v1beta1

package
v1.15.0-rc.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 20, 2024 License: Apache-2.0 Imports: 16 Imported by: 6

Documentation

Overview

+kubebuilder:object:generate=true +groupName=kms.aws.upbound.io +versionName=v1beta1

Index

Constants

View Source 
const (
	CRDGroup   = "kms.aws.upbound.io"
	CRDVersion = "v1beta1"
)

Package type metadata.

Variables

View Source 
var (
	Alias_Kind             = "Alias"
	Alias_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: Alias_Kind}.String()
	Alias_KindAPIVersion   = Alias_Kind + "." + CRDGroupVersion.String()
	Alias_GroupVersionKind = CRDGroupVersion.WithKind(Alias_Kind)
)

Repository type metadata.

View Source 
var (
	Ciphertext_Kind             = "Ciphertext"
	Ciphertext_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: Ciphertext_Kind}.String()
	Ciphertext_KindAPIVersion   = Ciphertext_Kind + "." + CRDGroupVersion.String()
	Ciphertext_GroupVersionKind = CRDGroupVersion.WithKind(Ciphertext_Kind)
)

Repository type metadata.

View Source 
var (
	ExternalKey_Kind             = "ExternalKey"
	ExternalKey_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: ExternalKey_Kind}.String()
	ExternalKey_KindAPIVersion   = ExternalKey_Kind + "." + CRDGroupVersion.String()
	ExternalKey_GroupVersionKind = CRDGroupVersion.WithKind(ExternalKey_Kind)
)

Repository type metadata.

View Source 
var (
	Grant_Kind             = "Grant"
	Grant_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: Grant_Kind}.String()
	Grant_KindAPIVersion   = Grant_Kind + "." + CRDGroupVersion.String()
	Grant_GroupVersionKind = CRDGroupVersion.WithKind(Grant_Kind)
)

Repository type metadata.

View Source 
var (
	// CRDGroupVersion is the API Group Version used to register the objects
	CRDGroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: CRDGroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var (
	Key_Kind             = "Key"
	Key_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: Key_Kind}.String()
	Key_KindAPIVersion   = Key_Kind + "." + CRDGroupVersion.String()
	Key_GroupVersionKind = CRDGroupVersion.WithKind(Key_Kind)
)

Repository type metadata.

View Source 
var (
	ReplicaExternalKey_Kind             = "ReplicaExternalKey"
	ReplicaExternalKey_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: ReplicaExternalKey_Kind}.String()
	ReplicaExternalKey_KindAPIVersion   = ReplicaExternalKey_Kind + "." + CRDGroupVersion.String()
	ReplicaExternalKey_GroupVersionKind = CRDGroupVersion.WithKind(ReplicaExternalKey_Kind)
)

Repository type metadata.

View Source 
var (
	ReplicaKey_Kind             = "ReplicaKey"
	ReplicaKey_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: ReplicaKey_Kind}.String()
	ReplicaKey_KindAPIVersion   = ReplicaKey_Kind + "." + CRDGroupVersion.String()
	ReplicaKey_GroupVersionKind = CRDGroupVersion.WithKind(ReplicaKey_Kind)
)

Repository type metadata.

Functions

func KMSKeyARN 

func KMSKeyARN() reference.ExtractValueFn

KMSKeyARN returns an extractor that returns ARN of Key.

Types

type Alias 

type Alias struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              AliasSpec   `json:"spec"`
	Status            AliasStatus `json:"status,omitempty"`
}

Alias is the Schema for the Aliass API. Provides a display name for a customer master key. +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}

func (*Alias) DeepCopy 

func (in *Alias) DeepCopy() *Alias

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Alias.

func (*Alias) DeepCopyInto 

func (in *Alias) DeepCopyInto(out *Alias)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Alias) DeepCopyObject 

func (in *Alias) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Alias) GetCondition 

func (mg *Alias) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this Alias.

func (*Alias) GetConnectionDetailsMapping 

func (tr *Alias) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this Alias

func (*Alias) GetDeletionPolicy 

func (mg *Alias) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this Alias.

func (*Alias) GetID 

func (tr *Alias) GetID() string

GetID returns ID of underlying Terraform resource of this Alias

func (*Alias) GetInitParameters added in v0.38.0 

func (tr *Alias) GetInitParameters() (map[string]any, error)

GetInitParameters of this Alias

func (*Alias) GetManagementPolicies added in v0.38.0 

func (mg *Alias) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this Alias.

func (*Alias) GetMergedParameters added in v0.44.0 

func (tr *Alias) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this Alias

func (*Alias) GetObservation 

func (tr *Alias) GetObservation() (map[string]any, error)

GetObservation of this Alias

func (*Alias) GetParameters 

func (tr *Alias) GetParameters() (map[string]any, error)

GetParameters of this Alias

func (*Alias) GetProviderConfigReference 

func (mg *Alias) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this Alias.

func (*Alias) GetPublishConnectionDetailsTo 

func (mg *Alias) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this Alias.

func (*Alias) GetTerraformResourceType 

func (mg *Alias) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this Alias

func (*Alias) GetTerraformSchemaVersion 

func (tr *Alias) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*Alias) GetWriteConnectionSecretToReference 

func (mg *Alias) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this Alias.

func (*Alias) Hub added in v0.47.2 

func (tr *Alias) Hub()

Hub marks this type as a conversion hub.

func (*Alias) LateInitialize 

func (tr *Alias) LateInitialize(attrs []byte) (bool, error)

LateInitialize this Alias using its observed tfState. returns True if there are any spec changes for the resource.

func (*Alias) ResolveReferences 

func (mg *Alias) ResolveReferences(ctx context.Context, c client.Reader) error

func (*Alias) SetConditions 

func (mg *Alias) SetConditions(c ...xpv1.Condition)

SetConditions of this Alias.

func (*Alias) SetDeletionPolicy 

func (mg *Alias) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this Alias.

func (*Alias) SetManagementPolicies added in v0.38.0 

func (mg *Alias) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this Alias.

func (*Alias) SetObservation 

func (tr *Alias) SetObservation(obs map[string]any) error

SetObservation for this Alias

func (*Alias) SetParameters 

func (tr *Alias) SetParameters(params map[string]any) error

SetParameters for this Alias

func (*Alias) SetProviderConfigReference 

func (mg *Alias) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this Alias.

func (*Alias) SetPublishConnectionDetailsTo 

func (mg *Alias) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this Alias.

func (*Alias) SetWriteConnectionSecretToReference 

func (mg *Alias) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this Alias.

type AliasInitParameters added in v0.38.0 

type AliasInitParameters struct {

	// Identifier for the key for which the alias is for, can be either an ARN or key_id.
	// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/kms/v1beta1.Key
	TargetKeyID *string `json:"targetKeyId,omitempty" tf:"target_key_id,omitempty"`

	// Reference to a Key in kms to populate targetKeyId.
	// +kubebuilder:validation:Optional
	TargetKeyIDRef *v1.Reference `json:"targetKeyIdRef,omitempty" tf:"-"`

	// Selector for a Key in kms to populate targetKeyId.
	// +kubebuilder:validation:Optional
	TargetKeyIDSelector *v1.Selector `json:"targetKeyIdSelector,omitempty" tf:"-"`
}

func (*AliasInitParameters) DeepCopy added in v0.38.0 

func (in *AliasInitParameters) DeepCopy() *AliasInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasInitParameters.

func (*AliasInitParameters) DeepCopyInto added in v0.38.0 

func (in *AliasInitParameters) DeepCopyInto(out *AliasInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AliasList 

type AliasList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Alias `json:"items"`
}

AliasList contains a list of Aliass

func (*AliasList) DeepCopy 

func (in *AliasList) DeepCopy() *AliasList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasList.

func (*AliasList) DeepCopyInto 

func (in *AliasList) DeepCopyInto(out *AliasList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AliasList) DeepCopyObject 

func (in *AliasList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AliasList) GetItems 

func (l *AliasList) GetItems() []resource.Managed

GetItems of this AliasList.

type AliasObservation 

type AliasObservation struct {

	// The Amazon Resource Name (ARN) of the key alias.
	Arn *string `json:"arn,omitempty" tf:"arn,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The Amazon Resource Name (ARN) of the target key identifier.
	TargetKeyArn *string `json:"targetKeyArn,omitempty" tf:"target_key_arn,omitempty"`

	// Identifier for the key for which the alias is for, can be either an ARN or key_id.
	TargetKeyID *string `json:"targetKeyId,omitempty" tf:"target_key_id,omitempty"`
}

func (*AliasObservation) DeepCopy 

func (in *AliasObservation) DeepCopy() *AliasObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasObservation.

func (*AliasObservation) DeepCopyInto 

func (in *AliasObservation) DeepCopyInto(out *AliasObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AliasParameters 

type AliasParameters struct {

	// Region is the region you'd like your resource to be created in.
	// +upjet:crd:field:TFTag=-
	// +kubebuilder:validation:Required
	Region *string `json:"region" tf:"-"`

	// Identifier for the key for which the alias is for, can be either an ARN or key_id.
	// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/kms/v1beta1.Key
	// +kubebuilder:validation:Optional
	TargetKeyID *string `json:"targetKeyId,omitempty" tf:"target_key_id,omitempty"`

	// Reference to a Key in kms to populate targetKeyId.
	// +kubebuilder:validation:Optional
	TargetKeyIDRef *v1.Reference `json:"targetKeyIdRef,omitempty" tf:"-"`

	// Selector for a Key in kms to populate targetKeyId.
	// +kubebuilder:validation:Optional
	TargetKeyIDSelector *v1.Selector `json:"targetKeyIdSelector,omitempty" tf:"-"`
}

func (*AliasParameters) DeepCopy 

func (in *AliasParameters) DeepCopy() *AliasParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasParameters.

func (*AliasParameters) DeepCopyInto 

func (in *AliasParameters) DeepCopyInto(out *AliasParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AliasSpec 

type AliasSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     AliasParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider AliasInitParameters `json:"initProvider,omitempty"`
}

AliasSpec defines the desired state of Alias

func (*AliasSpec) DeepCopy 

func (in *AliasSpec) DeepCopy() *AliasSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasSpec.

func (*AliasSpec) DeepCopyInto 

func (in *AliasSpec) DeepCopyInto(out *AliasSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AliasStatus 

type AliasStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        AliasObservation `json:"atProvider,omitempty"`
}

AliasStatus defines the observed state of Alias.

func (*AliasStatus) DeepCopy 

func (in *AliasStatus) DeepCopy() *AliasStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AliasStatus.

func (*AliasStatus) DeepCopyInto 

func (in *AliasStatus) DeepCopyInto(out *AliasStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Ciphertext 

type Ciphertext struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.plaintextSecretRef)",message="spec.forProvider.plaintextSecretRef is a required parameter"
	Spec   CiphertextSpec   `json:"spec"`
	Status CiphertextStatus `json:"status,omitempty"`
}

Ciphertext is the Schema for the Ciphertexts API. Provides ciphertext encrypted using a KMS key +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}

func (*Ciphertext) DeepCopy 

func (in *Ciphertext) DeepCopy() *Ciphertext

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Ciphertext.

func (*Ciphertext) DeepCopyInto 

func (in *Ciphertext) DeepCopyInto(out *Ciphertext)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Ciphertext) DeepCopyObject 

func (in *Ciphertext) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Ciphertext) GetCondition 

func (mg *Ciphertext) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this Ciphertext.

func (*Ciphertext) GetConnectionDetailsMapping 

func (tr *Ciphertext) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this Ciphertext

func (*Ciphertext) GetDeletionPolicy 

func (mg *Ciphertext) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this Ciphertext.

func (*Ciphertext) GetID 

func (tr *Ciphertext) GetID() string

GetID returns ID of underlying Terraform resource of this Ciphertext

func (*Ciphertext) GetInitParameters added in v0.38.0 

func (tr *Ciphertext) GetInitParameters() (map[string]any, error)

GetInitParameters of this Ciphertext

func (*Ciphertext) GetManagementPolicies added in v0.38.0 

func (mg *Ciphertext) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this Ciphertext.

func (*Ciphertext) GetMergedParameters added in v0.44.0 

func (tr *Ciphertext) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this Ciphertext

func (*Ciphertext) GetObservation 

func (tr *Ciphertext) GetObservation() (map[string]any, error)

GetObservation of this Ciphertext

func (*Ciphertext) GetParameters 

func (tr *Ciphertext) GetParameters() (map[string]any, error)

GetParameters of this Ciphertext

func (*Ciphertext) GetProviderConfigReference 

func (mg *Ciphertext) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this Ciphertext.

func (*Ciphertext) GetPublishConnectionDetailsTo 

func (mg *Ciphertext) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this Ciphertext.

func (*Ciphertext) GetTerraformResourceType 

func (mg *Ciphertext) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this Ciphertext

func (*Ciphertext) GetTerraformSchemaVersion 

func (tr *Ciphertext) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*Ciphertext) GetWriteConnectionSecretToReference 

func (mg *Ciphertext) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this Ciphertext.

func (*Ciphertext) Hub added in v0.47.2 

func (tr *Ciphertext) Hub()

Hub marks this type as a conversion hub.

func (*Ciphertext) LateInitialize 

func (tr *Ciphertext) LateInitialize(attrs []byte) (bool, error)

LateInitialize this Ciphertext using its observed tfState. returns True if there are any spec changes for the resource.

func (*Ciphertext) ResolveReferences 

func (mg *Ciphertext) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this Ciphertext.

func (*Ciphertext) SetConditions 

func (mg *Ciphertext) SetConditions(c ...xpv1.Condition)

SetConditions of this Ciphertext.

func (*Ciphertext) SetDeletionPolicy 

func (mg *Ciphertext) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this Ciphertext.

func (*Ciphertext) SetManagementPolicies added in v0.38.0 

func (mg *Ciphertext) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this Ciphertext.

func (*Ciphertext) SetObservation 

func (tr *Ciphertext) SetObservation(obs map[string]any) error

SetObservation for this Ciphertext

func (*Ciphertext) SetParameters 

func (tr *Ciphertext) SetParameters(params map[string]any) error

SetParameters for this Ciphertext

func (*Ciphertext) SetProviderConfigReference 

func (mg *Ciphertext) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this Ciphertext.

func (*Ciphertext) SetPublishConnectionDetailsTo 

func (mg *Ciphertext) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this Ciphertext.

func (*Ciphertext) SetWriteConnectionSecretToReference 

func (mg *Ciphertext) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this Ciphertext.

type CiphertextInitParameters added in v0.38.0 

type CiphertextInitParameters struct {

	// An optional mapping that makes up the encryption context.
	// +mapType=granular
	Context map[string]*string `json:"context,omitempty" tf:"context,omitempty"`

	// Globally unique key ID for the customer master key.
	// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/kms/v1beta1.Key
	KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"`

	// Reference to a Key in kms to populate keyId.
	// +kubebuilder:validation:Optional
	KeyIDRef *v1.Reference `json:"keyIdRef,omitempty" tf:"-"`

	// Selector for a Key in kms to populate keyId.
	// +kubebuilder:validation:Optional
	KeyIDSelector *v1.Selector `json:"keyIdSelector,omitempty" tf:"-"`

	// Data to be encrypted. Note that this may show up in logs, and it will be stored in the state file.
	PlaintextSecretRef v1.SecretKeySelector `json:"plaintextSecretRef" tf:"-"`
}

func (*CiphertextInitParameters) DeepCopy added in v0.38.0 

func (in *CiphertextInitParameters) DeepCopy() *CiphertextInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiphertextInitParameters.

func (*CiphertextInitParameters) DeepCopyInto added in v0.38.0 

func (in *CiphertextInitParameters) DeepCopyInto(out *CiphertextInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CiphertextList 

type CiphertextList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Ciphertext `json:"items"`
}

CiphertextList contains a list of Ciphertexts

func (*CiphertextList) DeepCopy 

func (in *CiphertextList) DeepCopy() *CiphertextList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiphertextList.

func (*CiphertextList) DeepCopyInto 

func (in *CiphertextList) DeepCopyInto(out *CiphertextList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*CiphertextList) DeepCopyObject 

func (in *CiphertextList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*CiphertextList) GetItems 

func (l *CiphertextList) GetItems() []resource.Managed

GetItems of this CiphertextList.

type CiphertextObservation 

type CiphertextObservation struct {

	// Base64 encoded ciphertext
	CiphertextBlob *string `json:"ciphertextBlob,omitempty" tf:"ciphertext_blob,omitempty"`

	// An optional mapping that makes up the encryption context.
	// +mapType=granular
	Context map[string]*string `json:"context,omitempty" tf:"context,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// Globally unique key ID for the customer master key.
	KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"`
}

func (*CiphertextObservation) DeepCopy 

func (in *CiphertextObservation) DeepCopy() *CiphertextObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiphertextObservation.

func (*CiphertextObservation) DeepCopyInto 

func (in *CiphertextObservation) DeepCopyInto(out *CiphertextObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CiphertextParameters 

type CiphertextParameters struct {

	// An optional mapping that makes up the encryption context.
	// +kubebuilder:validation:Optional
	// +mapType=granular
	Context map[string]*string `json:"context,omitempty" tf:"context,omitempty"`

	// Globally unique key ID for the customer master key.
	// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/kms/v1beta1.Key
	// +kubebuilder:validation:Optional
	KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"`

	// Reference to a Key in kms to populate keyId.
	// +kubebuilder:validation:Optional
	KeyIDRef *v1.Reference `json:"keyIdRef,omitempty" tf:"-"`

	// Selector for a Key in kms to populate keyId.
	// +kubebuilder:validation:Optional
	KeyIDSelector *v1.Selector `json:"keyIdSelector,omitempty" tf:"-"`

	// Data to be encrypted. Note that this may show up in logs, and it will be stored in the state file.
	// +kubebuilder:validation:Optional
	PlaintextSecretRef v1.SecretKeySelector `json:"plaintextSecretRef" tf:"-"`

	// Region is the region you'd like your resource to be created in.
	// +upjet:crd:field:TFTag=-
	// +kubebuilder:validation:Required
	Region *string `json:"region" tf:"-"`
}

func (*CiphertextParameters) DeepCopy 

func (in *CiphertextParameters) DeepCopy() *CiphertextParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiphertextParameters.

func (*CiphertextParameters) DeepCopyInto 

func (in *CiphertextParameters) DeepCopyInto(out *CiphertextParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CiphertextSpec 

type CiphertextSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     CiphertextParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider CiphertextInitParameters `json:"initProvider,omitempty"`
}

CiphertextSpec defines the desired state of Ciphertext

func (*CiphertextSpec) DeepCopy 

func (in *CiphertextSpec) DeepCopy() *CiphertextSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiphertextSpec.

func (*CiphertextSpec) DeepCopyInto 

func (in *CiphertextSpec) DeepCopyInto(out *CiphertextSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type CiphertextStatus 

type CiphertextStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        CiphertextObservation `json:"atProvider,omitempty"`
}

CiphertextStatus defines the observed state of Ciphertext.

func (*CiphertextStatus) DeepCopy 

func (in *CiphertextStatus) DeepCopy() *CiphertextStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CiphertextStatus.

func (*CiphertextStatus) DeepCopyInto 

func (in *CiphertextStatus) DeepCopyInto(out *CiphertextStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConstraintsInitParameters added in v0.38.0 

type ConstraintsInitParameters struct {

	// A list of key-value pairs that must match the encryption context in subsequent cryptographic operation requests. The grant allows the operation only when the encryption context in the request is the same as the encryption context specified in this constraint. Conflicts with encryption_context_subset.
	// +mapType=granular
	EncryptionContextEquals map[string]*string `json:"encryptionContextEquals,omitempty" tf:"encryption_context_equals,omitempty"`

	// A list of key-value pairs that must be included in the encryption context of subsequent cryptographic operation requests. The grant allows the cryptographic operation only when the encryption context in the request includes the key-value pairs specified in this constraint, although it can include additional key-value pairs. Conflicts with encryption_context_equals.
	// +mapType=granular
	EncryptionContextSubset map[string]*string `json:"encryptionContextSubset,omitempty" tf:"encryption_context_subset,omitempty"`
}

func (*ConstraintsInitParameters) DeepCopy added in v0.38.0 

func (in *ConstraintsInitParameters) DeepCopy() *ConstraintsInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConstraintsInitParameters.

func (*ConstraintsInitParameters) DeepCopyInto added in v0.38.0 

func (in *ConstraintsInitParameters) DeepCopyInto(out *ConstraintsInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConstraintsObservation 

type ConstraintsObservation struct {

	// A list of key-value pairs that must match the encryption context in subsequent cryptographic operation requests. The grant allows the operation only when the encryption context in the request is the same as the encryption context specified in this constraint. Conflicts with encryption_context_subset.
	// +mapType=granular
	EncryptionContextEquals map[string]*string `json:"encryptionContextEquals,omitempty" tf:"encryption_context_equals,omitempty"`

	// A list of key-value pairs that must be included in the encryption context of subsequent cryptographic operation requests. The grant allows the cryptographic operation only when the encryption context in the request includes the key-value pairs specified in this constraint, although it can include additional key-value pairs. Conflicts with encryption_context_equals.
	// +mapType=granular
	EncryptionContextSubset map[string]*string `json:"encryptionContextSubset,omitempty" tf:"encryption_context_subset,omitempty"`
}

func (*ConstraintsObservation) DeepCopy 

func (in *ConstraintsObservation) DeepCopy() *ConstraintsObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConstraintsObservation.

func (*ConstraintsObservation) DeepCopyInto 

func (in *ConstraintsObservation) DeepCopyInto(out *ConstraintsObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConstraintsParameters 

type ConstraintsParameters struct {

	// A list of key-value pairs that must match the encryption context in subsequent cryptographic operation requests. The grant allows the operation only when the encryption context in the request is the same as the encryption context specified in this constraint. Conflicts with encryption_context_subset.
	// +kubebuilder:validation:Optional
	// +mapType=granular
	EncryptionContextEquals map[string]*string `json:"encryptionContextEquals,omitempty" tf:"encryption_context_equals,omitempty"`

	// A list of key-value pairs that must be included in the encryption context of subsequent cryptographic operation requests. The grant allows the cryptographic operation only when the encryption context in the request includes the key-value pairs specified in this constraint, although it can include additional key-value pairs. Conflicts with encryption_context_equals.
	// +kubebuilder:validation:Optional
	// +mapType=granular
	EncryptionContextSubset map[string]*string `json:"encryptionContextSubset,omitempty" tf:"encryption_context_subset,omitempty"`
}

func (*ConstraintsParameters) DeepCopy 

func (in *ConstraintsParameters) DeepCopy() *ConstraintsParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConstraintsParameters.

func (*ConstraintsParameters) DeepCopyInto 

func (in *ConstraintsParameters) DeepCopyInto(out *ConstraintsParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalKey 

type ExternalKey struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              ExternalKeySpec   `json:"spec"`
	Status            ExternalKeyStatus `json:"status,omitempty"`
}

ExternalKey is the Schema for the ExternalKeys API. Manages a single-Region or multi-Region primary KMS key that uses external key material. +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}

func (*ExternalKey) DeepCopy 

func (in *ExternalKey) DeepCopy() *ExternalKey

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalKey.

func (*ExternalKey) DeepCopyInto 

func (in *ExternalKey) DeepCopyInto(out *ExternalKey)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ExternalKey) DeepCopyObject 

func (in *ExternalKey) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ExternalKey) GetCondition 

func (mg *ExternalKey) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this ExternalKey.

func (*ExternalKey) GetConnectionDetailsMapping 

func (tr *ExternalKey) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this ExternalKey

func (*ExternalKey) GetDeletionPolicy 

func (mg *ExternalKey) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this ExternalKey.

func (*ExternalKey) GetID 

func (tr *ExternalKey) GetID() string

GetID returns ID of underlying Terraform resource of this ExternalKey

func (*ExternalKey) GetInitParameters added in v0.38.0 

func (tr *ExternalKey) GetInitParameters() (map[string]any, error)

GetInitParameters of this ExternalKey

func (*ExternalKey) GetManagementPolicies added in v0.38.0 

func (mg *ExternalKey) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this ExternalKey.

func (*ExternalKey) GetMergedParameters added in v0.44.0 

func (tr *ExternalKey) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this ExternalKey

func (*ExternalKey) GetObservation 

func (tr *ExternalKey) GetObservation() (map[string]any, error)

GetObservation of this ExternalKey

func (*ExternalKey) GetParameters 

func (tr *ExternalKey) GetParameters() (map[string]any, error)

GetParameters of this ExternalKey

func (*ExternalKey) GetProviderConfigReference 

func (mg *ExternalKey) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this ExternalKey.

func (*ExternalKey) GetPublishConnectionDetailsTo 

func (mg *ExternalKey) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this ExternalKey.

func (*ExternalKey) GetTerraformResourceType 

func (mg *ExternalKey) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this ExternalKey

func (*ExternalKey) GetTerraformSchemaVersion 

func (tr *ExternalKey) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*ExternalKey) GetWriteConnectionSecretToReference 

func (mg *ExternalKey) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this ExternalKey.

func (*ExternalKey) Hub added in v0.47.2 

func (tr *ExternalKey) Hub()

Hub marks this type as a conversion hub.

func (*ExternalKey) LateInitialize 

func (tr *ExternalKey) LateInitialize(attrs []byte) (bool, error)

LateInitialize this ExternalKey using its observed tfState. returns True if there are any spec changes for the resource.

func (*ExternalKey) SetConditions 

func (mg *ExternalKey) SetConditions(c ...xpv1.Condition)

SetConditions of this ExternalKey.

func (*ExternalKey) SetDeletionPolicy 

func (mg *ExternalKey) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this ExternalKey.

func (*ExternalKey) SetManagementPolicies added in v0.38.0 

func (mg *ExternalKey) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this ExternalKey.

func (*ExternalKey) SetObservation 

func (tr *ExternalKey) SetObservation(obs map[string]any) error

SetObservation for this ExternalKey

func (*ExternalKey) SetParameters 

func (tr *ExternalKey) SetParameters(params map[string]any) error

SetParameters for this ExternalKey

func (*ExternalKey) SetProviderConfigReference 

func (mg *ExternalKey) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this ExternalKey.

func (*ExternalKey) SetPublishConnectionDetailsTo 

func (mg *ExternalKey) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this ExternalKey.

func (*ExternalKey) SetWriteConnectionSecretToReference 

func (mg *ExternalKey) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this ExternalKey.

type ExternalKeyInitParameters added in v0.38.0 

type ExternalKeyInitParameters struct {

	// Specifies whether to disable the policy lockout check performed when creating or updating the key's policy. Setting this value to true increases the risk that the key becomes unmanageable. For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide. Defaults to false.
	BypassPolicyLockoutSafetyCheck *bool `json:"bypassPolicyLockoutSafetyCheck,omitempty" tf:"bypass_policy_lockout_safety_check,omitempty"`

	// Duration in days after which the key is deleted after destruction of the resource. Must be between 7 and 30 days. Defaults to 30.
	DeletionWindowInDays *float64 `json:"deletionWindowInDays,omitempty" tf:"deletion_window_in_days,omitempty"`

	// Description of the key.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specifies whether the key is enabled. Keys pending import can only be false. Imported keys default to true unless expired.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// Base64 encoded 256-bit symmetric encryption key material to import. The CMK is permanently associated with this key material. The same key material can be reimported, but you cannot import different key material.
	KeyMaterialBase64SecretRef *v1.SecretKeySelector `json:"keyMaterialBase64SecretRef,omitempty" tf:"-"`

	// Indicates whether the KMS key is a multi-Region (true) or regional (false) key. Defaults to false.
	MultiRegion *bool `json:"multiRegion,omitempty" tf:"multi_region,omitempty"`

	// A key policy JSON document. If you do not provide a key policy, AWS KMS attaches a default key policy to the CMK.
	Policy *string `json:"policy,omitempty" tf:"policy,omitempty"`

	// Key-value map of resource tags.
	// +mapType=granular
	Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`

	// Time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. If not specified, key material does not expire. Valid values: RFC3339 time string (YYYY-MM-DDTHH:MM:SSZ)
	ValidTo *string `json:"validTo,omitempty" tf:"valid_to,omitempty"`
}

func (*ExternalKeyInitParameters) DeepCopy added in v0.38.0 

func (in *ExternalKeyInitParameters) DeepCopy() *ExternalKeyInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalKeyInitParameters.

func (*ExternalKeyInitParameters) DeepCopyInto added in v0.38.0 

func (in *ExternalKeyInitParameters) DeepCopyInto(out *ExternalKeyInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalKeyList 

type ExternalKeyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ExternalKey `json:"items"`
}

ExternalKeyList contains a list of ExternalKeys

func (*ExternalKeyList) DeepCopy 

func (in *ExternalKeyList) DeepCopy() *ExternalKeyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalKeyList.

func (*ExternalKeyList) DeepCopyInto 

func (in *ExternalKeyList) DeepCopyInto(out *ExternalKeyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ExternalKeyList) DeepCopyObject 

func (in *ExternalKeyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ExternalKeyList) GetItems 

func (l *ExternalKeyList) GetItems() []resource.Managed

GetItems of this ExternalKeyList.

type ExternalKeyObservation 

type ExternalKeyObservation struct {

	// The Amazon Resource Name (ARN) of the key.
	Arn *string `json:"arn,omitempty" tf:"arn,omitempty"`

	// Specifies whether to disable the policy lockout check performed when creating or updating the key's policy. Setting this value to true increases the risk that the key becomes unmanageable. For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide. Defaults to false.
	BypassPolicyLockoutSafetyCheck *bool `json:"bypassPolicyLockoutSafetyCheck,omitempty" tf:"bypass_policy_lockout_safety_check,omitempty"`

	// Duration in days after which the key is deleted after destruction of the resource. Must be between 7 and 30 days. Defaults to 30.
	DeletionWindowInDays *float64 `json:"deletionWindowInDays,omitempty" tf:"deletion_window_in_days,omitempty"`

	// Description of the key.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specifies whether the key is enabled. Keys pending import can only be false. Imported keys default to true unless expired.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// Whether the key material expires. Empty when pending key material import, otherwise KEY_MATERIAL_EXPIRES or KEY_MATERIAL_DOES_NOT_EXPIRE.
	ExpirationModel *string `json:"expirationModel,omitempty" tf:"expiration_model,omitempty"`

	// The unique identifier for the key.
	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The state of the CMK.
	KeyState *string `json:"keyState,omitempty" tf:"key_state,omitempty"`

	// The cryptographic operations for which you can use the CMK.
	KeyUsage *string `json:"keyUsage,omitempty" tf:"key_usage,omitempty"`

	// Indicates whether the KMS key is a multi-Region (true) or regional (false) key. Defaults to false.
	MultiRegion *bool `json:"multiRegion,omitempty" tf:"multi_region,omitempty"`

	// A key policy JSON document. If you do not provide a key policy, AWS KMS attaches a default key policy to the CMK.
	Policy *string `json:"policy,omitempty" tf:"policy,omitempty"`

	// Key-value map of resource tags.
	// +mapType=granular
	Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`

	// A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
	// +mapType=granular
	TagsAll map[string]*string `json:"tagsAll,omitempty" tf:"tags_all,omitempty"`

	// Time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. If not specified, key material does not expire. Valid values: RFC3339 time string (YYYY-MM-DDTHH:MM:SSZ)
	ValidTo *string `json:"validTo,omitempty" tf:"valid_to,omitempty"`
}

func (*ExternalKeyObservation) DeepCopy 

func (in *ExternalKeyObservation) DeepCopy() *ExternalKeyObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalKeyObservation.

func (*ExternalKeyObservation) DeepCopyInto 

func (in *ExternalKeyObservation) DeepCopyInto(out *ExternalKeyObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalKeyParameters 

type ExternalKeyParameters struct {

	// Specifies whether to disable the policy lockout check performed when creating or updating the key's policy. Setting this value to true increases the risk that the key becomes unmanageable. For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide. Defaults to false.
	// +kubebuilder:validation:Optional
	BypassPolicyLockoutSafetyCheck *bool `json:"bypassPolicyLockoutSafetyCheck,omitempty" tf:"bypass_policy_lockout_safety_check,omitempty"`

	// Duration in days after which the key is deleted after destruction of the resource. Must be between 7 and 30 days. Defaults to 30.
	// +kubebuilder:validation:Optional
	DeletionWindowInDays *float64 `json:"deletionWindowInDays,omitempty" tf:"deletion_window_in_days,omitempty"`

	// Description of the key.
	// +kubebuilder:validation:Optional
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specifies whether the key is enabled. Keys pending import can only be false. Imported keys default to true unless expired.
	// +kubebuilder:validation:Optional
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// Base64 encoded 256-bit symmetric encryption key material to import. The CMK is permanently associated with this key material. The same key material can be reimported, but you cannot import different key material.
	// +kubebuilder:validation:Optional
	KeyMaterialBase64SecretRef *v1.SecretKeySelector `json:"keyMaterialBase64SecretRef,omitempty" tf:"-"`

	// Indicates whether the KMS key is a multi-Region (true) or regional (false) key. Defaults to false.
	// +kubebuilder:validation:Optional
	MultiRegion *bool `json:"multiRegion,omitempty" tf:"multi_region,omitempty"`

	// A key policy JSON document. If you do not provide a key policy, AWS KMS attaches a default key policy to the CMK.
	// +kubebuilder:validation:Optional
	Policy *string `json:"policy,omitempty" tf:"policy,omitempty"`

	// Region is the region you'd like your resource to be created in.
	// +upjet:crd:field:TFTag=-
	// +kubebuilder:validation:Required
	Region *string `json:"region" tf:"-"`

	// Key-value map of resource tags.
	// +kubebuilder:validation:Optional
	// +mapType=granular
	Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`

	// Time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the CMK becomes unusable. If not specified, key material does not expire. Valid values: RFC3339 time string (YYYY-MM-DDTHH:MM:SSZ)
	// +kubebuilder:validation:Optional
	ValidTo *string `json:"validTo,omitempty" tf:"valid_to,omitempty"`
}

func (*ExternalKeyParameters) DeepCopy 

func (in *ExternalKeyParameters) DeepCopy() *ExternalKeyParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalKeyParameters.

func (*ExternalKeyParameters) DeepCopyInto 

func (in *ExternalKeyParameters) DeepCopyInto(out *ExternalKeyParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalKeySpec 

type ExternalKeySpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     ExternalKeyParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider ExternalKeyInitParameters `json:"initProvider,omitempty"`
}

ExternalKeySpec defines the desired state of ExternalKey

func (*ExternalKeySpec) DeepCopy 

func (in *ExternalKeySpec) DeepCopy() *ExternalKeySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalKeySpec.

func (*ExternalKeySpec) DeepCopyInto 

func (in *ExternalKeySpec) DeepCopyInto(out *ExternalKeySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ExternalKeyStatus 

type ExternalKeyStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        ExternalKeyObservation `json:"atProvider,omitempty"`
}

ExternalKeyStatus defines the observed state of ExternalKey.

func (*ExternalKeyStatus) DeepCopy 

func (in *ExternalKeyStatus) DeepCopy() *ExternalKeyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ExternalKeyStatus.

func (*ExternalKeyStatus) DeepCopyInto 

func (in *ExternalKeyStatus) DeepCopyInto(out *ExternalKeyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Grant 

type Grant struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.operations) || (has(self.initProvider) && has(self.initProvider.operations))",message="spec.forProvider.operations is a required parameter"
	Spec   GrantSpec   `json:"spec"`
	Status GrantStatus `json:"status,omitempty"`
}

Grant is the Schema for the Grants API. Provides a resource-based access control mechanism for KMS Customer Master Keys. +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}

func (*Grant) DeepCopy 

func (in *Grant) DeepCopy() *Grant

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Grant.

func (*Grant) DeepCopyInto 

func (in *Grant) DeepCopyInto(out *Grant)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Grant) DeepCopyObject 

func (in *Grant) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Grant) GetCondition 

func (mg *Grant) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this Grant.

func (*Grant) GetConnectionDetailsMapping 

func (tr *Grant) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this Grant

func (*Grant) GetDeletionPolicy 

func (mg *Grant) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this Grant.

func (*Grant) GetID 

func (tr *Grant) GetID() string

GetID returns ID of underlying Terraform resource of this Grant

func (*Grant) GetInitParameters added in v0.38.0 

func (tr *Grant) GetInitParameters() (map[string]any, error)

GetInitParameters of this Grant

func (*Grant) GetManagementPolicies added in v0.38.0 

func (mg *Grant) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this Grant.

func (*Grant) GetMergedParameters added in v0.44.0 

func (tr *Grant) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this Grant

func (*Grant) GetObservation 

func (tr *Grant) GetObservation() (map[string]any, error)

GetObservation of this Grant

func (*Grant) GetParameters 

func (tr *Grant) GetParameters() (map[string]any, error)

GetParameters of this Grant

func (*Grant) GetProviderConfigReference 

func (mg *Grant) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this Grant.

func (*Grant) GetPublishConnectionDetailsTo 

func (mg *Grant) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this Grant.

func (*Grant) GetTerraformResourceType 

func (mg *Grant) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this Grant

func (*Grant) GetTerraformSchemaVersion 

func (tr *Grant) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*Grant) GetWriteConnectionSecretToReference 

func (mg *Grant) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this Grant.

func (*Grant) Hub added in v0.47.2 

func (tr *Grant) Hub()

Hub marks this type as a conversion hub.

func (*Grant) LateInitialize 

func (tr *Grant) LateInitialize(attrs []byte) (bool, error)

LateInitialize this Grant using its observed tfState. returns True if there are any spec changes for the resource.

func (*Grant) ResolveReferences 

func (mg *Grant) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this Grant.

func (*Grant) SetConditions 

func (mg *Grant) SetConditions(c ...xpv1.Condition)

SetConditions of this Grant.

func (*Grant) SetDeletionPolicy 

func (mg *Grant) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this Grant.

func (*Grant) SetManagementPolicies added in v0.38.0 

func (mg *Grant) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this Grant.

func (*Grant) SetObservation 

func (tr *Grant) SetObservation(obs map[string]any) error

SetObservation for this Grant

func (*Grant) SetParameters 

func (tr *Grant) SetParameters(params map[string]any) error

SetParameters for this Grant

func (*Grant) SetProviderConfigReference 

func (mg *Grant) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this Grant.

func (*Grant) SetPublishConnectionDetailsTo 

func (mg *Grant) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this Grant.

func (*Grant) SetWriteConnectionSecretToReference 

func (mg *Grant) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this Grant.

type GrantInitParameters added in v0.38.0 

type GrantInitParameters struct {

	// A structure that you can use to allow certain operations in the grant only when the desired encryption context is present. For more information about encryption context, see Encryption Context.
	Constraints []ConstraintsInitParameters `json:"constraints,omitempty" tf:"constraints,omitempty"`

	// A list of grant tokens to be used when creating the grant. See Grant Tokens for more information about grant tokens.
	// +listType=set
	GrantCreationTokens []*string `json:"grantCreationTokens,omitempty" tf:"grant_creation_tokens,omitempty"`

	// The principal that is given permission to perform the operations that the grant permits in ARN format.
	// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Role
	// +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("arn",true)
	GranteePrincipal *string `json:"granteePrincipal,omitempty" tf:"grantee_principal,omitempty"`

	// Reference to a Role in iam to populate granteePrincipal.
	// +kubebuilder:validation:Optional
	GranteePrincipalRef *v1.Reference `json:"granteePrincipalRef,omitempty" tf:"-"`

	// Selector for a Role in iam to populate granteePrincipal.
	// +kubebuilder:validation:Optional
	GranteePrincipalSelector *v1.Selector `json:"granteePrincipalSelector,omitempty" tf:"-"`

	// The unique identifier for the customer master key (CMK) that the grant applies to. Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN.
	// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/kms/v1beta1.Key
	// +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor()
	KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"`

	// Reference to a Key in kms to populate keyId.
	// +kubebuilder:validation:Optional
	KeyIDRef *v1.Reference `json:"keyIdRef,omitempty" tf:"-"`

	// Selector for a Key in kms to populate keyId.
	// +kubebuilder:validation:Optional
	KeyIDSelector *v1.Selector `json:"keyIdSelector,omitempty" tf:"-"`

	// A friendly name for identifying the grant.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// A list of operations that the grant permits. The permitted values are: Decrypt, Encrypt, GenerateDataKey, GenerateDataKeyWithoutPlaintext, ReEncryptFrom, ReEncryptTo, Sign, Verify, GetPublicKey, CreateGrant, RetireGrant, DescribeKey, GenerateDataKeyPair, or GenerateDataKeyPairWithoutPlaintext.
	// +listType=set
	Operations []*string `json:"operations,omitempty" tf:"operations,omitempty"`

	// (Defaults to false, Forces new resources) If set to false (the default) the grants will be revoked upon deletion, and if set to true the grants will try to be retired upon deletion. Note that retiring grants requires special permissions, hence why we default to revoking grants.
	// See RetireGrant for more information.
	RetireOnDelete *bool `json:"retireOnDelete,omitempty" tf:"retire_on_delete,omitempty"`

	// The principal that is given permission to retire the grant by using RetireGrant operation in ARN format.
	RetiringPrincipal *string `json:"retiringPrincipal,omitempty" tf:"retiring_principal,omitempty"`
}

func (*GrantInitParameters) DeepCopy added in v0.38.0 

func (in *GrantInitParameters) DeepCopy() *GrantInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrantInitParameters.

func (*GrantInitParameters) DeepCopyInto added in v0.38.0 

func (in *GrantInitParameters) DeepCopyInto(out *GrantInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GrantList 

type GrantList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Grant `json:"items"`
}

GrantList contains a list of Grants

func (*GrantList) DeepCopy 

func (in *GrantList) DeepCopy() *GrantList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrantList.

func (*GrantList) DeepCopyInto 

func (in *GrantList) DeepCopyInto(out *GrantList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*GrantList) DeepCopyObject 

func (in *GrantList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*GrantList) GetItems 

func (l *GrantList) GetItems() []resource.Managed

GetItems of this GrantList.

type GrantObservation 

type GrantObservation struct {

	// A structure that you can use to allow certain operations in the grant only when the desired encryption context is present. For more information about encryption context, see Encryption Context.
	Constraints []ConstraintsObservation `json:"constraints,omitempty" tf:"constraints,omitempty"`

	// A list of grant tokens to be used when creating the grant. See Grant Tokens for more information about grant tokens.
	// +listType=set
	GrantCreationTokens []*string `json:"grantCreationTokens,omitempty" tf:"grant_creation_tokens,omitempty"`

	// The unique identifier for the grant.
	GrantID *string `json:"grantId,omitempty" tf:"grant_id,omitempty"`

	// The principal that is given permission to perform the operations that the grant permits in ARN format.
	GranteePrincipal *string `json:"granteePrincipal,omitempty" tf:"grantee_principal,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The unique identifier for the customer master key (CMK) that the grant applies to. Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN.
	KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"`

	// A friendly name for identifying the grant.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// A list of operations that the grant permits. The permitted values are: Decrypt, Encrypt, GenerateDataKey, GenerateDataKeyWithoutPlaintext, ReEncryptFrom, ReEncryptTo, Sign, Verify, GetPublicKey, CreateGrant, RetireGrant, DescribeKey, GenerateDataKeyPair, or GenerateDataKeyPairWithoutPlaintext.
	// +listType=set
	Operations []*string `json:"operations,omitempty" tf:"operations,omitempty"`

	// (Defaults to false, Forces new resources) If set to false (the default) the grants will be revoked upon deletion, and if set to true the grants will try to be retired upon deletion. Note that retiring grants requires special permissions, hence why we default to revoking grants.
	// See RetireGrant for more information.
	RetireOnDelete *bool `json:"retireOnDelete,omitempty" tf:"retire_on_delete,omitempty"`

	// The principal that is given permission to retire the grant by using RetireGrant operation in ARN format.
	RetiringPrincipal *string `json:"retiringPrincipal,omitempty" tf:"retiring_principal,omitempty"`
}

func (*GrantObservation) DeepCopy 

func (in *GrantObservation) DeepCopy() *GrantObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrantObservation.

func (*GrantObservation) DeepCopyInto 

func (in *GrantObservation) DeepCopyInto(out *GrantObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GrantParameters 

type GrantParameters struct {

	// A structure that you can use to allow certain operations in the grant only when the desired encryption context is present. For more information about encryption context, see Encryption Context.
	// +kubebuilder:validation:Optional
	Constraints []ConstraintsParameters `json:"constraints,omitempty" tf:"constraints,omitempty"`

	// A list of grant tokens to be used when creating the grant. See Grant Tokens for more information about grant tokens.
	// +kubebuilder:validation:Optional
	// +listType=set
	GrantCreationTokens []*string `json:"grantCreationTokens,omitempty" tf:"grant_creation_tokens,omitempty"`

	// The principal that is given permission to perform the operations that the grant permits in ARN format.
	// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Role
	// +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("arn",true)
	// +kubebuilder:validation:Optional
	GranteePrincipal *string `json:"granteePrincipal,omitempty" tf:"grantee_principal,omitempty"`

	// Reference to a Role in iam to populate granteePrincipal.
	// +kubebuilder:validation:Optional
	GranteePrincipalRef *v1.Reference `json:"granteePrincipalRef,omitempty" tf:"-"`

	// Selector for a Role in iam to populate granteePrincipal.
	// +kubebuilder:validation:Optional
	GranteePrincipalSelector *v1.Selector `json:"granteePrincipalSelector,omitempty" tf:"-"`

	// The unique identifier for the customer master key (CMK) that the grant applies to. Specify the key ID or the Amazon Resource Name (ARN) of the CMK. To specify a CMK in a different AWS account, you must use the key ARN.
	// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/kms/v1beta1.Key
	// +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor()
	// +kubebuilder:validation:Optional
	KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"`

	// Reference to a Key in kms to populate keyId.
	// +kubebuilder:validation:Optional
	KeyIDRef *v1.Reference `json:"keyIdRef,omitempty" tf:"-"`

	// Selector for a Key in kms to populate keyId.
	// +kubebuilder:validation:Optional
	KeyIDSelector *v1.Selector `json:"keyIdSelector,omitempty" tf:"-"`

	// A friendly name for identifying the grant.
	// +kubebuilder:validation:Optional
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// A list of operations that the grant permits. The permitted values are: Decrypt, Encrypt, GenerateDataKey, GenerateDataKeyWithoutPlaintext, ReEncryptFrom, ReEncryptTo, Sign, Verify, GetPublicKey, CreateGrant, RetireGrant, DescribeKey, GenerateDataKeyPair, or GenerateDataKeyPairWithoutPlaintext.
	// +kubebuilder:validation:Optional
	// +listType=set
	Operations []*string `json:"operations,omitempty" tf:"operations,omitempty"`

	// Region is the region you'd like your resource to be created in.
	// +upjet:crd:field:TFTag=-
	// +kubebuilder:validation:Required
	Region *string `json:"region" tf:"-"`

	// (Defaults to false, Forces new resources) If set to false (the default) the grants will be revoked upon deletion, and if set to true the grants will try to be retired upon deletion. Note that retiring grants requires special permissions, hence why we default to revoking grants.
	// See RetireGrant for more information.
	// +kubebuilder:validation:Optional
	RetireOnDelete *bool `json:"retireOnDelete,omitempty" tf:"retire_on_delete,omitempty"`

	// The principal that is given permission to retire the grant by using RetireGrant operation in ARN format.
	// +kubebuilder:validation:Optional
	RetiringPrincipal *string `json:"retiringPrincipal,omitempty" tf:"retiring_principal,omitempty"`
}

func (*GrantParameters) DeepCopy 

func (in *GrantParameters) DeepCopy() *GrantParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrantParameters.

func (*GrantParameters) DeepCopyInto 

func (in *GrantParameters) DeepCopyInto(out *GrantParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GrantSpec 

type GrantSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     GrantParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider GrantInitParameters `json:"initProvider,omitempty"`
}

GrantSpec defines the desired state of Grant

func (*GrantSpec) DeepCopy 

func (in *GrantSpec) DeepCopy() *GrantSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrantSpec.

func (*GrantSpec) DeepCopyInto 

func (in *GrantSpec) DeepCopyInto(out *GrantSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type GrantStatus 

type GrantStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        GrantObservation `json:"atProvider,omitempty"`
}

GrantStatus defines the observed state of Grant.

func (*GrantStatus) DeepCopy 

func (in *GrantStatus) DeepCopy() *GrantStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new GrantStatus.

func (*GrantStatus) DeepCopyInto 

func (in *GrantStatus) DeepCopyInto(out *GrantStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Key 

type Key struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              KeySpec   `json:"spec"`
	Status            KeyStatus `json:"status,omitempty"`
}

Key is the Schema for the Keys API. Manages a single-Region or multi-Region primary KMS key. +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}

func (*Key) DeepCopy 

func (in *Key) DeepCopy() *Key

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Key.

func (*Key) DeepCopyInto 

func (in *Key) DeepCopyInto(out *Key)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Key) DeepCopyObject 

func (in *Key) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Key) GetCondition 

func (mg *Key) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this Key.

func (*Key) GetConnectionDetailsMapping 

func (tr *Key) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this Key

func (*Key) GetDeletionPolicy 

func (mg *Key) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this Key.

func (*Key) GetID 

func (tr *Key) GetID() string

GetID returns ID of underlying Terraform resource of this Key

func (*Key) GetInitParameters added in v0.38.0 

func (tr *Key) GetInitParameters() (map[string]any, error)

GetInitParameters of this Key

func (*Key) GetManagementPolicies added in v0.38.0 

func (mg *Key) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this Key.

func (*Key) GetMergedParameters added in v0.44.0 

func (tr *Key) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this Key

func (*Key) GetObservation 

func (tr *Key) GetObservation() (map[string]any, error)

GetObservation of this Key

func (*Key) GetParameters 

func (tr *Key) GetParameters() (map[string]any, error)

GetParameters of this Key

func (*Key) GetProviderConfigReference 

func (mg *Key) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this Key.

func (*Key) GetPublishConnectionDetailsTo 

func (mg *Key) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this Key.

func (*Key) GetTerraformResourceType 

func (mg *Key) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this Key

func (*Key) GetTerraformSchemaVersion 

func (tr *Key) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*Key) GetWriteConnectionSecretToReference 

func (mg *Key) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this Key.

func (*Key) Hub added in v0.47.2 

func (tr *Key) Hub()

Hub marks this type as a conversion hub.

func (*Key) LateInitialize 

func (tr *Key) LateInitialize(attrs []byte) (bool, error)

LateInitialize this Key using its observed tfState. returns True if there are any spec changes for the resource.

func (*Key) SetConditions 

func (mg *Key) SetConditions(c ...xpv1.Condition)

SetConditions of this Key.

func (*Key) SetDeletionPolicy 

func (mg *Key) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this Key.

func (*Key) SetManagementPolicies added in v0.38.0 

func (mg *Key) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this Key.

func (*Key) SetObservation 

func (tr *Key) SetObservation(obs map[string]any) error

SetObservation for this Key

func (*Key) SetParameters 

func (tr *Key) SetParameters(params map[string]any) error

SetParameters for this Key

func (*Key) SetProviderConfigReference 

func (mg *Key) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this Key.

func (*Key) SetPublishConnectionDetailsTo 

func (mg *Key) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this Key.

func (*Key) SetWriteConnectionSecretToReference 

func (mg *Key) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this Key.

type KeyInitParameters added in v0.38.0 

type KeyInitParameters struct {

	// A flag to indicate whether to bypass the key policy lockout safety check.
	// Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.
	// For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide.
	// The default value is false.
	BypassPolicyLockoutSafetyCheck *bool `json:"bypassPolicyLockoutSafetyCheck,omitempty" tf:"bypass_policy_lockout_safety_check,omitempty"`

	// ID of the KMS Custom Key Store where the key will be stored instead of KMS (eg CloudHSM).
	CustomKeyStoreID *string `json:"customKeyStoreId,omitempty" tf:"custom_key_store_id,omitempty"`

	// Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports.
	// Valid values: SYMMETRIC_DEFAULT,  RSA_2048, RSA_3072, RSA_4096, HMAC_256, ECC_NIST_P256, ECC_NIST_P384, ECC_NIST_P521, or ECC_SECG_P256K1. Defaults to SYMMETRIC_DEFAULT. For help with choosing a key spec, see the AWS KMS Developer Guide.
	CustomerMasterKeySpec *string `json:"customerMasterKeySpec,omitempty" tf:"customer_master_key_spec,omitempty"`

	// The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.
	// If you specify a value, it must be between 7 and 30, inclusive. If you do not specify a value, it defaults to 30.
	// If the KMS key is a multi-Region primary key with replicas, the waiting period begins when the last of its replica keys is deleted. Otherwise, the waiting period begins immediately.
	DeletionWindowInDays *float64 `json:"deletionWindowInDays,omitempty" tf:"deletion_window_in_days,omitempty"`

	// The description of the key as viewed in AWS console.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specifies whether key rotation is enabled. Defaults to false.
	EnableKeyRotation *bool `json:"enableKeyRotation,omitempty" tf:"enable_key_rotation,omitempty"`

	// Specifies whether the key is enabled. Defaults to true.
	IsEnabled *bool `json:"isEnabled,omitempty" tf:"is_enabled,omitempty"`

	// Specifies the intended use of the key. Valid values: ENCRYPT_DECRYPT, SIGN_VERIFY, or GENERATE_VERIFY_MAC.
	// Defaults to ENCRYPT_DECRYPT.
	KeyUsage *string `json:"keyUsage,omitempty" tf:"key_usage,omitempty"`

	// Indicates whether the KMS key is a multi-Region (true) or regional (false) key. Defaults to false.
	MultiRegion *bool `json:"multiRegion,omitempty" tf:"multi_region,omitempty"`

	// A valid policy JSON document. Although this is a key policy, not an IAM policy, an aws_iam_policy_document, in the form that designates a principal, can be used.
	Policy *string `json:"policy,omitempty" tf:"policy,omitempty"`

	// Custom period of time between each rotation date. Must be a number between 90 and 2560 (inclusive).
	RotationPeriodInDays *float64 `json:"rotationPeriodInDays,omitempty" tf:"rotation_period_in_days,omitempty"`

	// Key-value map of resource tags.
	// +mapType=granular
	Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`

	// Identifies the external key that serves as key material for the KMS key in an external key store.
	XksKeyID *string `json:"xksKeyId,omitempty" tf:"xks_key_id,omitempty"`
}

func (*KeyInitParameters) DeepCopy added in v0.38.0 

func (in *KeyInitParameters) DeepCopy() *KeyInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyInitParameters.

func (*KeyInitParameters) DeepCopyInto added in v0.38.0 

func (in *KeyInitParameters) DeepCopyInto(out *KeyInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeyList 

type KeyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Key `json:"items"`
}

KeyList contains a list of Keys

func (*KeyList) DeepCopy 

func (in *KeyList) DeepCopy() *KeyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyList.

func (*KeyList) DeepCopyInto 

func (in *KeyList) DeepCopyInto(out *KeyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KeyList) DeepCopyObject 

func (in *KeyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*KeyList) GetItems 

func (l *KeyList) GetItems() []resource.Managed

GetItems of this KeyList.

type KeyObservation 

type KeyObservation struct {

	// The Amazon Resource Name (ARN) of the key.
	Arn *string `json:"arn,omitempty" tf:"arn,omitempty"`

	// A flag to indicate whether to bypass the key policy lockout safety check.
	// Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.
	// For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide.
	// The default value is false.
	BypassPolicyLockoutSafetyCheck *bool `json:"bypassPolicyLockoutSafetyCheck,omitempty" tf:"bypass_policy_lockout_safety_check,omitempty"`

	// ID of the KMS Custom Key Store where the key will be stored instead of KMS (eg CloudHSM).
	CustomKeyStoreID *string `json:"customKeyStoreId,omitempty" tf:"custom_key_store_id,omitempty"`

	// Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports.
	// Valid values: SYMMETRIC_DEFAULT,  RSA_2048, RSA_3072, RSA_4096, HMAC_256, ECC_NIST_P256, ECC_NIST_P384, ECC_NIST_P521, or ECC_SECG_P256K1. Defaults to SYMMETRIC_DEFAULT. For help with choosing a key spec, see the AWS KMS Developer Guide.
	CustomerMasterKeySpec *string `json:"customerMasterKeySpec,omitempty" tf:"customer_master_key_spec,omitempty"`

	// The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.
	// If you specify a value, it must be between 7 and 30, inclusive. If you do not specify a value, it defaults to 30.
	// If the KMS key is a multi-Region primary key with replicas, the waiting period begins when the last of its replica keys is deleted. Otherwise, the waiting period begins immediately.
	DeletionWindowInDays *float64 `json:"deletionWindowInDays,omitempty" tf:"deletion_window_in_days,omitempty"`

	// The description of the key as viewed in AWS console.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specifies whether key rotation is enabled. Defaults to false.
	EnableKeyRotation *bool `json:"enableKeyRotation,omitempty" tf:"enable_key_rotation,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// Specifies whether the key is enabled. Defaults to true.
	IsEnabled *bool `json:"isEnabled,omitempty" tf:"is_enabled,omitempty"`

	// The globally unique identifier for the key.
	KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"`

	// Specifies the intended use of the key. Valid values: ENCRYPT_DECRYPT, SIGN_VERIFY, or GENERATE_VERIFY_MAC.
	// Defaults to ENCRYPT_DECRYPT.
	KeyUsage *string `json:"keyUsage,omitempty" tf:"key_usage,omitempty"`

	// Indicates whether the KMS key is a multi-Region (true) or regional (false) key. Defaults to false.
	MultiRegion *bool `json:"multiRegion,omitempty" tf:"multi_region,omitempty"`

	// A valid policy JSON document. Although this is a key policy, not an IAM policy, an aws_iam_policy_document, in the form that designates a principal, can be used.
	Policy *string `json:"policy,omitempty" tf:"policy,omitempty"`

	// Custom period of time between each rotation date. Must be a number between 90 and 2560 (inclusive).
	RotationPeriodInDays *float64 `json:"rotationPeriodInDays,omitempty" tf:"rotation_period_in_days,omitempty"`

	// Key-value map of resource tags.
	// +mapType=granular
	Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`

	// A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
	// +mapType=granular
	TagsAll map[string]*string `json:"tagsAll,omitempty" tf:"tags_all,omitempty"`

	// Identifies the external key that serves as key material for the KMS key in an external key store.
	XksKeyID *string `json:"xksKeyId,omitempty" tf:"xks_key_id,omitempty"`
}

func (*KeyObservation) DeepCopy 

func (in *KeyObservation) DeepCopy() *KeyObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyObservation.

func (*KeyObservation) DeepCopyInto 

func (in *KeyObservation) DeepCopyInto(out *KeyObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeyParameters 

type KeyParameters struct {

	// A flag to indicate whether to bypass the key policy lockout safety check.
	// Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.
	// For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide.
	// The default value is false.
	// +kubebuilder:validation:Optional
	BypassPolicyLockoutSafetyCheck *bool `json:"bypassPolicyLockoutSafetyCheck,omitempty" tf:"bypass_policy_lockout_safety_check,omitempty"`

	// ID of the KMS Custom Key Store where the key will be stored instead of KMS (eg CloudHSM).
	// +kubebuilder:validation:Optional
	CustomKeyStoreID *string `json:"customKeyStoreId,omitempty" tf:"custom_key_store_id,omitempty"`

	// Specifies whether the key contains a symmetric key or an asymmetric key pair and the encryption algorithms or signing algorithms that the key supports.
	// Valid values: SYMMETRIC_DEFAULT,  RSA_2048, RSA_3072, RSA_4096, HMAC_256, ECC_NIST_P256, ECC_NIST_P384, ECC_NIST_P521, or ECC_SECG_P256K1. Defaults to SYMMETRIC_DEFAULT. For help with choosing a key spec, see the AWS KMS Developer Guide.
	// +kubebuilder:validation:Optional
	CustomerMasterKeySpec *string `json:"customerMasterKeySpec,omitempty" tf:"customer_master_key_spec,omitempty"`

	// The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.
	// If you specify a value, it must be between 7 and 30, inclusive. If you do not specify a value, it defaults to 30.
	// If the KMS key is a multi-Region primary key with replicas, the waiting period begins when the last of its replica keys is deleted. Otherwise, the waiting period begins immediately.
	// +kubebuilder:validation:Optional
	DeletionWindowInDays *float64 `json:"deletionWindowInDays,omitempty" tf:"deletion_window_in_days,omitempty"`

	// The description of the key as viewed in AWS console.
	// +kubebuilder:validation:Optional
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specifies whether key rotation is enabled. Defaults to false.
	// +kubebuilder:validation:Optional
	EnableKeyRotation *bool `json:"enableKeyRotation,omitempty" tf:"enable_key_rotation,omitempty"`

	// Specifies whether the key is enabled. Defaults to true.
	// +kubebuilder:validation:Optional
	IsEnabled *bool `json:"isEnabled,omitempty" tf:"is_enabled,omitempty"`

	// Specifies the intended use of the key. Valid values: ENCRYPT_DECRYPT, SIGN_VERIFY, or GENERATE_VERIFY_MAC.
	// Defaults to ENCRYPT_DECRYPT.
	// +kubebuilder:validation:Optional
	KeyUsage *string `json:"keyUsage,omitempty" tf:"key_usage,omitempty"`

	// Indicates whether the KMS key is a multi-Region (true) or regional (false) key. Defaults to false.
	// +kubebuilder:validation:Optional
	MultiRegion *bool `json:"multiRegion,omitempty" tf:"multi_region,omitempty"`

	// A valid policy JSON document. Although this is a key policy, not an IAM policy, an aws_iam_policy_document, in the form that designates a principal, can be used.
	// +kubebuilder:validation:Optional
	Policy *string `json:"policy,omitempty" tf:"policy,omitempty"`

	// Region is the region you'd like your resource to be created in.
	// +upjet:crd:field:TFTag=-
	// +kubebuilder:validation:Required
	Region *string `json:"region" tf:"-"`

	// Custom period of time between each rotation date. Must be a number between 90 and 2560 (inclusive).
	// +kubebuilder:validation:Optional
	RotationPeriodInDays *float64 `json:"rotationPeriodInDays,omitempty" tf:"rotation_period_in_days,omitempty"`

	// Key-value map of resource tags.
	// +kubebuilder:validation:Optional
	// +mapType=granular
	Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`

	// Identifies the external key that serves as key material for the KMS key in an external key store.
	// +kubebuilder:validation:Optional
	XksKeyID *string `json:"xksKeyId,omitempty" tf:"xks_key_id,omitempty"`
}

func (*KeyParameters) DeepCopy 

func (in *KeyParameters) DeepCopy() *KeyParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyParameters.

func (*KeyParameters) DeepCopyInto 

func (in *KeyParameters) DeepCopyInto(out *KeyParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeySpec 

type KeySpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     KeyParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider KeyInitParameters `json:"initProvider,omitempty"`
}

KeySpec defines the desired state of Key

func (*KeySpec) DeepCopy 

func (in *KeySpec) DeepCopy() *KeySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeySpec.

func (*KeySpec) DeepCopyInto 

func (in *KeySpec) DeepCopyInto(out *KeySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeyStatus 

type KeyStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        KeyObservation `json:"atProvider,omitempty"`
}

KeyStatus defines the observed state of Key.

func (*KeyStatus) DeepCopy 

func (in *KeyStatus) DeepCopy() *KeyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeyStatus.

func (*KeyStatus) DeepCopyInto 

func (in *KeyStatus) DeepCopyInto(out *KeyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ReplicaExternalKey 

type ReplicaExternalKey struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              ReplicaExternalKeySpec   `json:"spec"`
	Status            ReplicaExternalKeyStatus `json:"status,omitempty"`
}

ReplicaExternalKey is the Schema for the ReplicaExternalKeys API. Manages a KMS multi-Region replica key that uses external key material. +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}

func (*ReplicaExternalKey) DeepCopy 

func (in *ReplicaExternalKey) DeepCopy() *ReplicaExternalKey

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaExternalKey.

func (*ReplicaExternalKey) DeepCopyInto 

func (in *ReplicaExternalKey) DeepCopyInto(out *ReplicaExternalKey)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ReplicaExternalKey) DeepCopyObject 

func (in *ReplicaExternalKey) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ReplicaExternalKey) GetCondition 

func (mg *ReplicaExternalKey) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this ReplicaExternalKey.

func (*ReplicaExternalKey) GetConnectionDetailsMapping 

func (tr *ReplicaExternalKey) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this ReplicaExternalKey

func (*ReplicaExternalKey) GetDeletionPolicy 

func (mg *ReplicaExternalKey) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this ReplicaExternalKey.

func (*ReplicaExternalKey) GetID 

func (tr *ReplicaExternalKey) GetID() string

GetID returns ID of underlying Terraform resource of this ReplicaExternalKey

func (*ReplicaExternalKey) GetInitParameters added in v0.38.0 

func (tr *ReplicaExternalKey) GetInitParameters() (map[string]any, error)

GetInitParameters of this ReplicaExternalKey

func (*ReplicaExternalKey) GetManagementPolicies added in v0.38.0 

func (mg *ReplicaExternalKey) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this ReplicaExternalKey.

func (*ReplicaExternalKey) GetMergedParameters added in v0.44.0 

func (tr *ReplicaExternalKey) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this ReplicaExternalKey

func (*ReplicaExternalKey) GetObservation 

func (tr *ReplicaExternalKey) GetObservation() (map[string]any, error)

GetObservation of this ReplicaExternalKey

func (*ReplicaExternalKey) GetParameters 

func (tr *ReplicaExternalKey) GetParameters() (map[string]any, error)

GetParameters of this ReplicaExternalKey

func (*ReplicaExternalKey) GetProviderConfigReference 

func (mg *ReplicaExternalKey) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this ReplicaExternalKey.

func (*ReplicaExternalKey) GetPublishConnectionDetailsTo 

func (mg *ReplicaExternalKey) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this ReplicaExternalKey.

func (*ReplicaExternalKey) GetTerraformResourceType 

func (mg *ReplicaExternalKey) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this ReplicaExternalKey

func (*ReplicaExternalKey) GetTerraformSchemaVersion 

func (tr *ReplicaExternalKey) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*ReplicaExternalKey) GetWriteConnectionSecretToReference 

func (mg *ReplicaExternalKey) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this ReplicaExternalKey.

func (*ReplicaExternalKey) Hub added in v0.47.2 

func (tr *ReplicaExternalKey) Hub()

Hub marks this type as a conversion hub.

func (*ReplicaExternalKey) LateInitialize 

func (tr *ReplicaExternalKey) LateInitialize(attrs []byte) (bool, error)

LateInitialize this ReplicaExternalKey using its observed tfState. returns True if there are any spec changes for the resource.

func (*ReplicaExternalKey) ResolveReferences 

func (mg *ReplicaExternalKey) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this ReplicaExternalKey.

func (*ReplicaExternalKey) SetConditions 

func (mg *ReplicaExternalKey) SetConditions(c ...xpv1.Condition)

SetConditions of this ReplicaExternalKey.

func (*ReplicaExternalKey) SetDeletionPolicy 

func (mg *ReplicaExternalKey) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this ReplicaExternalKey.

func (*ReplicaExternalKey) SetManagementPolicies added in v0.38.0 

func (mg *ReplicaExternalKey) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this ReplicaExternalKey.

func (*ReplicaExternalKey) SetObservation 

func (tr *ReplicaExternalKey) SetObservation(obs map[string]any) error

SetObservation for this ReplicaExternalKey

func (*ReplicaExternalKey) SetParameters 

func (tr *ReplicaExternalKey) SetParameters(params map[string]any) error

SetParameters for this ReplicaExternalKey

func (*ReplicaExternalKey) SetProviderConfigReference 

func (mg *ReplicaExternalKey) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this ReplicaExternalKey.

func (*ReplicaExternalKey) SetPublishConnectionDetailsTo 

func (mg *ReplicaExternalKey) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this ReplicaExternalKey.

func (*ReplicaExternalKey) SetWriteConnectionSecretToReference 

func (mg *ReplicaExternalKey) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this ReplicaExternalKey.

type ReplicaExternalKeyInitParameters added in v0.38.0 

type ReplicaExternalKeyInitParameters struct {

	// A flag to indicate whether to bypass the key policy lockout safety check.
	// Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.
	// For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide.
	// The default value is false.
	BypassPolicyLockoutSafetyCheck *bool `json:"bypassPolicyLockoutSafetyCheck,omitempty" tf:"bypass_policy_lockout_safety_check,omitempty"`

	// The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.
	// If you specify a value, it must be between 7 and 30, inclusive. If you do not specify a value, it defaults to 30.
	DeletionWindowInDays *float64 `json:"deletionWindowInDays,omitempty" tf:"deletion_window_in_days,omitempty"`

	// A description of the KMS key.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations. Keys pending import can only be false. Imported keys default to true unless expired.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// Base64 encoded 256-bit symmetric encryption key material to import. The KMS key is permanently associated with this key material. The same key material can be reimported, but you cannot import different key material.
	KeyMaterialBase64SecretRef *v1.SecretKeySelector `json:"keyMaterialBase64SecretRef,omitempty" tf:"-"`

	// The key policy to attach to the KMS key. If you do not specify a key policy, AWS KMS attaches the default key policy to the KMS key.
	Policy *string `json:"policy,omitempty" tf:"policy,omitempty"`

	// The ARN of the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS Partition. You can create only one replica of a given primary key in each AWS Region.
	// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/kms/v1beta1.ExternalKey
	// +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor()
	PrimaryKeyArn *string `json:"primaryKeyArn,omitempty" tf:"primary_key_arn,omitempty"`

	// Reference to a ExternalKey in kms to populate primaryKeyArn.
	// +kubebuilder:validation:Optional
	PrimaryKeyArnRef *v1.Reference `json:"primaryKeyArnRef,omitempty" tf:"-"`

	// Selector for a ExternalKey in kms to populate primaryKeyArn.
	// +kubebuilder:validation:Optional
	PrimaryKeyArnSelector *v1.Selector `json:"primaryKeyArnSelector,omitempty" tf:"-"`

	// Key-value map of resource tags.
	// +mapType=granular
	Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`

	// Time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the key becomes unusable. If not specified, key material does not expire. Valid values: RFC3339 time string (YYYY-MM-DDTHH:MM:SSZ)
	ValidTo *string `json:"validTo,omitempty" tf:"valid_to,omitempty"`
}

func (*ReplicaExternalKeyInitParameters) DeepCopy added in v0.38.0 

func (in *ReplicaExternalKeyInitParameters) DeepCopy() *ReplicaExternalKeyInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaExternalKeyInitParameters.

func (*ReplicaExternalKeyInitParameters) DeepCopyInto added in v0.38.0 

func (in *ReplicaExternalKeyInitParameters) DeepCopyInto(out *ReplicaExternalKeyInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ReplicaExternalKeyList 

type ReplicaExternalKeyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ReplicaExternalKey `json:"items"`
}

ReplicaExternalKeyList contains a list of ReplicaExternalKeys

func (*ReplicaExternalKeyList) DeepCopy 

func (in *ReplicaExternalKeyList) DeepCopy() *ReplicaExternalKeyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaExternalKeyList.

func (*ReplicaExternalKeyList) DeepCopyInto 

func (in *ReplicaExternalKeyList) DeepCopyInto(out *ReplicaExternalKeyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ReplicaExternalKeyList) DeepCopyObject 

func (in *ReplicaExternalKeyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ReplicaExternalKeyList) GetItems 

func (l *ReplicaExternalKeyList) GetItems() []resource.Managed

GetItems of this ReplicaExternalKeyList.

type ReplicaExternalKeyObservation 

type ReplicaExternalKeyObservation struct {

	// The Amazon Resource Name (ARN) of the replica key. The key ARNs of related multi-Region keys differ only in the Region value.
	Arn *string `json:"arn,omitempty" tf:"arn,omitempty"`

	// A flag to indicate whether to bypass the key policy lockout safety check.
	// Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.
	// For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide.
	// The default value is false.
	BypassPolicyLockoutSafetyCheck *bool `json:"bypassPolicyLockoutSafetyCheck,omitempty" tf:"bypass_policy_lockout_safety_check,omitempty"`

	// The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.
	// If you specify a value, it must be between 7 and 30, inclusive. If you do not specify a value, it defaults to 30.
	DeletionWindowInDays *float64 `json:"deletionWindowInDays,omitempty" tf:"deletion_window_in_days,omitempty"`

	// A description of the KMS key.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations. Keys pending import can only be false. Imported keys default to true unless expired.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// Whether the key material expires. Empty when pending key material import, otherwise KEY_MATERIAL_EXPIRES or KEY_MATERIAL_DOES_NOT_EXPIRE.
	ExpirationModel *string `json:"expirationModel,omitempty" tf:"expiration_model,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The key ID of the replica key. Related multi-Region keys have the same key ID.
	KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"`

	// The state of the replica key.
	KeyState *string `json:"keyState,omitempty" tf:"key_state,omitempty"`

	// The cryptographic operations for which you can use the KMS key. This is a shared property of multi-Region keys.
	KeyUsage *string `json:"keyUsage,omitempty" tf:"key_usage,omitempty"`

	// The key policy to attach to the KMS key. If you do not specify a key policy, AWS KMS attaches the default key policy to the KMS key.
	Policy *string `json:"policy,omitempty" tf:"policy,omitempty"`

	// The ARN of the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS Partition. You can create only one replica of a given primary key in each AWS Region.
	PrimaryKeyArn *string `json:"primaryKeyArn,omitempty" tf:"primary_key_arn,omitempty"`

	// Key-value map of resource tags.
	// +mapType=granular
	Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`

	// A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
	// +mapType=granular
	TagsAll map[string]*string `json:"tagsAll,omitempty" tf:"tags_all,omitempty"`

	// Time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the key becomes unusable. If not specified, key material does not expire. Valid values: RFC3339 time string (YYYY-MM-DDTHH:MM:SSZ)
	ValidTo *string `json:"validTo,omitempty" tf:"valid_to,omitempty"`
}

func (*ReplicaExternalKeyObservation) DeepCopy 

func (in *ReplicaExternalKeyObservation) DeepCopy() *ReplicaExternalKeyObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaExternalKeyObservation.

func (*ReplicaExternalKeyObservation) DeepCopyInto 

func (in *ReplicaExternalKeyObservation) DeepCopyInto(out *ReplicaExternalKeyObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ReplicaExternalKeyParameters 

type ReplicaExternalKeyParameters struct {

	// A flag to indicate whether to bypass the key policy lockout safety check.
	// Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.
	// For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide.
	// The default value is false.
	// +kubebuilder:validation:Optional
	BypassPolicyLockoutSafetyCheck *bool `json:"bypassPolicyLockoutSafetyCheck,omitempty" tf:"bypass_policy_lockout_safety_check,omitempty"`

	// The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.
	// If you specify a value, it must be between 7 and 30, inclusive. If you do not specify a value, it defaults to 30.
	// +kubebuilder:validation:Optional
	DeletionWindowInDays *float64 `json:"deletionWindowInDays,omitempty" tf:"deletion_window_in_days,omitempty"`

	// A description of the KMS key.
	// +kubebuilder:validation:Optional
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations. Keys pending import can only be false. Imported keys default to true unless expired.
	// +kubebuilder:validation:Optional
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// Base64 encoded 256-bit symmetric encryption key material to import. The KMS key is permanently associated with this key material. The same key material can be reimported, but you cannot import different key material.
	// +kubebuilder:validation:Optional
	KeyMaterialBase64SecretRef *v1.SecretKeySelector `json:"keyMaterialBase64SecretRef,omitempty" tf:"-"`

	// The key policy to attach to the KMS key. If you do not specify a key policy, AWS KMS attaches the default key policy to the KMS key.
	// +kubebuilder:validation:Optional
	Policy *string `json:"policy,omitempty" tf:"policy,omitempty"`

	// The ARN of the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS Partition. You can create only one replica of a given primary key in each AWS Region.
	// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/kms/v1beta1.ExternalKey
	// +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor()
	// +kubebuilder:validation:Optional
	PrimaryKeyArn *string `json:"primaryKeyArn,omitempty" tf:"primary_key_arn,omitempty"`

	// Reference to a ExternalKey in kms to populate primaryKeyArn.
	// +kubebuilder:validation:Optional
	PrimaryKeyArnRef *v1.Reference `json:"primaryKeyArnRef,omitempty" tf:"-"`

	// Selector for a ExternalKey in kms to populate primaryKeyArn.
	// +kubebuilder:validation:Optional
	PrimaryKeyArnSelector *v1.Selector `json:"primaryKeyArnSelector,omitempty" tf:"-"`

	// Region is the region you'd like your resource to be created in.
	// +upjet:crd:field:TFTag=-
	// +kubebuilder:validation:Required
	Region *string `json:"region" tf:"-"`

	// Key-value map of resource tags.
	// +kubebuilder:validation:Optional
	// +mapType=granular
	Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`

	// Time at which the imported key material expires. When the key material expires, AWS KMS deletes the key material and the key becomes unusable. If not specified, key material does not expire. Valid values: RFC3339 time string (YYYY-MM-DDTHH:MM:SSZ)
	// +kubebuilder:validation:Optional
	ValidTo *string `json:"validTo,omitempty" tf:"valid_to,omitempty"`
}

func (*ReplicaExternalKeyParameters) DeepCopy 

func (in *ReplicaExternalKeyParameters) DeepCopy() *ReplicaExternalKeyParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaExternalKeyParameters.

func (*ReplicaExternalKeyParameters) DeepCopyInto 

func (in *ReplicaExternalKeyParameters) DeepCopyInto(out *ReplicaExternalKeyParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ReplicaExternalKeySpec 

type ReplicaExternalKeySpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     ReplicaExternalKeyParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider ReplicaExternalKeyInitParameters `json:"initProvider,omitempty"`
}

ReplicaExternalKeySpec defines the desired state of ReplicaExternalKey

func (*ReplicaExternalKeySpec) DeepCopy 

func (in *ReplicaExternalKeySpec) DeepCopy() *ReplicaExternalKeySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaExternalKeySpec.

func (*ReplicaExternalKeySpec) DeepCopyInto 

func (in *ReplicaExternalKeySpec) DeepCopyInto(out *ReplicaExternalKeySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ReplicaExternalKeyStatus 

type ReplicaExternalKeyStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        ReplicaExternalKeyObservation `json:"atProvider,omitempty"`
}

ReplicaExternalKeyStatus defines the observed state of ReplicaExternalKey.

func (*ReplicaExternalKeyStatus) DeepCopy 

func (in *ReplicaExternalKeyStatus) DeepCopy() *ReplicaExternalKeyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaExternalKeyStatus.

func (*ReplicaExternalKeyStatus) DeepCopyInto 

func (in *ReplicaExternalKeyStatus) DeepCopyInto(out *ReplicaExternalKeyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ReplicaKey 

type ReplicaKey struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              ReplicaKeySpec   `json:"spec"`
	Status            ReplicaKeyStatus `json:"status,omitempty"`
}

ReplicaKey is the Schema for the ReplicaKeys API. Manages a KMS multi-Region replica key. +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}

func (*ReplicaKey) DeepCopy 

func (in *ReplicaKey) DeepCopy() *ReplicaKey

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaKey.

func (*ReplicaKey) DeepCopyInto 

func (in *ReplicaKey) DeepCopyInto(out *ReplicaKey)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ReplicaKey) DeepCopyObject 

func (in *ReplicaKey) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ReplicaKey) GetCondition 

func (mg *ReplicaKey) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this ReplicaKey.

func (*ReplicaKey) GetConnectionDetailsMapping 

func (tr *ReplicaKey) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this ReplicaKey

func (*ReplicaKey) GetDeletionPolicy 

func (mg *ReplicaKey) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this ReplicaKey.

func (*ReplicaKey) GetID 

func (tr *ReplicaKey) GetID() string

GetID returns ID of underlying Terraform resource of this ReplicaKey

func (*ReplicaKey) GetInitParameters added in v0.38.0 

func (tr *ReplicaKey) GetInitParameters() (map[string]any, error)

GetInitParameters of this ReplicaKey

func (*ReplicaKey) GetManagementPolicies added in v0.38.0 

func (mg *ReplicaKey) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this ReplicaKey.

func (*ReplicaKey) GetMergedParameters added in v0.44.0 

func (tr *ReplicaKey) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this ReplicaKey

func (*ReplicaKey) GetObservation 

func (tr *ReplicaKey) GetObservation() (map[string]any, error)

GetObservation of this ReplicaKey

func (*ReplicaKey) GetParameters 

func (tr *ReplicaKey) GetParameters() (map[string]any, error)

GetParameters of this ReplicaKey

func (*ReplicaKey) GetProviderConfigReference 

func (mg *ReplicaKey) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this ReplicaKey.

func (*ReplicaKey) GetPublishConnectionDetailsTo 

func (mg *ReplicaKey) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this ReplicaKey.

func (*ReplicaKey) GetTerraformResourceType 

func (mg *ReplicaKey) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this ReplicaKey

func (*ReplicaKey) GetTerraformSchemaVersion 

func (tr *ReplicaKey) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*ReplicaKey) GetWriteConnectionSecretToReference 

func (mg *ReplicaKey) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this ReplicaKey.

func (*ReplicaKey) Hub added in v0.47.2 

func (tr *ReplicaKey) Hub()

Hub marks this type as a conversion hub.

func (*ReplicaKey) LateInitialize 

func (tr *ReplicaKey) LateInitialize(attrs []byte) (bool, error)

LateInitialize this ReplicaKey using its observed tfState. returns True if there are any spec changes for the resource.

func (*ReplicaKey) ResolveReferences 

func (mg *ReplicaKey) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this ReplicaKey.

func (*ReplicaKey) SetConditions 

func (mg *ReplicaKey) SetConditions(c ...xpv1.Condition)

SetConditions of this ReplicaKey.

func (*ReplicaKey) SetDeletionPolicy 

func (mg *ReplicaKey) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this ReplicaKey.

func (*ReplicaKey) SetManagementPolicies added in v0.38.0 

func (mg *ReplicaKey) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this ReplicaKey.

func (*ReplicaKey) SetObservation 

func (tr *ReplicaKey) SetObservation(obs map[string]any) error

SetObservation for this ReplicaKey

func (*ReplicaKey) SetParameters 

func (tr *ReplicaKey) SetParameters(params map[string]any) error

SetParameters for this ReplicaKey

func (*ReplicaKey) SetProviderConfigReference 

func (mg *ReplicaKey) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this ReplicaKey.

func (*ReplicaKey) SetPublishConnectionDetailsTo 

func (mg *ReplicaKey) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this ReplicaKey.

func (*ReplicaKey) SetWriteConnectionSecretToReference 

func (mg *ReplicaKey) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this ReplicaKey.

type ReplicaKeyInitParameters added in v0.38.0 

type ReplicaKeyInitParameters struct {

	// A flag to indicate whether to bypass the key policy lockout safety check.
	// Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.
	// For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide.
	// The default value is false.
	BypassPolicyLockoutSafetyCheck *bool `json:"bypassPolicyLockoutSafetyCheck,omitempty" tf:"bypass_policy_lockout_safety_check,omitempty"`

	// The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.
	// If you specify a value, it must be between 7 and 30, inclusive. If you do not specify a value, it defaults to 30.
	DeletionWindowInDays *float64 `json:"deletionWindowInDays,omitempty" tf:"deletion_window_in_days,omitempty"`

	// A description of the KMS key.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations. The default value is true.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// The key policy to attach to the KMS key. If you do not specify a key policy, AWS KMS attaches the default key policy to the KMS key.
	Policy *string `json:"policy,omitempty" tf:"policy,omitempty"`

	// The ARN of the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS Partition. You can create only one replica of a given primary key in each AWS Region.
	// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/kms/v1beta1.Key
	// +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor()
	PrimaryKeyArn *string `json:"primaryKeyArn,omitempty" tf:"primary_key_arn,omitempty"`

	// Reference to a Key in kms to populate primaryKeyArn.
	// +kubebuilder:validation:Optional
	PrimaryKeyArnRef *v1.Reference `json:"primaryKeyArnRef,omitempty" tf:"-"`

	// Selector for a Key in kms to populate primaryKeyArn.
	// +kubebuilder:validation:Optional
	PrimaryKeyArnSelector *v1.Selector `json:"primaryKeyArnSelector,omitempty" tf:"-"`

	// Key-value map of resource tags.
	// +mapType=granular
	Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`
}

func (*ReplicaKeyInitParameters) DeepCopy added in v0.38.0 

func (in *ReplicaKeyInitParameters) DeepCopy() *ReplicaKeyInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaKeyInitParameters.

func (*ReplicaKeyInitParameters) DeepCopyInto added in v0.38.0 

func (in *ReplicaKeyInitParameters) DeepCopyInto(out *ReplicaKeyInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ReplicaKeyList 

type ReplicaKeyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []ReplicaKey `json:"items"`
}

ReplicaKeyList contains a list of ReplicaKeys

func (*ReplicaKeyList) DeepCopy 

func (in *ReplicaKeyList) DeepCopy() *ReplicaKeyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaKeyList.

func (*ReplicaKeyList) DeepCopyInto 

func (in *ReplicaKeyList) DeepCopyInto(out *ReplicaKeyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ReplicaKeyList) DeepCopyObject 

func (in *ReplicaKeyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*ReplicaKeyList) GetItems 

func (l *ReplicaKeyList) GetItems() []resource.Managed

GetItems of this ReplicaKeyList.

type ReplicaKeyObservation 

type ReplicaKeyObservation struct {

	// The Amazon Resource Name (ARN) of the replica key. The key ARNs of related multi-Region keys differ only in the Region value.
	Arn *string `json:"arn,omitempty" tf:"arn,omitempty"`

	// A flag to indicate whether to bypass the key policy lockout safety check.
	// Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.
	// For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide.
	// The default value is false.
	BypassPolicyLockoutSafetyCheck *bool `json:"bypassPolicyLockoutSafetyCheck,omitempty" tf:"bypass_policy_lockout_safety_check,omitempty"`

	// The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.
	// If you specify a value, it must be between 7 and 30, inclusive. If you do not specify a value, it defaults to 30.
	DeletionWindowInDays *float64 `json:"deletionWindowInDays,omitempty" tf:"deletion_window_in_days,omitempty"`

	// A description of the KMS key.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations. The default value is true.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The key ID of the replica key. Related multi-Region keys have the same key ID.
	KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"`

	// A Boolean value that specifies whether key rotation is enabled. This is a shared property of multi-Region keys.
	KeyRotationEnabled *bool `json:"keyRotationEnabled,omitempty" tf:"key_rotation_enabled,omitempty"`

	// The type of key material in the KMS key. This is a shared property of multi-Region keys.
	KeySpec *string `json:"keySpec,omitempty" tf:"key_spec,omitempty"`

	// The cryptographic operations for which you can use the KMS key. This is a shared property of multi-Region keys.
	KeyUsage *string `json:"keyUsage,omitempty" tf:"key_usage,omitempty"`

	// The key policy to attach to the KMS key. If you do not specify a key policy, AWS KMS attaches the default key policy to the KMS key.
	Policy *string `json:"policy,omitempty" tf:"policy,omitempty"`

	// The ARN of the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS Partition. You can create only one replica of a given primary key in each AWS Region.
	PrimaryKeyArn *string `json:"primaryKeyArn,omitempty" tf:"primary_key_arn,omitempty"`

	// Key-value map of resource tags.
	// +mapType=granular
	Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`

	// A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
	// +mapType=granular
	TagsAll map[string]*string `json:"tagsAll,omitempty" tf:"tags_all,omitempty"`
}

func (*ReplicaKeyObservation) DeepCopy 

func (in *ReplicaKeyObservation) DeepCopy() *ReplicaKeyObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaKeyObservation.

func (*ReplicaKeyObservation) DeepCopyInto 

func (in *ReplicaKeyObservation) DeepCopyInto(out *ReplicaKeyObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ReplicaKeyParameters 

type ReplicaKeyParameters struct {

	// A flag to indicate whether to bypass the key policy lockout safety check.
	// Setting this value to true increases the risk that the KMS key becomes unmanageable. Do not set this value to true indiscriminately.
	// For more information, refer to the scenario in the Default Key Policy section in the AWS Key Management Service Developer Guide.
	// The default value is false.
	// +kubebuilder:validation:Optional
	BypassPolicyLockoutSafetyCheck *bool `json:"bypassPolicyLockoutSafetyCheck,omitempty" tf:"bypass_policy_lockout_safety_check,omitempty"`

	// The waiting period, specified in number of days. After the waiting period ends, AWS KMS deletes the KMS key.
	// If you specify a value, it must be between 7 and 30, inclusive. If you do not specify a value, it defaults to 30.
	// +kubebuilder:validation:Optional
	DeletionWindowInDays *float64 `json:"deletionWindowInDays,omitempty" tf:"deletion_window_in_days,omitempty"`

	// A description of the KMS key.
	// +kubebuilder:validation:Optional
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Specifies whether the replica key is enabled. Disabled KMS keys cannot be used in cryptographic operations. The default value is true.
	// +kubebuilder:validation:Optional
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// The key policy to attach to the KMS key. If you do not specify a key policy, AWS KMS attaches the default key policy to the KMS key.
	// +kubebuilder:validation:Optional
	Policy *string `json:"policy,omitempty" tf:"policy,omitempty"`

	// The ARN of the multi-Region primary key to replicate. The primary key must be in a different AWS Region of the same AWS Partition. You can create only one replica of a given primary key in each AWS Region.
	// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/kms/v1beta1.Key
	// +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor()
	// +kubebuilder:validation:Optional
	PrimaryKeyArn *string `json:"primaryKeyArn,omitempty" tf:"primary_key_arn,omitempty"`

	// Reference to a Key in kms to populate primaryKeyArn.
	// +kubebuilder:validation:Optional
	PrimaryKeyArnRef *v1.Reference `json:"primaryKeyArnRef,omitempty" tf:"-"`

	// Selector for a Key in kms to populate primaryKeyArn.
	// +kubebuilder:validation:Optional
	PrimaryKeyArnSelector *v1.Selector `json:"primaryKeyArnSelector,omitempty" tf:"-"`

	// Region is the region you'd like your resource to be created in.
	// +upjet:crd:field:TFTag=-
	// +kubebuilder:validation:Required
	Region *string `json:"region" tf:"-"`

	// Key-value map of resource tags.
	// +kubebuilder:validation:Optional
	// +mapType=granular
	Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`
}

func (*ReplicaKeyParameters) DeepCopy 

func (in *ReplicaKeyParameters) DeepCopy() *ReplicaKeyParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaKeyParameters.

func (*ReplicaKeyParameters) DeepCopyInto 

func (in *ReplicaKeyParameters) DeepCopyInto(out *ReplicaKeyParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ReplicaKeySpec 

type ReplicaKeySpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     ReplicaKeyParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider ReplicaKeyInitParameters `json:"initProvider,omitempty"`
}

ReplicaKeySpec defines the desired state of ReplicaKey

func (*ReplicaKeySpec) DeepCopy 

func (in *ReplicaKeySpec) DeepCopy() *ReplicaKeySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaKeySpec.

func (*ReplicaKeySpec) DeepCopyInto 

func (in *ReplicaKeySpec) DeepCopyInto(out *ReplicaKeySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ReplicaKeyStatus 

type ReplicaKeyStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        ReplicaKeyObservation `json:"atProvider,omitempty"`
}

ReplicaKeyStatus defines the observed state of ReplicaKey.

func (*ReplicaKeyStatus) DeepCopy 

func (in *ReplicaKeyStatus) DeepCopy() *ReplicaKeyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaKeyStatus.

func (*ReplicaKeyStatus) DeepCopyInto 

func (in *ReplicaKeyStatus) DeepCopyInto(out *ReplicaKeyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.