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AWSFederatedRoleList) DeepCopyObject 

func (in *AWSFederatedRoleList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AWSFederatedRoleRef 

type AWSFederatedRoleRef struct {
	Name      string `json:"name"`
	Namespace string `json:"namespace"`
}

AWSFederatedRoleRef holds the name and namespace to reference an AWSFederatedRole CR

func (*AWSFederatedRoleRef) DeepCopy 

func (in *AWSFederatedRoleRef) DeepCopy() *AWSFederatedRoleRef

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSFederatedRoleRef.

func (*AWSFederatedRoleRef) DeepCopyInto 

func (in *AWSFederatedRoleRef) DeepCopyInto(out *AWSFederatedRoleRef)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AWSFederatedRoleSpec 

type AWSFederatedRoleSpec struct {
	// RoleDisplayName is a user friendly display name for the OCM user interface
	RoleDisplayName string `json:"roleDisplayName"`
	// RoleDescription is a user friendly description of the role, this discription will be displayed in the OCM user interface
	RoleDescription string `json:"roleDescription"`
	// AWSCustomPolicy is the defenition of a custom aws permission policy that will be associated with this role
	// +optional
	AWSCustomPolicy AWSCustomPolicy `json:"awsCustomPolicy,omitempty"`
	// AWSManagedPolicies is a list of amazong managed policies that exist in aws
	// +optional
	// +listType=atomic
	AWSManagedPolicies []string `json:"awsManagedPolicies,omitempty"`
}

AWSFederatedRoleSpec defines the desired state of AWSFederatedRole +k8s:openapi-gen=true

func (*AWSFederatedRoleSpec) DeepCopy 

func (in *AWSFederatedRoleSpec) DeepCopy() *AWSFederatedRoleSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSFederatedRoleSpec.

func (*AWSFederatedRoleSpec) DeepCopyInto 

func (in *AWSFederatedRoleSpec) DeepCopyInto(out *AWSFederatedRoleSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AWSFederatedRoleState 

type AWSFederatedRoleState string

AWSFederatedRoleState defines the various status an AWSFederatedRole CR can have 

const (
	// AWSFederatedRoleStateValid const for Requested status state
	AWSFederatedRoleStateValid AWSFederatedRoleState = "Valid"
	// AWSFederatedRoleStateInvalid const for Invliad status state
	AWSFederatedRoleStateInvalid AWSFederatedRoleState = "Invalid"
)

type AWSFederatedRoleStatus 

type AWSFederatedRoleStatus struct {
	State AWSFederatedRoleState `json:"state"`
	// +listType=map
	// +listMapKey=type
	Conditions []AWSFederatedRoleCondition `json:"conditions"`
}

AWSFederatedRoleStatus defines the observed state of AWSFederatedRole +k8s:openapi-gen=true

func (*AWSFederatedRoleStatus) DeepCopy 

func (in *AWSFederatedRoleStatus) DeepCopy() *AWSFederatedRoleStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSFederatedRoleStatus.

func (*AWSFederatedRoleStatus) DeepCopyInto 

func (in *AWSFederatedRoleStatus) DeepCopyInto(out *AWSFederatedRoleStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AWSSecretReference 

type AWSSecretReference struct {
	Name      string `json:"name"`
	Namespace string `json:"namespace"`
}

AWSSecretReference holds the name and namespace of an secret containing credentials to cluster account

func (*AWSSecretReference) DeepCopy 

func (in *AWSSecretReference) DeepCopy() *AWSSecretReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSSecretReference.

func (*AWSSecretReference) DeepCopyInto 

func (in *AWSSecretReference) DeepCopyInto(out *AWSSecretReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Account 

type Account struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AccountSpec   `json:"spec,omitempty"`
	Status AccountStatus `json:"status,omitempty"`
}

Account is the Schema for the accounts API +k8s:openapi-gen=true +kubebuilder:subresource:status +kubebuilder:printcolumn:name="State",type="string",JSONPath=".status.state",description="Status the account" +kubebuilder:printcolumn:name="Claimed",type="boolean",JSONPath=".status.claimed",description="True if the account has been claimed" +kubebuilder:printcolumn:name="Claim",type="string",JSONPath=".spec.claimLink",description="Link to the account claim CR" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp",description="Age since the account was created" +kubebuilder:resource:path=accounts,scope=Namespaced

func (*Account) DeepCopy 

func (in *Account) DeepCopy() *Account

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Account.

func (*Account) DeepCopyInto 

func (in *Account) DeepCopyInto(out *Account)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Account) DeepCopyObject 

func (in *Account) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Account) GetCondition 

func (a *Account) GetCondition(conditionType AccountConditionType) *AccountCondition

GetCondition finds the condition that has the specified condition type in the given list. If none exists, then returns nil.

func (*Account) HasAwsAccountID 

func (a *Account) HasAwsAccountID() bool

HasAwsAccountID returns true if awsAccountID is set

func (*Account) HasAwsv1alpha1Finalizer 

func (a *Account) HasAwsv1alpha1Finalizer() bool

HasAwsv1alpha1Finalizer returns true if the awsv1alpha1 finalizer is set on the account

func (*Account) HasBeenClaimedAtLeastOnce 

func (a *Account) HasBeenClaimedAtLeastOnce() bool

HasBeenClaimed lets us know if an account has been claimed at some point and can only be reused by clusters in the same legal entity 

func (a *Account) HasClaimLink() bool

HasClaimLink returns true if an accounts claim link is not empty

func (*Account) HasNeverBeenClaimed 

func (a *Account) HasNeverBeenClaimed() bool

HasNeverBeenClaimed returns true if the account is not claimed AND has no legalEntity set, meaning it hasn't been claimed before and is not available for reuse

func (*Account) HasState 

func (a *Account) HasState() bool

HasState returns true if an account has a state set at all

func (*Account) HasSupportCaseID 

func (a *Account) HasSupportCaseID() bool

HasSupportCaseID returns true if an account has a SupportCaseID Set

func (*Account) IsBYOC 

func (a *Account) IsBYOC() bool

IsBYOC returns true if account is a BYOC account

func (*Account) IsBYOCAndNotReady 

func (a *Account) IsBYOCAndNotReady() bool

IsBYOCAndNotReady returns true if account is BYOC and the state is not AccountReady

func (*Account) IsBYOCPendingDeletionWithFinalizer 

func (a *Account) IsBYOCPendingDeletionWithFinalizer() bool

IsBYOCPendingDeletionWithFinalizer returns true if account is a BYOC Account, has been marked for deletion (deletion timestamp set), and has a finalizer set.

func (*Account) IsClaimed 

func (a *Account) IsClaimed() bool

IsClaimed returns true if account Status.Claimed is false

func (*Account) IsCreating 

func (a *Account) IsCreating() bool

IsCreating returns true if an account is creating

func (*Account) IsFailed 

func (a *Account) IsFailed() bool

IsFailed returns true if an account is in a failed state

func (*Account) IsInitializingRegions 

func (a *Account) IsInitializingRegions() bool

IsInitializingRegions returns true if the account state is InitalizingRegions

func (*Account) IsNonSTSPendingDeletionWithFinalizer 

func (a *Account) IsNonSTSPendingDeletionWithFinalizer() bool

func (*Account) IsOwnedByAccountPool 

func (a *Account) IsOwnedByAccountPool() bool

IsOwnedByAccountPool returns true if the account has an ownerreference type that is the accountpool

func (*Account) IsPendingDeletion 

func (a *Account) IsPendingDeletion() bool

IsPendingDeletion returns true if a DeletionTimestamp has been set

func (*Account) IsPendingVerification 

func (a *Account) IsPendingVerification() bool

IsPendingVerification returns true if the account is in a PendingVerification state

func (*Account) IsProgressing 

func (a *Account) IsProgressing() bool

IsProgressing returns true if the account state is Creating, Pending Verification, or InitializingRegions

func (*Account) IsReady 

func (a *Account) IsReady() bool

IsReady returns true if an account is ready 

func (a *Account) IsReadyUnclaimedAndHasClaimLink() bool

IsReadyUnclaimedAndHasClaimLink returns true if an account is ready, unclaimed, and has a claim link

func (*Account) IsSTS 

func (a *Account) IsSTS() bool

func (*Account) IsUnclaimedAndHasNoState 

func (a *Account) IsUnclaimedAndHasNoState() bool

IsUnclaimedAndHasNoState returns true if account has not set state and has not been claimed

func (*Account) IsUnclaimedAndIsCreating 

func (a *Account) IsUnclaimedAndIsCreating() bool

IsUnclaimedAndIsCreating returns true if account state is AccountCreating and has not been claimed

func (*Account) ReadyForInitialization 

func (a *Account) ReadyForInitialization() bool

ReadyForInitialization returns true if account is a BYOC Account and the state is not ready OR accout state is creating, and has not been claimed

type AccountClaim 

type AccountClaim struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AccountClaimSpec   `json:"spec,omitempty"`
	Status AccountClaimStatus `json:"status,omitempty"`
}

AccountClaim is the Schema for the accountclaims API +k8s:openapi-gen=true +kubebuilder:subresource:status +kubebuilder:printcolumn:name="State",type="string",JSONPath=".status.state",description="Status the account claim" +kubebuilder:printcolumn:name="Account",type="string",JSONPath=".spec.accountLink",description="Account CR link for the account claim" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp",description="Age since the account claim was created" +kubebuilder:resource:path=accountclaims,scope=Namespaced

func (*AccountClaim) DeepCopy 

func (in *AccountClaim) DeepCopy() *AccountClaim

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountClaim.

func (*AccountClaim) DeepCopyInto 

func (in *AccountClaim) DeepCopyInto(out *AccountClaim)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AccountClaim) DeepCopyObject 

func (in *AccountClaim) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AccountClaim) Validate 

func (a *AccountClaim) Validate() error

Validates an AccountClaim object

type AccountClaimCondition 

type AccountClaimCondition struct {
	// Type is the type of the condition.
	Type AccountClaimConditionType `json:"type"`
	// Status is the status of the condition.
	Status corev1.ConditionStatus `json:"status"`
	// LastProbeTime is the last time we probed the condition.
	// +optional
	LastProbeTime metav1.Time `json:"lastProbeTime,omitempty"`
	// LastTransitionTime is the last time the condition transitioned from one status to another.
	// +optional
	LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"`
	// Reason is a unique, one-word, CamelCase reason for the condition's last transition.
	// +optional
	Reason string `json:"reason,omitempty"`
	// Message is a human-readable message indicating details about last transition.
	// +optional
	Message string `json:"message,omitempty"`
}

AccountClaimCondition contains details for the current condition of a AWS account claim

func (*AccountClaimCondition) DeepCopy 

func (in *AccountClaimCondition) DeepCopy() *AccountClaimCondition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountClaimCondition.

func (*AccountClaimCondition) DeepCopyInto 

func (in *AccountClaimCondition) DeepCopyInto(out *AccountClaimCondition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AccountClaimConditionType 

type AccountClaimConditionType string

AccountClaimConditionType is a valid value for AccountClaimCondition.Type 

const (
	// AccountClaimed is set when an Account is claimed
	AccountClaimed AccountClaimConditionType = "Claimed"
	// CCSAccountClaimFailed is set when a CCS Account Fails
	CCSAccountClaimFailed AccountClaimConditionType = "CCSAccountClaimFailed"
	// AccountClaimFailed is set when a standard Account Fails
	AccountClaimFailed AccountClaimConditionType = "AccountClaimFailed"
	// AccountUnclaimed is set when an Account is not claimed
	AccountUnclaimed AccountClaimConditionType = "Unclaimed"
	// ClientError is set when an Error regarding the client occurred
	ClientError AccountClaimConditionType = "ClientError"
	// AuthenticationFailed is set when we get an AWS error from STS role assumption
	AuthenticationFailed AccountClaimConditionType = "AuthenticationFailed"
	// InvalidAccountClaim is set when the account claim CR is missing required values
	InvalidAccountClaim AccountClaimConditionType = "InvalidAccountClaim"
	// InternalError is set when a serious internal issue arrises
	InternalError AccountClaimConditionType = "InternalError"
)

type AccountClaimList 

type AccountClaimList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AccountClaim `json:"items"`
}

AccountClaimList contains a list of AccountClaim

func (*AccountClaimList) DeepCopy 

func (in *AccountClaimList) DeepCopy() *AccountClaimList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountClaimList.

func (*AccountClaimList) DeepCopyInto 

func (in *AccountClaimList) DeepCopyInto(out *AccountClaimList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AccountClaimList) DeepCopyObject 

func (in *AccountClaimList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AccountClaimSpec 

type AccountClaimSpec struct {
	LegalEntity         LegalEntity `json:"legalEntity"`
	AwsCredentialSecret SecretRef   `json:"awsCredentialSecret"`
	Aws                 Aws         `json:"aws"`
	AccountLink         string      `json:"accountLink"`
	AccountOU           string      `json:"accountOU,omitempty"`
	BYOC                bool        `json:"byoc,omitempty"`
	BYOCSecretRef       SecretRef   `json:"byocSecretRef,omitempty"`
	BYOCAWSAccountID    string      `json:"byocAWSAccountID,omitempty"`
	ManualSTSMode       bool        `json:"manualSTSMode,omitempty"`
	STSRoleARN          string      `json:"stsRoleARN,omitempty"`
	STSExternalID       string      `json:"stsExternalID,omitempty"`
	SupportRoleARN      string      `json:"supportRoleARN,omitempty"`
	CustomTags          string      `json:"customTags,omitempty"`
	KmsKeyId            string      `json:"kmsKeyId,omitempty"`
}

AccountClaimSpec defines the desired state of AccountClaim +k8s:openapi-gen=true

func (*AccountClaimSpec) DeepCopy 

func (in *AccountClaimSpec) DeepCopy() *AccountClaimSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountClaimSpec.

func (*AccountClaimSpec) DeepCopyInto 

func (in *AccountClaimSpec) DeepCopyInto(out *AccountClaimSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AccountClaimStatus 

type AccountClaimStatus struct {
	// +listType=map
	// +listMapKey=type
	Conditions []AccountClaimCondition `json:"conditions"`

	State ClaimStatus `json:"state"`
}

AccountClaimStatus defines the observed state of AccountClaim +k8s:openapi-gen=true

func (*AccountClaimStatus) DeepCopy 

func (in *AccountClaimStatus) DeepCopy() *AccountClaimStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountClaimStatus.

func (*AccountClaimStatus) DeepCopyInto 

func (in *AccountClaimStatus) DeepCopyInto(out *AccountClaimStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AccountCondition 

type AccountCondition struct {
	// Type is the type of the condition.
	// +optional
	Type AccountConditionType `json:"type,omitempty"`
	// Status is the status of the condition
	Status corev1.ConditionStatus `json:"status,omitempty"`
	// LastProbeTime is the last time we probed the condition.
	// +optional
	LastProbeTime metav1.Time `json:"lastProbeTime,omitempty"`
	// LastTransitionTime is the laste time the condition transitioned from one status to another.
	// +optional
	LastTransitionTime metav1.Time `json:"lastTransitionTime,omitempty"`
	// Reason is a unique, one-word, CamelCase reason for the condition's last transition.
	// +optional
	Reason string `json:"reason,omitempty"`
	// Message is a human-readable message indicating details about last transition.
	// +optional
	Message string `json:"message,omitempty"`
}

AccountCondition contains details for the current condition of a AWS account +k8s:openapi-gen=true

func (*AccountCondition) DeepCopy 

func (in *AccountCondition) DeepCopy() *AccountCondition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountCondition.

func (*AccountCondition) DeepCopyInto 

func (in *AccountCondition) DeepCopyInto(out *AccountCondition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AccountConditionType 

type AccountConditionType string

AccountConditionType is a valid value for AccountCondition.Type 

const (
	// AccountCreating is set when an Account is being created
	AccountCreating AccountConditionType = "Creating"
	// AccountReady is set when an Account creation is ready
	AccountReady AccountConditionType = "Ready"
	// AccountFailed is set when account creation has failed
	AccountFailed AccountConditionType = "Failed"
	// AccountCreationFailed is set during AWS account creation
	AccountCreationFailed AccountConditionType = "AccountCreationFailed"
	// AccountPending is set when account creation is pending
	AccountPending AccountConditionType = "Pending"
	// AccountPendingVerification is set when account creation is pending
	AccountPendingVerification AccountConditionType = "PendingVerification"
	// FIXME: Have to call this different than "AccountClaimed", as that clashes
	// with the AccountClaimConditionType
	AccountIsClaimed AccountConditionType = "Claimed"
	// AccountReused is set when account is reused
	AccountReused AccountConditionType = "Reused"
	// AccountClientError is set when there was an issue getting a client
	AccountClientError AccountConditionType = "AccountClientError"
	// AccountAuthorizationError indicates an authorization error occurred
	AccountAuthorizationError AccountConditionType = "AuthorizationError"
	// AccountAuthenticationError indicates an authentication error occurred
	AccountAuthenticationError AccountConditionType = "AuthenticationError"
	// AccountUnhandledError indicates a error that isn't handled, probably a go error
	AccountUnhandledError AccountConditionType = "UnhandledError"
	// AccountInternalError is set when a serious internal issue arrises
	AccountInternalError AccountConditionType = "InternalError"
	// AccountInitializingRegions indicates we've kicked off the process of creating and terminating
	// instances in all supported regions
	AccountInitializingRegions = "InitializingRegions"
	// AccountQuotaIncreaseRequested is set when a quota increase has been requested
	AccountQuotaIncreaseRequested AccountConditionType = "QuotaIncreaseRequested"
)

type AccountList 

type AccountList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Account `json:"items"`
}

AccountList contains a list of Account

func (*AccountList) DeepCopy 

func (in *AccountList) DeepCopy() *AccountList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountList.

func (*AccountList) DeepCopyInto 

func (in *AccountList) DeepCopyInto(out *AccountList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AccountList) DeepCopyObject 

func (in *AccountList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AccountPool 

type AccountPool struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AccountPoolSpec   `json:"spec,omitempty"`
	Status AccountPoolStatus `json:"status,omitempty"`
}

AccountPool is the Schema for the accountpools API +k8s:openapi-gen=true +kubebuilder:subresource:status +kubebuilder:printcolumn:name="Pool Size",type="integer",JSONPath=".status.poolSize",description="Desired pool size" +kubebuilder:printcolumn:name="Unclaimed Accounts",type="integer",JSONPath=".status.unclaimedAccounts",description="Number of unclaimed accounts" +kubebuilder:printcolumn:name="Claimed Accounts",type="integer",JSONPath=".status.claimedAccounts",description="Number of claimed accounts" +kubebuilder:printcolumn:name="Available Accounts",type="integer",JSONPath=".status.availableAccounts",description="Number of ready accounts" +kubebuilder:printcolumn:name="Accounts Progressing",type="integer",JSONPath=".status.accountsProgressing",description="Number of accounts progressing towards ready" +kubebuilder:printcolumn:name="AWS Limit Delta",type="integer",JSONPath=".status.awsLimitDelta",description="Difference between accounts created and soft limit" +kubebuilder:resource:path=accountpools,scope=Namespaced

func (*AccountPool) DeepCopy 

func (in *AccountPool) DeepCopy() *AccountPool

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountPool.

func (*AccountPool) DeepCopyInto 

func (in *AccountPool) DeepCopyInto(out *AccountPool)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AccountPool) DeepCopyObject 

func (in *AccountPool) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AccountPoolList 

type AccountPoolList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AccountPool `json:"items"`
}

AccountPoolList contains a list of AccountPool

func (*AccountPoolList) DeepCopy 

func (in *AccountPoolList) DeepCopy() *AccountPoolList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountPoolList.

func (*AccountPoolList) DeepCopyInto 

func (in *AccountPoolList) DeepCopyInto(out *AccountPoolList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AccountPoolList) DeepCopyObject 

func (in *AccountPoolList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AccountPoolSpec 

type AccountPoolSpec struct {
	PoolSize int `json:"poolSize"`
}

AccountPoolSpec defines the desired state of AccountPool +k8s:openapi-gen=true

func (*AccountPoolSpec) DeepCopy 

func (in *AccountPoolSpec) DeepCopy() *AccountPoolSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountPoolSpec.

func (*AccountPoolSpec) DeepCopyInto 

func (in *AccountPoolSpec) DeepCopyInto(out *AccountPoolSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AccountPoolStatus 

type AccountPoolStatus struct {
	PoolSize int `json:"poolSize"`

	// UnclaimedAccounts is an approximate value representing the amount of non-failed accounts
	UnclaimedAccounts int `json:"unclaimedAccounts"`

	// ClaimedAccounts is an approximate value representing the amount of accounts that are currently claimed
	ClaimedAccounts int `json:"claimedAccounts"`

	// AvailableAccounts denotes accounts that HAVE NEVER BEEN CLAIMED, so NOT reused, and are READY to be claimed.  This differs from the UnclaimedAccounts, who similarly HAVE NEVER BEEN CLAIMED, but include ALL non-FAILED states
	AvailableAccounts int `json:"availableAccounts"`

	// AccountsProgressing shows the approximate value of the number of accounts that are in the creation workflow (Creating, PendingVerification, InitializingRegions)
	AccountsProgressing int `json:"accountsProgressing"`

	// AWSLimitDelta shows the approximate difference between the number of AWS accounts currently created and the limit. This should be the same across all hive shards in an environment
	AWSLimitDelta int `json:"awsLimitDelta"`
}

AccountPoolStatus defines the observed state of AccountPool +k8s:openapi-gen=true

func (*AccountPoolStatus) DeepCopy 

func (in *AccountPoolStatus) DeepCopy() *AccountPoolStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountPoolStatus.

func (*AccountPoolStatus) DeepCopyInto 

func (in *AccountPoolStatus) DeepCopyInto(out *AccountPoolStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AccountSpec 

type AccountSpec struct {
	AwsAccountID  string `json:"awsAccountID"`
	IAMUserSecret string `json:"iamUserSecret"`
	BYOC          bool   `json:"byoc,omitempty"`
	// +optional
	ClaimLink string `json:"claimLink"`
	// +optional
	ClaimLinkNamespace string      `json:"claimLinkNamespace,omitempty"`
	LegalEntity        LegalEntity `json:"legalEntity,omitempty"`
	ManualSTSMode      bool        `json:"manualSTSMode,omitempty"`
}

AccountSpec defines the desired state of Account +k8s:openapi-gen=true

func (*AccountSpec) DeepCopy 

func (in *AccountSpec) DeepCopy() *AccountSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountSpec.

func (*AccountSpec) DeepCopyInto 

func (in *AccountSpec) DeepCopyInto(out *AccountSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AccountStateStatus 

type AccountStateStatus string

AccountStateStatus defines the various status an Account CR can have

type AccountStatus 

type AccountStatus struct {
	Claimed       bool   `json:"claimed,omitempty"`
	SupportCaseID string `json:"supportCaseID,omitempty"`
	// +optional
	Conditions               []AccountCondition `json:"conditions,omitempty"`
	State                    string             `json:"state,omitempty"`
	RotateCredentials        bool               `json:"rotateCredentials,omitempty"`
	RotateConsoleCredentials bool               `json:"rotateConsoleCredentials,omitempty"`
	Reused                   bool               `json:"reused,omitempty"`
}

AccountStatus defines the observed state of Account +k8s:openapi-gen=true

func (*AccountStatus) DeepCopy 

func (in *AccountStatus) DeepCopy() *AccountStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AccountStatus.

func (*AccountStatus) DeepCopyInto 

func (in *AccountStatus) DeepCopyInto(out *AccountStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AmiSpec 

type AmiSpec struct {
	Ami          string
	InstanceType string
}

func (*AmiSpec) DeepCopy 

func (in *AmiSpec) DeepCopy() *AmiSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AmiSpec.

func (*AmiSpec) DeepCopyInto 

func (in *AmiSpec) DeepCopyInto(out *AmiSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Aws 

type Aws struct {
	Regions []AwsRegions `json:"regions"`
}

Aws struct contains specific AWS account configuration options

func (*Aws) DeepCopy 

func (in *Aws) DeepCopy() *Aws

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Aws.

func (*Aws) DeepCopyInto 

func (in *Aws) DeepCopyInto(out *Aws)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AwsRegions 

type AwsRegions struct {
	Name string `json:"name"`
}

AwsRegions struct contains specific AwsRegion information, at the moment its just name but in the future it will contain specific resource limits etc.

func (*AwsRegions) DeepCopy 

func (in *AwsRegions) DeepCopy() *AwsRegions

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsRegions.

func (*AwsRegions) DeepCopyInto 

func (in *AwsRegions) DeepCopyInto(out *AwsRegions)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ClaimStatus 

type ClaimStatus string

ClaimStatus is a valid value from AccountClaim.Status 

const (
	// ClaimStatusPending pending status for a claim
	ClaimStatusPending ClaimStatus = "Pending"
	// ClaimStatusReady ready status for a claim
	ClaimStatusReady ClaimStatus = "Ready"
	// ClaimStatusError error status for a claim
	ClaimStatusError ClaimStatus = "Error"
)

type Condition 

type Condition struct {
	// A map of the condition
	StringEquals map[string]string `json:"StringEquals,omitempty"`
}

Condition contains the aws Condition map to use for IAM roles

func (*Condition) DeepCopy 

func (in *Condition) DeepCopy() *Condition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition.

func (*Condition) DeepCopyInto 

func (in *Condition) DeepCopyInto(out *Condition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type LegalEntity 

type LegalEntity struct {
	Name string `json:"name"`
	ID   string `json:"id"`
}

LegalEntity contains Red Hat specific identifiers to the original creator the clusters

func (*LegalEntity) DeepCopy 

func (in *LegalEntity) DeepCopy() *LegalEntity

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new LegalEntity.

func (*LegalEntity) DeepCopyInto 

func (in *LegalEntity) DeepCopyInto(out *LegalEntity)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Principal 

type Principal struct {
	// aws account id
	AWS []string `json:"AWS"`
}

Principal contains the aws account id for the principle entity of a role

func (*Principal) DeepCopy 

func (in *Principal) DeepCopy() *Principal

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Principal.

func (*Principal) DeepCopyInto 

func (in *Principal) DeepCopyInto(out *Principal)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretRef 

type SecretRef struct {
	Name      string `json:"name"`
	Namespace string `json:"namespace"`
}

SecretRef contains the name of a secret and its namespace

func (*SecretRef) DeepCopy 

func (in *SecretRef) DeepCopy() *SecretRef

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretRef.

func (*SecretRef) DeepCopyInto 

func (in *SecretRef) DeepCopyInto(out *SecretRef)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type StatementEntry 

type StatementEntry struct {
	Effect    string     `json:"effect"`
	Action    []string   `json:"action"`
	Resource  []string   `json:"resource,omitempty"`
	Condition *Condition `json:"condition,omitempty"`
	Principal *Principal `json:"principal,omitempty"`
}

StatementEntry is the smallest gourping of permissions required to create an aws policy

func (*StatementEntry) DeepCopy 

func (in *StatementEntry) DeepCopy() *StatementEntry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StatementEntry.

func (*StatementEntry) DeepCopyInto 

func (in *StatementEntry) DeepCopyInto(out *StatementEntry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.