v1alpha1

package
v1.3.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 5, 2024 License: Apache-2.0 Imports: 10 Imported by: 0

Documentation

Overview

+kubebuilder:object:generate=true +groupName=kubernetesauthbackendrole.vault.upbound.io +versionName=v1alpha1

Index

Constants

View Source 
const (
	CRDGroup   = "kubernetesauthbackendrole.vault.upbound.io"
	CRDVersion = "v1alpha1"
)

Package type metadata.

Variables

View Source 
var (
	AuthBackendRole_Kind             = "AuthBackendRole"
	AuthBackendRole_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: AuthBackendRole_Kind}.String()
	AuthBackendRole_KindAPIVersion   = AuthBackendRole_Kind + "." + CRDGroupVersion.String()
	AuthBackendRole_GroupVersionKind = CRDGroupVersion.WithKind(AuthBackendRole_Kind)
)

Repository type metadata.

View Source 
var (
	// CRDGroupVersion is the API Group Version used to register the objects
	CRDGroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: CRDGroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

This section is empty.

Types

type AuthBackendRole 

type AuthBackendRole struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.boundServiceAccountNames) || (has(self.initProvider) && has(self.initProvider.boundServiceAccountNames))",message="spec.forProvider.boundServiceAccountNames is a required parameter"
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.boundServiceAccountNamespaces) || (has(self.initProvider) && has(self.initProvider.boundServiceAccountNamespaces))",message="spec.forProvider.boundServiceAccountNamespaces is a required parameter"
	Spec   AuthBackendRoleSpec   `json:"spec"`
	Status AuthBackendRoleStatus `json:"status,omitempty"`
}

AuthBackendRole is the Schema for the AuthBackendRoles API. Manages Kubernetes auth backend roles in Vault. +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,vault}

func (*AuthBackendRole) DeepCopy 

func (in *AuthBackendRole) DeepCopy() *AuthBackendRole

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRole.

func (*AuthBackendRole) DeepCopyInto 

func (in *AuthBackendRole) DeepCopyInto(out *AuthBackendRole)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendRole) DeepCopyObject 

func (in *AuthBackendRole) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendRole) GetCondition 

func (mg *AuthBackendRole) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this AuthBackendRole.

func (*AuthBackendRole) GetConnectionDetailsMapping 

func (tr *AuthBackendRole) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this AuthBackendRole

func (*AuthBackendRole) GetDeletionPolicy 

func (mg *AuthBackendRole) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this AuthBackendRole.

func (*AuthBackendRole) GetID 

func (tr *AuthBackendRole) GetID() string

GetID returns ID of underlying Terraform resource of this AuthBackendRole

func (*AuthBackendRole) GetInitParameters added in v1.3.0 

func (tr *AuthBackendRole) GetInitParameters() (map[string]any, error)

GetInitParameters of this AuthBackendRole

func (*AuthBackendRole) GetManagementPolicies added in v1.3.0 

func (mg *AuthBackendRole) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this AuthBackendRole.

func (*AuthBackendRole) GetMergedParameters added in v1.3.0 

func (tr *AuthBackendRole) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this AuthBackendRole

func (*AuthBackendRole) GetObservation 

func (tr *AuthBackendRole) GetObservation() (map[string]any, error)

GetObservation of this AuthBackendRole

func (*AuthBackendRole) GetParameters 

func (tr *AuthBackendRole) GetParameters() (map[string]any, error)

GetParameters of this AuthBackendRole

func (*AuthBackendRole) GetProviderConfigReference 

func (mg *AuthBackendRole) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this AuthBackendRole.

func (*AuthBackendRole) GetPublishConnectionDetailsTo 

func (mg *AuthBackendRole) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this AuthBackendRole.

func (*AuthBackendRole) GetTerraformResourceType 

func (mg *AuthBackendRole) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this AuthBackendRole

func (*AuthBackendRole) GetTerraformSchemaVersion 

func (tr *AuthBackendRole) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*AuthBackendRole) GetWriteConnectionSecretToReference 

func (mg *AuthBackendRole) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this AuthBackendRole.

func (*AuthBackendRole) Hub added in v1.3.0 

func (tr *AuthBackendRole) Hub()

Hub marks this type as a conversion hub.

func (*AuthBackendRole) LateInitialize 

func (tr *AuthBackendRole) LateInitialize(attrs []byte) (bool, error)

LateInitialize this AuthBackendRole using its observed tfState. returns True if there are any spec changes for the resource.

func (*AuthBackendRole) SetConditions 

func (mg *AuthBackendRole) SetConditions(c ...xpv1.Condition)

SetConditions of this AuthBackendRole.

func (*AuthBackendRole) SetDeletionPolicy 

func (mg *AuthBackendRole) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this AuthBackendRole.

func (*AuthBackendRole) SetManagementPolicies added in v1.3.0 

func (mg *AuthBackendRole) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this AuthBackendRole.

func (*AuthBackendRole) SetObservation 

func (tr *AuthBackendRole) SetObservation(obs map[string]any) error

SetObservation for this AuthBackendRole

func (*AuthBackendRole) SetParameters 

func (tr *AuthBackendRole) SetParameters(params map[string]any) error

SetParameters for this AuthBackendRole

func (*AuthBackendRole) SetProviderConfigReference 

func (mg *AuthBackendRole) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this AuthBackendRole.

func (*AuthBackendRole) SetPublishConnectionDetailsTo 

func (mg *AuthBackendRole) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this AuthBackendRole.

func (*AuthBackendRole) SetWriteConnectionSecretToReference 

func (mg *AuthBackendRole) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this AuthBackendRole.

type AuthBackendRoleInitParameters added in v1.3.0 

type AuthBackendRoleInitParameters struct {

	// Configures how identity aliases are generated.
	// Valid choices are: serviceaccount_uid, serviceaccount_name. (vault-1.9+)
	// Configures how identity aliases are generated. Valid choices are: serviceaccount_uid, serviceaccount_name
	AliasNameSource *string `json:"aliasNameSource,omitempty" tf:"alias_name_source,omitempty"`

	// Audience claim to verify in the JWT.
	// Optional Audience claim to verify in the JWT.
	Audience *string `json:"audience,omitempty" tf:"audience,omitempty"`

	// Unique name of the kubernetes backend to configure.
	// Unique name of the kubernetes backend to configure.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// List of service account names able to access this role. If set to ["*"] all names are allowed, both this and bound_service_account_namespaces can not be "*".
	// List of service account names able to access this role. If set to `["*"]` all names are allowed, both this and bound_service_account_namespaces can not be "*".
	// +listType=set
	BoundServiceAccountNames []*string `json:"boundServiceAccountNames,omitempty" tf:"bound_service_account_names,omitempty"`

	// List of namespaces allowed to access this role. If set to ["*"] all namespaces are allowed, both this and bound_service_account_names can not be set to "*".
	// List of namespaces allowed to access this role. If set to `["*"]` all namespaces are allowed, both this and bound_service_account_names can not be set to "*".
	// +listType=set
	BoundServiceAccountNamespaces []*string `json:"boundServiceAccountNamespaces,omitempty" tf:"bound_service_account_namespaces,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// List of CIDR blocks; if set, specifies blocks of IP
	// addresses which can authenticate successfully, and ties the resulting token to these blocks
	// as well.
	// Specifies the blocks of IP addresses which are allowed to use the generated token
	// +listType=set
	TokenBoundCidrs []*string `json:"tokenBoundCidrs,omitempty" tf:"token_bound_cidrs,omitempty"`

	// If set, will encode an
	// explicit max TTL
	// onto the token in number of seconds. This is a hard cap even if token_ttl and
	// token_max_ttl would otherwise allow a renewal.
	// Generated Token's Explicit Maximum TTL in seconds
	TokenExplicitMaxTTL *float64 `json:"tokenExplicitMaxTtl,omitempty" tf:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	// The maximum lifetime of the generated token
	TokenMaxTTL *float64 `json:"tokenMaxTtl,omitempty" tf:"token_max_ttl,omitempty"`

	// If set, the default policy will not be set on
	// generated tokens; otherwise it will be added to the policies set in token_policies.
	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy *bool `json:"tokenNoDefaultPolicy,omitempty" tf:"token_no_default_policy,omitempty"`

	// The maximum number
	// of times a generated token may be used (within its lifetime); 0 means unlimited.
	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses *float64 `json:"tokenNumUses,omitempty" tf:"token_num_uses,omitempty"`

	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	// Generated Token's Period
	TokenPeriod *float64 `json:"tokenPeriod,omitempty" tf:"token_period,omitempty"`

	// List of policies to encode onto generated tokens. Depending
	// on the auth method, this list may be supplemented by user/group/other values.
	// Generated Token's Policies
	// +listType=set
	TokenPolicies []*string `json:"tokenPolicies,omitempty" tf:"token_policies,omitempty"`

	// The initial ttl of the token to generate in seconds
	TokenTTL *float64 `json:"tokenTtl,omitempty" tf:"token_ttl,omitempty"`

	// The type of token that should be generated. Can be service,
	// batch, or default to use the mount's tuned default (which unless changed will be
	// service tokens). For token store roles, there are two additional possibilities:
	// default-service and default-batch which specify the type to return unless the client
	// requests a different type at generation time.
	// The type of token to generate, service or batch
	TokenType *string `json:"tokenType,omitempty" tf:"token_type,omitempty"`
}

func (*AuthBackendRoleInitParameters) DeepCopy added in v1.3.0 

func (in *AuthBackendRoleInitParameters) DeepCopy() *AuthBackendRoleInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleInitParameters.

func (*AuthBackendRoleInitParameters) DeepCopyInto added in v1.3.0 

func (in *AuthBackendRoleInitParameters) DeepCopyInto(out *AuthBackendRoleInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoleList 

type AuthBackendRoleList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AuthBackendRole `json:"items"`
}

AuthBackendRoleList contains a list of AuthBackendRoles

func (*AuthBackendRoleList) DeepCopy 

func (in *AuthBackendRoleList) DeepCopy() *AuthBackendRoleList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleList.

func (*AuthBackendRoleList) DeepCopyInto 

func (in *AuthBackendRoleList) DeepCopyInto(out *AuthBackendRoleList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendRoleList) DeepCopyObject 

func (in *AuthBackendRoleList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendRoleList) GetItems 

func (l *AuthBackendRoleList) GetItems() []resource.Managed

GetItems of this AuthBackendRoleList.

type AuthBackendRoleObservation 

type AuthBackendRoleObservation struct {

	// Configures how identity aliases are generated.
	// Valid choices are: serviceaccount_uid, serviceaccount_name. (vault-1.9+)
	// Configures how identity aliases are generated. Valid choices are: serviceaccount_uid, serviceaccount_name
	AliasNameSource *string `json:"aliasNameSource,omitempty" tf:"alias_name_source,omitempty"`

	// Audience claim to verify in the JWT.
	// Optional Audience claim to verify in the JWT.
	Audience *string `json:"audience,omitempty" tf:"audience,omitempty"`

	// Unique name of the kubernetes backend to configure.
	// Unique name of the kubernetes backend to configure.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// List of service account names able to access this role. If set to ["*"] all names are allowed, both this and bound_service_account_namespaces can not be "*".
	// List of service account names able to access this role. If set to `["*"]` all names are allowed, both this and bound_service_account_namespaces can not be "*".
	// +listType=set
	BoundServiceAccountNames []*string `json:"boundServiceAccountNames,omitempty" tf:"bound_service_account_names,omitempty"`

	// List of namespaces allowed to access this role. If set to ["*"] all namespaces are allowed, both this and bound_service_account_names can not be set to "*".
	// List of namespaces allowed to access this role. If set to `["*"]` all namespaces are allowed, both this and bound_service_account_names can not be set to "*".
	// +listType=set
	BoundServiceAccountNamespaces []*string `json:"boundServiceAccountNamespaces,omitempty" tf:"bound_service_account_namespaces,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// List of CIDR blocks; if set, specifies blocks of IP
	// addresses which can authenticate successfully, and ties the resulting token to these blocks
	// as well.
	// Specifies the blocks of IP addresses which are allowed to use the generated token
	// +listType=set
	TokenBoundCidrs []*string `json:"tokenBoundCidrs,omitempty" tf:"token_bound_cidrs,omitempty"`

	// If set, will encode an
	// explicit max TTL
	// onto the token in number of seconds. This is a hard cap even if token_ttl and
	// token_max_ttl would otherwise allow a renewal.
	// Generated Token's Explicit Maximum TTL in seconds
	TokenExplicitMaxTTL *float64 `json:"tokenExplicitMaxTtl,omitempty" tf:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	// The maximum lifetime of the generated token
	TokenMaxTTL *float64 `json:"tokenMaxTtl,omitempty" tf:"token_max_ttl,omitempty"`

	// If set, the default policy will not be set on
	// generated tokens; otherwise it will be added to the policies set in token_policies.
	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy *bool `json:"tokenNoDefaultPolicy,omitempty" tf:"token_no_default_policy,omitempty"`

	// The maximum number
	// of times a generated token may be used (within its lifetime); 0 means unlimited.
	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses *float64 `json:"tokenNumUses,omitempty" tf:"token_num_uses,omitempty"`

	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	// Generated Token's Period
	TokenPeriod *float64 `json:"tokenPeriod,omitempty" tf:"token_period,omitempty"`

	// List of policies to encode onto generated tokens. Depending
	// on the auth method, this list may be supplemented by user/group/other values.
	// Generated Token's Policies
	// +listType=set
	TokenPolicies []*string `json:"tokenPolicies,omitempty" tf:"token_policies,omitempty"`

	// The initial ttl of the token to generate in seconds
	TokenTTL *float64 `json:"tokenTtl,omitempty" tf:"token_ttl,omitempty"`

	// The type of token that should be generated. Can be service,
	// batch, or default to use the mount's tuned default (which unless changed will be
	// service tokens). For token store roles, there are two additional possibilities:
	// default-service and default-batch which specify the type to return unless the client
	// requests a different type at generation time.
	// The type of token to generate, service or batch
	TokenType *string `json:"tokenType,omitempty" tf:"token_type,omitempty"`
}

func (*AuthBackendRoleObservation) DeepCopy 

func (in *AuthBackendRoleObservation) DeepCopy() *AuthBackendRoleObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleObservation.

func (*AuthBackendRoleObservation) DeepCopyInto 

func (in *AuthBackendRoleObservation) DeepCopyInto(out *AuthBackendRoleObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoleParameters 

type AuthBackendRoleParameters struct {

	// Configures how identity aliases are generated.
	// Valid choices are: serviceaccount_uid, serviceaccount_name. (vault-1.9+)
	// Configures how identity aliases are generated. Valid choices are: serviceaccount_uid, serviceaccount_name
	// +kubebuilder:validation:Optional
	AliasNameSource *string `json:"aliasNameSource,omitempty" tf:"alias_name_source,omitempty"`

	// Audience claim to verify in the JWT.
	// Optional Audience claim to verify in the JWT.
	// +kubebuilder:validation:Optional
	Audience *string `json:"audience,omitempty" tf:"audience,omitempty"`

	// Unique name of the kubernetes backend to configure.
	// Unique name of the kubernetes backend to configure.
	// +kubebuilder:validation:Optional
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// List of service account names able to access this role. If set to ["*"] all names are allowed, both this and bound_service_account_namespaces can not be "*".
	// List of service account names able to access this role. If set to `["*"]` all names are allowed, both this and bound_service_account_namespaces can not be "*".
	// +kubebuilder:validation:Optional
	// +listType=set
	BoundServiceAccountNames []*string `json:"boundServiceAccountNames,omitempty" tf:"bound_service_account_names,omitempty"`

	// List of namespaces allowed to access this role. If set to ["*"] all namespaces are allowed, both this and bound_service_account_names can not be set to "*".
	// List of namespaces allowed to access this role. If set to `["*"]` all namespaces are allowed, both this and bound_service_account_names can not be set to "*".
	// +kubebuilder:validation:Optional
	// +listType=set
	BoundServiceAccountNamespaces []*string `json:"boundServiceAccountNamespaces,omitempty" tf:"bound_service_account_namespaces,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	// +kubebuilder:validation:Optional
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// List of CIDR blocks; if set, specifies blocks of IP
	// addresses which can authenticate successfully, and ties the resulting token to these blocks
	// as well.
	// Specifies the blocks of IP addresses which are allowed to use the generated token
	// +kubebuilder:validation:Optional
	// +listType=set
	TokenBoundCidrs []*string `json:"tokenBoundCidrs,omitempty" tf:"token_bound_cidrs,omitempty"`

	// If set, will encode an
	// explicit max TTL
	// onto the token in number of seconds. This is a hard cap even if token_ttl and
	// token_max_ttl would otherwise allow a renewal.
	// Generated Token's Explicit Maximum TTL in seconds
	// +kubebuilder:validation:Optional
	TokenExplicitMaxTTL *float64 `json:"tokenExplicitMaxTtl,omitempty" tf:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	// The maximum lifetime of the generated token
	// +kubebuilder:validation:Optional
	TokenMaxTTL *float64 `json:"tokenMaxTtl,omitempty" tf:"token_max_ttl,omitempty"`

	// If set, the default policy will not be set on
	// generated tokens; otherwise it will be added to the policies set in token_policies.
	// If true, the 'default' policy will not automatically be added to generated tokens
	// +kubebuilder:validation:Optional
	TokenNoDefaultPolicy *bool `json:"tokenNoDefaultPolicy,omitempty" tf:"token_no_default_policy,omitempty"`

	// The maximum number
	// of times a generated token may be used (within its lifetime); 0 means unlimited.
	// The maximum number of times a token may be used, a value of zero means unlimited
	// +kubebuilder:validation:Optional
	TokenNumUses *float64 `json:"tokenNumUses,omitempty" tf:"token_num_uses,omitempty"`

	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	// Generated Token's Period
	// +kubebuilder:validation:Optional
	TokenPeriod *float64 `json:"tokenPeriod,omitempty" tf:"token_period,omitempty"`

	// List of policies to encode onto generated tokens. Depending
	// on the auth method, this list may be supplemented by user/group/other values.
	// Generated Token's Policies
	// +kubebuilder:validation:Optional
	// +listType=set
	TokenPolicies []*string `json:"tokenPolicies,omitempty" tf:"token_policies,omitempty"`

	// The initial ttl of the token to generate in seconds
	// +kubebuilder:validation:Optional
	TokenTTL *float64 `json:"tokenTtl,omitempty" tf:"token_ttl,omitempty"`

	// The type of token that should be generated. Can be service,
	// batch, or default to use the mount's tuned default (which unless changed will be
	// service tokens). For token store roles, there are two additional possibilities:
	// default-service and default-batch which specify the type to return unless the client
	// requests a different type at generation time.
	// The type of token to generate, service or batch
	// +kubebuilder:validation:Optional
	TokenType *string `json:"tokenType,omitempty" tf:"token_type,omitempty"`
}

func (*AuthBackendRoleParameters) DeepCopy 

func (in *AuthBackendRoleParameters) DeepCopy() *AuthBackendRoleParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleParameters.

func (*AuthBackendRoleParameters) DeepCopyInto 

func (in *AuthBackendRoleParameters) DeepCopyInto(out *AuthBackendRoleParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoleSpec 

type AuthBackendRoleSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     AuthBackendRoleParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider AuthBackendRoleInitParameters `json:"initProvider,omitempty"`
}

AuthBackendRoleSpec defines the desired state of AuthBackendRole

func (*AuthBackendRoleSpec) DeepCopy 

func (in *AuthBackendRoleSpec) DeepCopy() *AuthBackendRoleSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleSpec.

func (*AuthBackendRoleSpec) DeepCopyInto 

func (in *AuthBackendRoleSpec) DeepCopyInto(out *AuthBackendRoleSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoleStatus 

type AuthBackendRoleStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        AuthBackendRoleObservation `json:"atProvider,omitempty"`
}

AuthBackendRoleStatus defines the observed state of AuthBackendRole.

func (*AuthBackendRoleStatus) DeepCopy 

func (in *AuthBackendRoleStatus) DeepCopy() *AuthBackendRoleStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleStatus.

func (*AuthBackendRoleStatus) DeepCopyInto 

func (in *AuthBackendRoleStatus) DeepCopyInto(out *AuthBackendRoleStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.