v1beta1

package
v1.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 26, 2024 License: Apache-2.0 Imports: 14 Imported by: 1

Documentation

Overview

+kubebuilder:object:generate=true +groupName=orgpolicy.gcp.upbound.io +versionName=v1beta1

Index

Constants

View Source
const (
	CRDGroup   = "orgpolicy.gcp.upbound.io"
	CRDVersion = "v1beta1"
)

Package type metadata.

Variables

View Source
var (
	// CRDGroupVersion is the API Group Version used to register the objects
	CRDGroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: CRDGroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source
var (
	Policy_Kind             = "Policy"
	Policy_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: Policy_Kind}.String()
	Policy_KindAPIVersion   = Policy_Kind + "." + CRDGroupVersion.String()
	Policy_GroupVersionKind = CRDGroupVersion.WithKind(Policy_Kind)
)

Repository type metadata.

Functions

This section is empty.

Types

type ConditionInitParameters

type ConditionInitParameters struct {

	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Textual representation of an expression in Common Expression Language syntax.
	Expression *string `json:"expression,omitempty" tf:"expression,omitempty"`

	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location *string `json:"location,omitempty" tf:"location,omitempty"`

	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title *string `json:"title,omitempty" tf:"title,omitempty"`
}

func (*ConditionInitParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConditionInitParameters.

func (*ConditionInitParameters) DeepCopyInto

func (in *ConditionInitParameters) DeepCopyInto(out *ConditionInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConditionObservation

type ConditionObservation struct {

	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Textual representation of an expression in Common Expression Language syntax.
	Expression *string `json:"expression,omitempty" tf:"expression,omitempty"`

	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location *string `json:"location,omitempty" tf:"location,omitempty"`

	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title *string `json:"title,omitempty" tf:"title,omitempty"`
}

func (*ConditionObservation) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConditionObservation.

func (*ConditionObservation) DeepCopyInto

func (in *ConditionObservation) DeepCopyInto(out *ConditionObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ConditionParameters

type ConditionParameters struct {

	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	// +kubebuilder:validation:Optional
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Textual representation of an expression in Common Expression Language syntax.
	// +kubebuilder:validation:Optional
	Expression *string `json:"expression,omitempty" tf:"expression,omitempty"`

	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	// +kubebuilder:validation:Optional
	Location *string `json:"location,omitempty" tf:"location,omitempty"`

	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	// +kubebuilder:validation:Optional
	Title *string `json:"title,omitempty" tf:"title,omitempty"`
}

func (*ConditionParameters) DeepCopy

func (in *ConditionParameters) DeepCopy() *ConditionParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ConditionParameters.

func (*ConditionParameters) DeepCopyInto

func (in *ConditionParameters) DeepCopyInto(out *ConditionParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type DryRunSpecInitParameters

type DryRunSpecInitParameters struct {

	// Determines the inheritance behavior for this policy. If inherit_from_parent is true, policy rules set higher up in the hierarchy (up to the closest root) are inherited and present in the effective policy. If it is false, then no rules are inherited, and this policy becomes the new root for evaluation. This field can be set only for policies which configure list constraints.
	InheritFromParent *bool `json:"inheritFromParent,omitempty" tf:"inherit_from_parent,omitempty"`

	// Ignores policies set above this resource and restores the constraint_default enforcement behavior of the specific constraint at this resource. This field can be set in policies for either list or boolean constraints. If set, rules must be empty and inherit_from_parent must be set to false.
	Reset *bool `json:"reset,omitempty" tf:"reset,omitempty"`

	// In policies for boolean constraints, the following requirements apply: - There must be one and only one policy rule where condition is unset. - Boolean policy rules with conditions must set enforced to the opposite of the policy rule without a condition. - During policy evaluation, policy rules with conditions that are true for a target resource take precedence.
	Rules []RulesInitParameters `json:"rules,omitempty" tf:"rules,omitempty"`
}

func (*DryRunSpecInitParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DryRunSpecInitParameters.

func (*DryRunSpecInitParameters) DeepCopyInto

func (in *DryRunSpecInitParameters) DeepCopyInto(out *DryRunSpecInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type DryRunSpecObservation

type DryRunSpecObservation struct {

	// An opaque tag indicating the current version of the policy, used for concurrency control. This field is ignored if used in a CreatePolicy request. When the policyis returned from either aGetPolicyor aListPoliciesrequest, thisetagindicates the version of the current policy to use when executing a read-modify-write loop. When the policy is returned from aGetEffectivePolicyrequest, theetag` will be unset.
	Etag *string `json:"etag,omitempty" tf:"etag,omitempty"`

	// Determines the inheritance behavior for this policy. If inherit_from_parent is true, policy rules set higher up in the hierarchy (up to the closest root) are inherited and present in the effective policy. If it is false, then no rules are inherited, and this policy becomes the new root for evaluation. This field can be set only for policies which configure list constraints.
	InheritFromParent *bool `json:"inheritFromParent,omitempty" tf:"inherit_from_parent,omitempty"`

	// Ignores policies set above this resource and restores the constraint_default enforcement behavior of the specific constraint at this resource. This field can be set in policies for either list or boolean constraints. If set, rules must be empty and inherit_from_parent must be set to false.
	Reset *bool `json:"reset,omitempty" tf:"reset,omitempty"`

	// In policies for boolean constraints, the following requirements apply: - There must be one and only one policy rule where condition is unset. - Boolean policy rules with conditions must set enforced to the opposite of the policy rule without a condition. - During policy evaluation, policy rules with conditions that are true for a target resource take precedence.
	Rules []RulesObservation `json:"rules,omitempty" tf:"rules,omitempty"`

	// Output only. The time stamp this was previously updated. This represents the last time a call to CreatePolicy or UpdatePolicy was made for that policy.
	UpdateTime *string `json:"updateTime,omitempty" tf:"update_time,omitempty"`
}

func (*DryRunSpecObservation) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DryRunSpecObservation.

func (*DryRunSpecObservation) DeepCopyInto

func (in *DryRunSpecObservation) DeepCopyInto(out *DryRunSpecObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type DryRunSpecParameters

type DryRunSpecParameters struct {

	// Determines the inheritance behavior for this policy. If inherit_from_parent is true, policy rules set higher up in the hierarchy (up to the closest root) are inherited and present in the effective policy. If it is false, then no rules are inherited, and this policy becomes the new root for evaluation. This field can be set only for policies which configure list constraints.
	// +kubebuilder:validation:Optional
	InheritFromParent *bool `json:"inheritFromParent,omitempty" tf:"inherit_from_parent,omitempty"`

	// Ignores policies set above this resource and restores the constraint_default enforcement behavior of the specific constraint at this resource. This field can be set in policies for either list or boolean constraints. If set, rules must be empty and inherit_from_parent must be set to false.
	// +kubebuilder:validation:Optional
	Reset *bool `json:"reset,omitempty" tf:"reset,omitempty"`

	// In policies for boolean constraints, the following requirements apply: - There must be one and only one policy rule where condition is unset. - Boolean policy rules with conditions must set enforced to the opposite of the policy rule without a condition. - During policy evaluation, policy rules with conditions that are true for a target resource take precedence.
	// +kubebuilder:validation:Optional
	Rules []RulesParameters `json:"rules,omitempty" tf:"rules,omitempty"`
}

func (*DryRunSpecParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DryRunSpecParameters.

func (*DryRunSpecParameters) DeepCopyInto

func (in *DryRunSpecParameters) DeepCopyInto(out *DryRunSpecParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Policy

type Policy struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              PolicySpec   `json:"spec"`
	Status            PolicyStatus `json:"status,omitempty"`
}

Policy is the Schema for the Policys API. An organization policy gives you programmatic control over your organization's cloud resources. Using Organization Policies, you will be able to configure constraints across your entire resource hierarchy. +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,gcp}

func (*Policy) DeepCopy

func (in *Policy) DeepCopy() *Policy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Policy.

func (*Policy) DeepCopyInto

func (in *Policy) DeepCopyInto(out *Policy)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Policy) DeepCopyObject

func (in *Policy) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Policy) GetCondition

func (mg *Policy) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this Policy.

func (*Policy) GetConnectionDetailsMapping

func (tr *Policy) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this Policy

func (*Policy) GetDeletionPolicy

func (mg *Policy) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this Policy.

func (*Policy) GetID

func (tr *Policy) GetID() string

GetID returns ID of underlying Terraform resource of this Policy

func (*Policy) GetInitParameters

func (tr *Policy) GetInitParameters() (map[string]any, error)

GetInitParameters of this Policy

func (*Policy) GetManagementPolicies

func (mg *Policy) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this Policy.

func (*Policy) GetMergedParameters

func (tr *Policy) GetMergedParameters(shouldMergeInitProvider bool) (map[string]any, error)

GetInitParameters of this Policy

func (*Policy) GetObservation

func (tr *Policy) GetObservation() (map[string]any, error)

GetObservation of this Policy

func (*Policy) GetParameters

func (tr *Policy) GetParameters() (map[string]any, error)

GetParameters of this Policy

func (*Policy) GetProviderConfigReference

func (mg *Policy) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this Policy.

func (*Policy) GetPublishConnectionDetailsTo

func (mg *Policy) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this Policy.

func (*Policy) GetTerraformResourceType

func (mg *Policy) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this Policy

func (*Policy) GetTerraformSchemaVersion

func (tr *Policy) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*Policy) GetWriteConnectionSecretToReference

func (mg *Policy) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this Policy.

func (*Policy) Hub

func (tr *Policy) Hub()

Hub marks this type as a conversion hub.

func (*Policy) LateInitialize

func (tr *Policy) LateInitialize(attrs []byte) (bool, error)

LateInitialize this Policy using its observed tfState. returns True if there are any spec changes for the resource.

func (*Policy) ResolveReferences

func (mg *Policy) ResolveReferences(ctx context.Context, c client.Reader) error

func (*Policy) SetConditions

func (mg *Policy) SetConditions(c ...xpv1.Condition)

SetConditions of this Policy.

func (*Policy) SetDeletionPolicy

func (mg *Policy) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this Policy.

func (*Policy) SetManagementPolicies

func (mg *Policy) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this Policy.

func (*Policy) SetObservation

func (tr *Policy) SetObservation(obs map[string]any) error

SetObservation for this Policy

func (*Policy) SetParameters

func (tr *Policy) SetParameters(params map[string]any) error

SetParameters for this Policy

func (*Policy) SetProviderConfigReference

func (mg *Policy) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this Policy.

func (*Policy) SetPublishConnectionDetailsTo

func (mg *Policy) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this Policy.

func (*Policy) SetWriteConnectionSecretToReference

func (mg *Policy) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this Policy.

type PolicyInitParameters

type PolicyInitParameters struct {

	// Dry-run policy. Audit-only policy, can be used to monitor how the policy would have impacted the existing and future resources if it's enforced.
	DryRunSpec *DryRunSpecInitParameters `json:"dryRunSpec,omitempty" tf:"dry_run_spec,omitempty"`

	// Basic information about the Organization Policy.
	Spec *SpecInitParameters `json:"spec,omitempty" tf:"spec,omitempty"`
}

func (*PolicyInitParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyInitParameters.

func (*PolicyInitParameters) DeepCopyInto

func (in *PolicyInitParameters) DeepCopyInto(out *PolicyInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyList

type PolicyList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Policy `json:"items"`
}

PolicyList contains a list of Policys

func (*PolicyList) DeepCopy

func (in *PolicyList) DeepCopy() *PolicyList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyList.

func (*PolicyList) DeepCopyInto

func (in *PolicyList) DeepCopyInto(out *PolicyList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*PolicyList) DeepCopyObject

func (in *PolicyList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*PolicyList) GetItems

func (l *PolicyList) GetItems() []resource.Managed

GetItems of this PolicyList.

type PolicyObservation

type PolicyObservation struct {

	// Dry-run policy. Audit-only policy, can be used to monitor how the policy would have impacted the existing and future resources if it's enforced.
	DryRunSpec *DryRunSpecObservation `json:"dryRunSpec,omitempty" tf:"dry_run_spec,omitempty"`

	// Optional. An opaque tag indicating the current state of the policy, used for concurrency control. This 'etag' is computed by the server based on the value of other fields, and may be sent on update and delete requests to ensure the client has an up-to-date value before proceeding.
	Etag *string `json:"etag,omitempty" tf:"etag,omitempty"`

	// an identifier for the resource with format {{parent}}/policies/{{name}}
	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The parent of the resource.
	Parent *string `json:"parent,omitempty" tf:"parent,omitempty"`

	// Basic information about the Organization Policy.
	Spec *SpecObservation `json:"spec,omitempty" tf:"spec,omitempty"`
}

func (*PolicyObservation) DeepCopy

func (in *PolicyObservation) DeepCopy() *PolicyObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyObservation.

func (*PolicyObservation) DeepCopyInto

func (in *PolicyObservation) DeepCopyInto(out *PolicyObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyParameters

type PolicyParameters struct {

	// Dry-run policy. Audit-only policy, can be used to monitor how the policy would have impacted the existing and future resources if it's enforced.
	// +kubebuilder:validation:Optional
	DryRunSpec *DryRunSpecParameters `json:"dryRunSpec,omitempty" tf:"dry_run_spec,omitempty"`

	// The parent of the resource.
	// +crossplane:generate:reference:type=github.com/upbound/provider-gcp/apis/cloudplatform/v1beta1.Folder
	// +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("name",true)
	// +kubebuilder:validation:Optional
	Parent *string `json:"parent,omitempty" tf:"parent,omitempty"`

	// Reference to a Folder in cloudplatform to populate parent.
	// +kubebuilder:validation:Optional
	ParentRef *v1.Reference `json:"parentRef,omitempty" tf:"-"`

	// Selector for a Folder in cloudplatform to populate parent.
	// +kubebuilder:validation:Optional
	ParentSelector *v1.Selector `json:"parentSelector,omitempty" tf:"-"`

	// Basic information about the Organization Policy.
	// +kubebuilder:validation:Optional
	Spec *SpecParameters `json:"spec,omitempty" tf:"spec,omitempty"`
}

func (*PolicyParameters) DeepCopy

func (in *PolicyParameters) DeepCopy() *PolicyParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyParameters.

func (*PolicyParameters) DeepCopyInto

func (in *PolicyParameters) DeepCopyInto(out *PolicyParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicySpec

type PolicySpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     PolicyParameters `json:"forProvider"`
	// THIS IS A BETA FIELD. It will be honored
	// unless the Management Policies feature flag is disabled.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider PolicyInitParameters `json:"initProvider,omitempty"`
}

PolicySpec defines the desired state of Policy

func (*PolicySpec) DeepCopy

func (in *PolicySpec) DeepCopy() *PolicySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicySpec.

func (*PolicySpec) DeepCopyInto

func (in *PolicySpec) DeepCopyInto(out *PolicySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyStatus

type PolicyStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        PolicyObservation `json:"atProvider,omitempty"`
}

PolicyStatus defines the observed state of Policy.

func (*PolicyStatus) DeepCopy

func (in *PolicyStatus) DeepCopy() *PolicyStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyStatus.

func (*PolicyStatus) DeepCopyInto

func (in *PolicyStatus) DeepCopyInto(out *PolicyStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RulesConditionInitParameters

type RulesConditionInitParameters struct {

	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Textual representation of an expression in Common Expression Language syntax.
	Expression *string `json:"expression,omitempty" tf:"expression,omitempty"`

	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location *string `json:"location,omitempty" tf:"location,omitempty"`

	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title *string `json:"title,omitempty" tf:"title,omitempty"`
}

func (*RulesConditionInitParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesConditionInitParameters.

func (*RulesConditionInitParameters) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RulesConditionObservation

type RulesConditionObservation struct {

	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Textual representation of an expression in Common Expression Language syntax.
	Expression *string `json:"expression,omitempty" tf:"expression,omitempty"`

	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	Location *string `json:"location,omitempty" tf:"location,omitempty"`

	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	Title *string `json:"title,omitempty" tf:"title,omitempty"`
}

func (*RulesConditionObservation) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesConditionObservation.

func (*RulesConditionObservation) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RulesConditionParameters

type RulesConditionParameters struct {

	// Optional. Description of the expression. This is a longer text which describes the expression, e.g. when hovered over it in a UI.
	// +kubebuilder:validation:Optional
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// Textual representation of an expression in Common Expression Language syntax.
	// +kubebuilder:validation:Optional
	Expression *string `json:"expression,omitempty" tf:"expression,omitempty"`

	// Optional. String indicating the location of the expression for error reporting, e.g. a file name and a position in the file.
	// +kubebuilder:validation:Optional
	Location *string `json:"location,omitempty" tf:"location,omitempty"`

	// Optional. Title for the expression, i.e. a short string describing its purpose. This can be used e.g. in UIs which allow to enter the expression.
	// +kubebuilder:validation:Optional
	Title *string `json:"title,omitempty" tf:"title,omitempty"`
}

func (*RulesConditionParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesConditionParameters.

func (*RulesConditionParameters) DeepCopyInto

func (in *RulesConditionParameters) DeepCopyInto(out *RulesConditionParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RulesInitParameters

type RulesInitParameters struct {

	// Setting this to "TRUE" means that all values are allowed. This field can be set only in policies for list constraints.
	AllowAll *string `json:"allowAll,omitempty" tf:"allow_all,omitempty"`

	// A condition which determines whether this rule is used in the evaluation of the policy. When set, the expression field in the `Expr' must include from 1 to 10 subexpressions, joined by the "||" or "&&" operators. Each subexpression must be of the form "resource.matchTag('/tag_key_short_name, 'tag_value_short_name')". or "resource.matchTagId('tagKeys/key_id', 'tagValues/value_id')". where key_name and value_name are the resource names for Label Keys and Values. These names are available from the Tag Manager Service. An example expression is: "resource.matchTag('123456789/environment, 'prod')". or "resource.matchTagId('tagKeys/123', 'tagValues/456')".
	Condition *ConditionInitParameters `json:"condition,omitempty" tf:"condition,omitempty"`

	// Setting this to "TRUE" means that all values are denied. This field can be set only in policies for list constraints.
	DenyAll *string `json:"denyAll,omitempty" tf:"deny_all,omitempty"`

	// If "TRUE", then the policy is enforced. If "FALSE", then any configuration is acceptable. This field can be set only in policies for boolean constraints.
	Enforce *string `json:"enforce,omitempty" tf:"enforce,omitempty"`

	// List of values to be used for this policy rule. This field can be set only in policies for list constraints.
	Values *ValuesInitParameters `json:"values,omitempty" tf:"values,omitempty"`
}

func (*RulesInitParameters) DeepCopy

func (in *RulesInitParameters) DeepCopy() *RulesInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesInitParameters.

func (*RulesInitParameters) DeepCopyInto

func (in *RulesInitParameters) DeepCopyInto(out *RulesInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RulesObservation

type RulesObservation struct {

	// Setting this to "TRUE" means that all values are allowed. This field can be set only in policies for list constraints.
	AllowAll *string `json:"allowAll,omitempty" tf:"allow_all,omitempty"`

	// A condition which determines whether this rule is used in the evaluation of the policy. When set, the expression field in the `Expr' must include from 1 to 10 subexpressions, joined by the "||" or "&&" operators. Each subexpression must be of the form "resource.matchTag('/tag_key_short_name, 'tag_value_short_name')". or "resource.matchTagId('tagKeys/key_id', 'tagValues/value_id')". where key_name and value_name are the resource names for Label Keys and Values. These names are available from the Tag Manager Service. An example expression is: "resource.matchTag('123456789/environment, 'prod')". or "resource.matchTagId('tagKeys/123', 'tagValues/456')".
	Condition *ConditionObservation `json:"condition,omitempty" tf:"condition,omitempty"`

	// Setting this to "TRUE" means that all values are denied. This field can be set only in policies for list constraints.
	DenyAll *string `json:"denyAll,omitempty" tf:"deny_all,omitempty"`

	// If "TRUE", then the policy is enforced. If "FALSE", then any configuration is acceptable. This field can be set only in policies for boolean constraints.
	Enforce *string `json:"enforce,omitempty" tf:"enforce,omitempty"`

	// List of values to be used for this policy rule. This field can be set only in policies for list constraints.
	Values *ValuesObservation `json:"values,omitempty" tf:"values,omitempty"`
}

func (*RulesObservation) DeepCopy

func (in *RulesObservation) DeepCopy() *RulesObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesObservation.

func (*RulesObservation) DeepCopyInto

func (in *RulesObservation) DeepCopyInto(out *RulesObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RulesParameters

type RulesParameters struct {

	// Setting this to "TRUE" means that all values are allowed. This field can be set only in policies for list constraints.
	// +kubebuilder:validation:Optional
	AllowAll *string `json:"allowAll,omitempty" tf:"allow_all,omitempty"`

	// A condition which determines whether this rule is used in the evaluation of the policy. When set, the expression field in the `Expr' must include from 1 to 10 subexpressions, joined by the "||" or "&&" operators. Each subexpression must be of the form "resource.matchTag('/tag_key_short_name, 'tag_value_short_name')". or "resource.matchTagId('tagKeys/key_id', 'tagValues/value_id')". where key_name and value_name are the resource names for Label Keys and Values. These names are available from the Tag Manager Service. An example expression is: "resource.matchTag('123456789/environment, 'prod')". or "resource.matchTagId('tagKeys/123', 'tagValues/456')".
	// +kubebuilder:validation:Optional
	Condition *ConditionParameters `json:"condition,omitempty" tf:"condition,omitempty"`

	// Setting this to "TRUE" means that all values are denied. This field can be set only in policies for list constraints.
	// +kubebuilder:validation:Optional
	DenyAll *string `json:"denyAll,omitempty" tf:"deny_all,omitempty"`

	// If "TRUE", then the policy is enforced. If "FALSE", then any configuration is acceptable. This field can be set only in policies for boolean constraints.
	// +kubebuilder:validation:Optional
	Enforce *string `json:"enforce,omitempty" tf:"enforce,omitempty"`

	// List of values to be used for this policy rule. This field can be set only in policies for list constraints.
	// +kubebuilder:validation:Optional
	Values *ValuesParameters `json:"values,omitempty" tf:"values,omitempty"`
}

func (*RulesParameters) DeepCopy

func (in *RulesParameters) DeepCopy() *RulesParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesParameters.

func (*RulesParameters) DeepCopyInto

func (in *RulesParameters) DeepCopyInto(out *RulesParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RulesValuesInitParameters

type RulesValuesInitParameters struct {

	// List of values allowed at this resource.
	AllowedValues []*string `json:"allowedValues,omitempty" tf:"allowed_values,omitempty"`

	// List of values denied at this resource.
	DeniedValues []*string `json:"deniedValues,omitempty" tf:"denied_values,omitempty"`
}

func (*RulesValuesInitParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesValuesInitParameters.

func (*RulesValuesInitParameters) DeepCopyInto

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RulesValuesObservation

type RulesValuesObservation struct {

	// List of values allowed at this resource.
	AllowedValues []*string `json:"allowedValues,omitempty" tf:"allowed_values,omitempty"`

	// List of values denied at this resource.
	DeniedValues []*string `json:"deniedValues,omitempty" tf:"denied_values,omitempty"`
}

func (*RulesValuesObservation) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesValuesObservation.

func (*RulesValuesObservation) DeepCopyInto

func (in *RulesValuesObservation) DeepCopyInto(out *RulesValuesObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RulesValuesParameters

type RulesValuesParameters struct {

	// List of values allowed at this resource.
	// +kubebuilder:validation:Optional
	AllowedValues []*string `json:"allowedValues,omitempty" tf:"allowed_values,omitempty"`

	// List of values denied at this resource.
	// +kubebuilder:validation:Optional
	DeniedValues []*string `json:"deniedValues,omitempty" tf:"denied_values,omitempty"`
}

func (*RulesValuesParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RulesValuesParameters.

func (*RulesValuesParameters) DeepCopyInto

func (in *RulesValuesParameters) DeepCopyInto(out *RulesValuesParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SpecInitParameters

type SpecInitParameters struct {

	// Determines the inheritance behavior for this Policy. If inherit_from_parent is true, PolicyRules set higher up in the hierarchy (up to the closest root) are inherited and present in the effective policy. If it is false, then no rules are inherited, and this Policy becomes the new root for evaluation. This field can be set only for Policies which configure list constraints.
	InheritFromParent *bool `json:"inheritFromParent,omitempty" tf:"inherit_from_parent,omitempty"`

	// Ignores policies set above this resource and restores the constraint_default enforcement behavior of the specific Constraint at this resource. This field can be set in policies for either list or boolean constraints. If set, rules must be empty and inherit_from_parent must be set to false.
	Reset *bool `json:"reset,omitempty" tf:"reset,omitempty"`

	// Up to 10 PolicyRules are allowed. In Policies for boolean constraints, the following requirements apply: - There must be one and only one PolicyRule where condition is unset. - BooleanPolicyRules with conditions must set enforced to the opposite of the PolicyRule without a condition. - During policy evaluation, PolicyRules with conditions that are true for a target resource take precedence.
	Rules []SpecRulesInitParameters `json:"rules,omitempty" tf:"rules,omitempty"`
}

func (*SpecInitParameters) DeepCopy

func (in *SpecInitParameters) DeepCopy() *SpecInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SpecInitParameters.

func (*SpecInitParameters) DeepCopyInto

func (in *SpecInitParameters) DeepCopyInto(out *SpecInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SpecObservation

type SpecObservation struct {

	// An opaque tag indicating the current version of the Policy, used for concurrency control. This field is ignored if used in a CreatePolicy request. When the Policy is returned from either a GetPolicy or a ListPolicies request, this etag indicates the version of the current Policy to use when executing a read-modify-write loop. When the Policy is returned from a GetEffectivePolicy request, the etag will be unset.
	Etag *string `json:"etag,omitempty" tf:"etag,omitempty"`

	// Determines the inheritance behavior for this Policy. If inherit_from_parent is true, PolicyRules set higher up in the hierarchy (up to the closest root) are inherited and present in the effective policy. If it is false, then no rules are inherited, and this Policy becomes the new root for evaluation. This field can be set only for Policies which configure list constraints.
	InheritFromParent *bool `json:"inheritFromParent,omitempty" tf:"inherit_from_parent,omitempty"`

	// Ignores policies set above this resource and restores the constraint_default enforcement behavior of the specific Constraint at this resource. This field can be set in policies for either list or boolean constraints. If set, rules must be empty and inherit_from_parent must be set to false.
	Reset *bool `json:"reset,omitempty" tf:"reset,omitempty"`

	// Up to 10 PolicyRules are allowed. In Policies for boolean constraints, the following requirements apply: - There must be one and only one PolicyRule where condition is unset. - BooleanPolicyRules with conditions must set enforced to the opposite of the PolicyRule without a condition. - During policy evaluation, PolicyRules with conditions that are true for a target resource take precedence.
	Rules []SpecRulesObservation `json:"rules,omitempty" tf:"rules,omitempty"`

	// Output only. The time stamp this was previously updated. This represents the last time a call to CreatePolicy or UpdatePolicy was made for that Policy.
	UpdateTime *string `json:"updateTime,omitempty" tf:"update_time,omitempty"`
}

func (*SpecObservation) DeepCopy

func (in *SpecObservation) DeepCopy() *SpecObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SpecObservation.

func (*SpecObservation) DeepCopyInto

func (in *SpecObservation) DeepCopyInto(out *SpecObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SpecParameters

type SpecParameters struct {

	// Determines the inheritance behavior for this Policy. If inherit_from_parent is true, PolicyRules set higher up in the hierarchy (up to the closest root) are inherited and present in the effective policy. If it is false, then no rules are inherited, and this Policy becomes the new root for evaluation. This field can be set only for Policies which configure list constraints.
	// +kubebuilder:validation:Optional
	InheritFromParent *bool `json:"inheritFromParent,omitempty" tf:"inherit_from_parent,omitempty"`

	// Ignores policies set above this resource and restores the constraint_default enforcement behavior of the specific Constraint at this resource. This field can be set in policies for either list or boolean constraints. If set, rules must be empty and inherit_from_parent must be set to false.
	// +kubebuilder:validation:Optional
	Reset *bool `json:"reset,omitempty" tf:"reset,omitempty"`

	// Up to 10 PolicyRules are allowed. In Policies for boolean constraints, the following requirements apply: - There must be one and only one PolicyRule where condition is unset. - BooleanPolicyRules with conditions must set enforced to the opposite of the PolicyRule without a condition. - During policy evaluation, PolicyRules with conditions that are true for a target resource take precedence.
	// +kubebuilder:validation:Optional
	Rules []SpecRulesParameters `json:"rules,omitempty" tf:"rules,omitempty"`
}

func (*SpecParameters) DeepCopy

func (in *SpecParameters) DeepCopy() *SpecParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SpecParameters.

func (*SpecParameters) DeepCopyInto

func (in *SpecParameters) DeepCopyInto(out *SpecParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SpecRulesInitParameters

type SpecRulesInitParameters struct {

	// Setting this to "TRUE" means that all values are allowed. This field can be set only in policies for list constraints.
	AllowAll *string `json:"allowAll,omitempty" tf:"allow_all,omitempty"`

	// A condition which determines whether this rule is used in the evaluation of the policy. When set, the expression field in the `Expr' must include from 1 to 10 subexpressions, joined by the "||" or "&&" operators. Each subexpression must be of the form "resource.matchTag('/tag_key_short_name, 'tag_value_short_name')". or "resource.matchTagId('tagKeys/key_id', 'tagValues/value_id')". where key_name and value_name are the resource names for Label Keys and Values. These names are available from the Tag Manager Service. An example expression is: "resource.matchTag('123456789/environment, 'prod')". or "resource.matchTagId('tagKeys/123', 'tagValues/456')".
	Condition *RulesConditionInitParameters `json:"condition,omitempty" tf:"condition,omitempty"`

	// Setting this to "TRUE" means that all values are denied. This field can be set only in policies for list constraints.
	DenyAll *string `json:"denyAll,omitempty" tf:"deny_all,omitempty"`

	// If "TRUE", then the policy is enforced. If "FALSE", then any configuration is acceptable. This field can be set only in policies for boolean constraints.
	Enforce *string `json:"enforce,omitempty" tf:"enforce,omitempty"`

	// List of values to be used for this policy rule. This field can be set only in policies for list constraints.
	Values *RulesValuesInitParameters `json:"values,omitempty" tf:"values,omitempty"`
}

func (*SpecRulesInitParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SpecRulesInitParameters.

func (*SpecRulesInitParameters) DeepCopyInto

func (in *SpecRulesInitParameters) DeepCopyInto(out *SpecRulesInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SpecRulesObservation

type SpecRulesObservation struct {

	// Setting this to "TRUE" means that all values are allowed. This field can be set only in policies for list constraints.
	AllowAll *string `json:"allowAll,omitempty" tf:"allow_all,omitempty"`

	// A condition which determines whether this rule is used in the evaluation of the policy. When set, the expression field in the `Expr' must include from 1 to 10 subexpressions, joined by the "||" or "&&" operators. Each subexpression must be of the form "resource.matchTag('/tag_key_short_name, 'tag_value_short_name')". or "resource.matchTagId('tagKeys/key_id', 'tagValues/value_id')". where key_name and value_name are the resource names for Label Keys and Values. These names are available from the Tag Manager Service. An example expression is: "resource.matchTag('123456789/environment, 'prod')". or "resource.matchTagId('tagKeys/123', 'tagValues/456')".
	Condition *RulesConditionObservation `json:"condition,omitempty" tf:"condition,omitempty"`

	// Setting this to "TRUE" means that all values are denied. This field can be set only in policies for list constraints.
	DenyAll *string `json:"denyAll,omitempty" tf:"deny_all,omitempty"`

	// If "TRUE", then the policy is enforced. If "FALSE", then any configuration is acceptable. This field can be set only in policies for boolean constraints.
	Enforce *string `json:"enforce,omitempty" tf:"enforce,omitempty"`

	// List of values to be used for this policy rule. This field can be set only in policies for list constraints.
	Values *RulesValuesObservation `json:"values,omitempty" tf:"values,omitempty"`
}

func (*SpecRulesObservation) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SpecRulesObservation.

func (*SpecRulesObservation) DeepCopyInto

func (in *SpecRulesObservation) DeepCopyInto(out *SpecRulesObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SpecRulesParameters

type SpecRulesParameters struct {

	// Setting this to "TRUE" means that all values are allowed. This field can be set only in policies for list constraints.
	// +kubebuilder:validation:Optional
	AllowAll *string `json:"allowAll,omitempty" tf:"allow_all,omitempty"`

	// A condition which determines whether this rule is used in the evaluation of the policy. When set, the expression field in the `Expr' must include from 1 to 10 subexpressions, joined by the "||" or "&&" operators. Each subexpression must be of the form "resource.matchTag('/tag_key_short_name, 'tag_value_short_name')". or "resource.matchTagId('tagKeys/key_id', 'tagValues/value_id')". where key_name and value_name are the resource names for Label Keys and Values. These names are available from the Tag Manager Service. An example expression is: "resource.matchTag('123456789/environment, 'prod')". or "resource.matchTagId('tagKeys/123', 'tagValues/456')".
	// +kubebuilder:validation:Optional
	Condition *RulesConditionParameters `json:"condition,omitempty" tf:"condition,omitempty"`

	// Setting this to "TRUE" means that all values are denied. This field can be set only in policies for list constraints.
	// +kubebuilder:validation:Optional
	DenyAll *string `json:"denyAll,omitempty" tf:"deny_all,omitempty"`

	// If "TRUE", then the policy is enforced. If "FALSE", then any configuration is acceptable. This field can be set only in policies for boolean constraints.
	// +kubebuilder:validation:Optional
	Enforce *string `json:"enforce,omitempty" tf:"enforce,omitempty"`

	// List of values to be used for this policy rule. This field can be set only in policies for list constraints.
	// +kubebuilder:validation:Optional
	Values *RulesValuesParameters `json:"values,omitempty" tf:"values,omitempty"`
}

func (*SpecRulesParameters) DeepCopy

func (in *SpecRulesParameters) DeepCopy() *SpecRulesParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SpecRulesParameters.

func (*SpecRulesParameters) DeepCopyInto

func (in *SpecRulesParameters) DeepCopyInto(out *SpecRulesParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ValuesInitParameters

type ValuesInitParameters struct {

	// List of values allowed at this resource.
	AllowedValues []*string `json:"allowedValues,omitempty" tf:"allowed_values,omitempty"`

	// List of values denied at this resource.
	DeniedValues []*string `json:"deniedValues,omitempty" tf:"denied_values,omitempty"`
}

func (*ValuesInitParameters) DeepCopy

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValuesInitParameters.

func (*ValuesInitParameters) DeepCopyInto

func (in *ValuesInitParameters) DeepCopyInto(out *ValuesInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ValuesObservation

type ValuesObservation struct {

	// List of values allowed at this resource.
	AllowedValues []*string `json:"allowedValues,omitempty" tf:"allowed_values,omitempty"`

	// List of values denied at this resource.
	DeniedValues []*string `json:"deniedValues,omitempty" tf:"denied_values,omitempty"`
}

func (*ValuesObservation) DeepCopy

func (in *ValuesObservation) DeepCopy() *ValuesObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValuesObservation.

func (*ValuesObservation) DeepCopyInto

func (in *ValuesObservation) DeepCopyInto(out *ValuesObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ValuesParameters

type ValuesParameters struct {

	// List of values allowed at this resource.
	// +kubebuilder:validation:Optional
	AllowedValues []*string `json:"allowedValues,omitempty" tf:"allowed_values,omitempty"`

	// List of values denied at this resource.
	// +kubebuilder:validation:Optional
	DeniedValues []*string `json:"deniedValues,omitempty" tf:"denied_values,omitempty"`
}

func (*ValuesParameters) DeepCopy

func (in *ValuesParameters) DeepCopy() *ValuesParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ValuesParameters.

func (*ValuesParameters) DeepCopyInto

func (in *ValuesParameters) DeepCopyInto(out *ValuesParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL