Documentation ¶
Overview ¶
+kubebuilder:object:generate=true +groupName=managed.vault.upbound.io +versionName=v1alpha1
Index ¶
- Constants
- Variables
- type AwsInitParameters
- type AwsObservation
- type AwsParameters
- type AzureInitParameters
- type AzureObservation
- type AzureParameters
- type Keys
- func (in *Keys) DeepCopy() *Keys
- func (in *Keys) DeepCopyInto(out *Keys)
- func (in *Keys) DeepCopyObject() runtime.Object
- func (mg *Keys) GetCondition(ct xpv1.ConditionType) xpv1.Condition
- func (tr *Keys) GetConnectionDetailsMapping() map[string]string
- func (mg *Keys) GetDeletionPolicy() xpv1.DeletionPolicy
- func (tr *Keys) GetID() string
- func (tr *Keys) GetInitParameters() (map[string]any, error)
- func (mg *Keys) GetManagementPolicies() xpv1.ManagementPolicies
- func (tr *Keys) GetObservation() (map[string]any, error)
- func (tr *Keys) GetParameters() (map[string]any, error)
- func (mg *Keys) GetProviderConfigReference() *xpv1.Reference
- func (mg *Keys) GetProviderReference() *xpv1.Reference
- func (mg *Keys) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo
- func (mg *Keys) GetTerraformResourceType() string
- func (tr *Keys) GetTerraformSchemaVersion() int
- func (mg *Keys) GetWriteConnectionSecretToReference() *xpv1.SecretReference
- func (tr *Keys) LateInitialize(attrs []byte) (bool, error)
- func (mg *Keys) SetConditions(c ...xpv1.Condition)
- func (mg *Keys) SetDeletionPolicy(r xpv1.DeletionPolicy)
- func (mg *Keys) SetManagementPolicies(r xpv1.ManagementPolicies)
- func (tr *Keys) SetObservation(obs map[string]any) error
- func (tr *Keys) SetParameters(params map[string]any) error
- func (mg *Keys) SetProviderConfigReference(r *xpv1.Reference)
- func (mg *Keys) SetProviderReference(r *xpv1.Reference)
- func (mg *Keys) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)
- func (mg *Keys) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)
- type KeysInitParameters
- type KeysList
- type KeysObservation
- type KeysParameters
- type KeysSpec
- type KeysStatus
- type PkcsInitParameters
- type PkcsObservation
- type PkcsParameters
Constants ¶
const ( CRDGroup = "managed.vault.upbound.io" CRDVersion = "v1alpha1" )
Package type metadata.
Variables ¶
var ( // CRDGroupVersion is the API Group Version used to register the objects CRDGroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: CRDGroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
var ( Keys_Kind = "Keys" Keys_GroupKind = schema.GroupKind{Group: CRDGroup, Kind: Keys_Kind}.String() Keys_KindAPIVersion = Keys_Kind + "." + CRDGroupVersion.String() Keys_GroupVersionKind = CRDGroupVersion.WithKind(Keys_Kind) )
Repository type metadata.
Functions ¶
This section is empty.
Types ¶
type AwsInitParameters ¶ added in v0.2.0
type AwsInitParameters struct { // The AWS access key to use. // The AWS access key to use AccessKey *string `json:"accessKey,omitempty" tf:"access_key,omitempty"` // If no existing key can be found in // the referenced backend, instructs Vault to generate a key within the backend. // If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"` // Controls the ability for Vault to replace through // generation or importing a key into the configured backend even // if a key is present, if set to false those operations are forbidden // if a key exists. // Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists. AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"` // Controls the ability for Vault to import a key to the // configured backend, if false, those operations will be forbidden. // Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"` // If true, allows usage from any mount point within the // namespace. // Allow usage from any mount point within the namespace if 'true' AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"` // The curve to use for an ECDSA key. Used when key_type // is ECDSA. Required if allow_generate_key is true. // The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true Curve *string `json:"curve,omitempty" tf:"curve,omitempty"` // Used to specify a custom AWS endpoint. // Used to specify a custom AWS endpoint Endpoint *string `json:"endpoint,omitempty" tf:"endpoint,omitempty"` // An identifier for the key. // An identifier for the key KMSKey *string `json:"kmsKey,omitempty" tf:"kms_key,omitempty"` // The size in bits for an RSA key. // The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"` // The type of key to use. // The type of key to use KeyType *string `json:"keyType,omitempty" tf:"key_type,omitempty"` // A unique lowercase name that serves as identifying the key. // A unique lowercase name that serves as identifying the key Name *string `json:"name,omitempty" tf:"name,omitempty"` // The AWS region where the keys are stored (or will be stored). // The AWS region where the keys are stored (or will be stored) Region *string `json:"region,omitempty" tf:"region,omitempty"` // The AWS access key to use. // The AWS secret key to use SecretKey *string `json:"secretKey,omitempty" tf:"secret_key,omitempty"` }
func (*AwsInitParameters) DeepCopy ¶ added in v0.2.0
func (in *AwsInitParameters) DeepCopy() *AwsInitParameters
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsInitParameters.
func (*AwsInitParameters) DeepCopyInto ¶ added in v0.2.0
func (in *AwsInitParameters) DeepCopyInto(out *AwsInitParameters)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AwsObservation ¶
type AwsObservation struct { // The AWS access key to use. // The AWS access key to use AccessKey *string `json:"accessKey,omitempty" tf:"access_key,omitempty"` // If no existing key can be found in // the referenced backend, instructs Vault to generate a key within the backend. // If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"` // Controls the ability for Vault to replace through // generation or importing a key into the configured backend even // if a key is present, if set to false those operations are forbidden // if a key exists. // Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists. AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"` // Controls the ability for Vault to import a key to the // configured backend, if false, those operations will be forbidden. // Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"` // If true, allows usage from any mount point within the // namespace. // Allow usage from any mount point within the namespace if 'true' AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"` // The curve to use for an ECDSA key. Used when key_type // is ECDSA. Required if allow_generate_key is true. // The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true Curve *string `json:"curve,omitempty" tf:"curve,omitempty"` // Used to specify a custom AWS endpoint. // Used to specify a custom AWS endpoint Endpoint *string `json:"endpoint,omitempty" tf:"endpoint,omitempty"` // An identifier for the key. // An identifier for the key KMSKey *string `json:"kmsKey,omitempty" tf:"kms_key,omitempty"` // The size in bits for an RSA key. // The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"` // The type of key to use. // The type of key to use KeyType *string `json:"keyType,omitempty" tf:"key_type,omitempty"` // A unique lowercase name that serves as identifying the key. // A unique lowercase name that serves as identifying the key Name *string `json:"name,omitempty" tf:"name,omitempty"` // The AWS region where the keys are stored (or will be stored). // The AWS region where the keys are stored (or will be stored) Region *string `json:"region,omitempty" tf:"region,omitempty"` // The AWS access key to use. // The AWS secret key to use SecretKey *string `json:"secretKey,omitempty" tf:"secret_key,omitempty"` // ID of the managed key read from Vault UUID *string `json:"uuid,omitempty" tf:"uuid,omitempty"` }
func (*AwsObservation) DeepCopy ¶
func (in *AwsObservation) DeepCopy() *AwsObservation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsObservation.
func (*AwsObservation) DeepCopyInto ¶
func (in *AwsObservation) DeepCopyInto(out *AwsObservation)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AwsParameters ¶
type AwsParameters struct { // The AWS access key to use. // The AWS access key to use // +kubebuilder:validation:Optional AccessKey *string `json:"accessKey,omitempty" tf:"access_key,omitempty"` // If no existing key can be found in // the referenced backend, instructs Vault to generate a key within the backend. // If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend // +kubebuilder:validation:Optional AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"` // Controls the ability for Vault to replace through // generation or importing a key into the configured backend even // if a key is present, if set to false those operations are forbidden // if a key exists. // Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists. // +kubebuilder:validation:Optional AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"` // Controls the ability for Vault to import a key to the // configured backend, if false, those operations will be forbidden. // Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden // +kubebuilder:validation:Optional AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"` // If true, allows usage from any mount point within the // namespace. // Allow usage from any mount point within the namespace if 'true' // +kubebuilder:validation:Optional AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"` // The curve to use for an ECDSA key. Used when key_type // is ECDSA. Required if allow_generate_key is true. // The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true // +kubebuilder:validation:Optional Curve *string `json:"curve,omitempty" tf:"curve,omitempty"` // Used to specify a custom AWS endpoint. // Used to specify a custom AWS endpoint // +kubebuilder:validation:Optional Endpoint *string `json:"endpoint,omitempty" tf:"endpoint,omitempty"` // An identifier for the key. // An identifier for the key // +kubebuilder:validation:Optional KMSKey *string `json:"kmsKey,omitempty" tf:"kms_key,omitempty"` // The size in bits for an RSA key. // The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' // +kubebuilder:validation:Optional KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"` // The type of key to use. // The type of key to use // +kubebuilder:validation:Optional KeyType *string `json:"keyType,omitempty" tf:"key_type,omitempty"` // A unique lowercase name that serves as identifying the key. // A unique lowercase name that serves as identifying the key // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` // The AWS region where the keys are stored (or will be stored). // The AWS region where the keys are stored (or will be stored) // +kubebuilder:validation:Optional Region *string `json:"region,omitempty" tf:"region,omitempty"` // The AWS access key to use. // The AWS secret key to use // +kubebuilder:validation:Optional SecretKey *string `json:"secretKey,omitempty" tf:"secret_key,omitempty"` }
func (*AwsParameters) DeepCopy ¶
func (in *AwsParameters) DeepCopy() *AwsParameters
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsParameters.
func (*AwsParameters) DeepCopyInto ¶
func (in *AwsParameters) DeepCopyInto(out *AwsParameters)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AzureInitParameters ¶ added in v0.2.0
type AzureInitParameters struct { // If no existing key can be found in // the referenced backend, instructs Vault to generate a key within the backend. // If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"` // Controls the ability for Vault to replace through // generation or importing a key into the configured backend even // if a key is present, if set to false those operations are forbidden // if a key exists. // Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists. AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"` // Controls the ability for Vault to import a key to the // configured backend, if false, those operations will be forbidden. // Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"` // If true, allows usage from any mount point within the // namespace. // Allow usage from any mount point within the namespace if 'true' AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"` // The client id for credentials to query the Azure APIs. // The client id for credentials to query the Azure APIs ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"` // The client secret for credentials to query the Azure APIs. // The client secret for credentials to query the Azure APIs ClientSecret *string `json:"clientSecret,omitempty" tf:"client_secret,omitempty"` // The Azure Cloud environment API endpoints to use. // The Azure Cloud environment API endpoints to use Environment *string `json:"environment,omitempty" tf:"environment,omitempty"` // The size in bits for an RSA key. // The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"` // The Key Vault key to use for encryption and decryption. // The Key Vault key to use for encryption and decryption KeyName *string `json:"keyName,omitempty" tf:"key_name,omitempty"` // The type of key to use. // The type of key to use KeyType *string `json:"keyType,omitempty" tf:"key_type,omitempty"` // A unique lowercase name that serves as identifying the key. // A unique lowercase name that serves as identifying the key Name *string `json:"name,omitempty" tf:"name,omitempty"` // The Azure Key Vault resource's DNS Suffix to connect to. // The Azure Key Vault resource's DNS Suffix to connect to Resource *string `json:"resource,omitempty" tf:"resource,omitempty"` // The tenant id for the Azure Active Directory organization. // The tenant id for the Azure Active Directory organization TenantID *string `json:"tenantId,omitempty" tf:"tenant_id,omitempty"` // The Key Vault vault to use for encryption and decryption. // The Key Vault vault to use the encryption keys for encryption and decryption VaultName *string `json:"vaultName,omitempty" tf:"vault_name,omitempty"` }
func (*AzureInitParameters) DeepCopy ¶ added in v0.2.0
func (in *AzureInitParameters) DeepCopy() *AzureInitParameters
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureInitParameters.
func (*AzureInitParameters) DeepCopyInto ¶ added in v0.2.0
func (in *AzureInitParameters) DeepCopyInto(out *AzureInitParameters)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AzureObservation ¶
type AzureObservation struct { // If no existing key can be found in // the referenced backend, instructs Vault to generate a key within the backend. // If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"` // Controls the ability for Vault to replace through // generation or importing a key into the configured backend even // if a key is present, if set to false those operations are forbidden // if a key exists. // Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists. AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"` // Controls the ability for Vault to import a key to the // configured backend, if false, those operations will be forbidden. // Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"` // If true, allows usage from any mount point within the // namespace. // Allow usage from any mount point within the namespace if 'true' AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"` // The client id for credentials to query the Azure APIs. // The client id for credentials to query the Azure APIs ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"` // The client secret for credentials to query the Azure APIs. // The client secret for credentials to query the Azure APIs ClientSecret *string `json:"clientSecret,omitempty" tf:"client_secret,omitempty"` // The Azure Cloud environment API endpoints to use. // The Azure Cloud environment API endpoints to use Environment *string `json:"environment,omitempty" tf:"environment,omitempty"` // The size in bits for an RSA key. // The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"` // The Key Vault key to use for encryption and decryption. // The Key Vault key to use for encryption and decryption KeyName *string `json:"keyName,omitempty" tf:"key_name,omitempty"` // The type of key to use. // The type of key to use KeyType *string `json:"keyType,omitempty" tf:"key_type,omitempty"` // A unique lowercase name that serves as identifying the key. // A unique lowercase name that serves as identifying the key Name *string `json:"name,omitempty" tf:"name,omitempty"` // The Azure Key Vault resource's DNS Suffix to connect to. // The Azure Key Vault resource's DNS Suffix to connect to Resource *string `json:"resource,omitempty" tf:"resource,omitempty"` // The tenant id for the Azure Active Directory organization. // The tenant id for the Azure Active Directory organization TenantID *string `json:"tenantId,omitempty" tf:"tenant_id,omitempty"` // ID of the managed key read from Vault UUID *string `json:"uuid,omitempty" tf:"uuid,omitempty"` // The Key Vault vault to use for encryption and decryption. // The Key Vault vault to use the encryption keys for encryption and decryption VaultName *string `json:"vaultName,omitempty" tf:"vault_name,omitempty"` }
func (*AzureObservation) DeepCopy ¶
func (in *AzureObservation) DeepCopy() *AzureObservation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureObservation.
func (*AzureObservation) DeepCopyInto ¶
func (in *AzureObservation) DeepCopyInto(out *AzureObservation)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AzureParameters ¶
type AzureParameters struct { // If no existing key can be found in // the referenced backend, instructs Vault to generate a key within the backend. // If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend // +kubebuilder:validation:Optional AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"` // Controls the ability for Vault to replace through // generation or importing a key into the configured backend even // if a key is present, if set to false those operations are forbidden // if a key exists. // Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists. // +kubebuilder:validation:Optional AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"` // Controls the ability for Vault to import a key to the // configured backend, if false, those operations will be forbidden. // Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden // +kubebuilder:validation:Optional AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"` // If true, allows usage from any mount point within the // namespace. // Allow usage from any mount point within the namespace if 'true' // +kubebuilder:validation:Optional AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"` // The client id for credentials to query the Azure APIs. // The client id for credentials to query the Azure APIs // +kubebuilder:validation:Optional ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"` // The client secret for credentials to query the Azure APIs. // The client secret for credentials to query the Azure APIs // +kubebuilder:validation:Optional ClientSecret *string `json:"clientSecret,omitempty" tf:"client_secret,omitempty"` // The Azure Cloud environment API endpoints to use. // The Azure Cloud environment API endpoints to use // +kubebuilder:validation:Optional Environment *string `json:"environment,omitempty" tf:"environment,omitempty"` // The size in bits for an RSA key. // The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true // +kubebuilder:validation:Optional KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"` // The Key Vault key to use for encryption and decryption. // The Key Vault key to use for encryption and decryption // +kubebuilder:validation:Optional KeyName *string `json:"keyName,omitempty" tf:"key_name,omitempty"` // The type of key to use. // The type of key to use // +kubebuilder:validation:Optional KeyType *string `json:"keyType,omitempty" tf:"key_type,omitempty"` // A unique lowercase name that serves as identifying the key. // A unique lowercase name that serves as identifying the key // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` // The Azure Key Vault resource's DNS Suffix to connect to. // The Azure Key Vault resource's DNS Suffix to connect to // +kubebuilder:validation:Optional Resource *string `json:"resource,omitempty" tf:"resource,omitempty"` // The tenant id for the Azure Active Directory organization. // The tenant id for the Azure Active Directory organization // +kubebuilder:validation:Optional TenantID *string `json:"tenantId,omitempty" tf:"tenant_id,omitempty"` // The Key Vault vault to use for encryption and decryption. // The Key Vault vault to use the encryption keys for encryption and decryption // +kubebuilder:validation:Optional VaultName *string `json:"vaultName,omitempty" tf:"vault_name,omitempty"` }
func (*AzureParameters) DeepCopy ¶
func (in *AzureParameters) DeepCopy() *AzureParameters
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureParameters.
func (*AzureParameters) DeepCopyInto ¶
func (in *AzureParameters) DeepCopyInto(out *AzureParameters)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Keys ¶
type Keys struct { metav1.TypeMeta `json:",inline"` metav1.ObjectMeta `json:"metadata,omitempty"` Spec KeysSpec `json:"spec"` Status KeysStatus `json:"status,omitempty"` }
Keys is the Schema for the Keyss API. Configures Managed Keys in Vault +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,vault}
func (*Keys) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Keys.
func (*Keys) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*Keys) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*Keys) GetCondition ¶
func (mg *Keys) GetCondition(ct xpv1.ConditionType) xpv1.Condition
GetCondition of this Keys.
func (*Keys) GetConnectionDetailsMapping ¶
GetConnectionDetailsMapping for this Keys
func (*Keys) GetDeletionPolicy ¶
func (mg *Keys) GetDeletionPolicy() xpv1.DeletionPolicy
GetDeletionPolicy of this Keys.
func (*Keys) GetInitParameters ¶ added in v0.2.0
GetInitParameters of this Keys
func (*Keys) GetManagementPolicies ¶ added in v0.2.0
func (mg *Keys) GetManagementPolicies() xpv1.ManagementPolicies
GetManagementPolicies of this Keys.
func (*Keys) GetObservation ¶
GetObservation of this Keys
func (*Keys) GetParameters ¶
GetParameters of this Keys
func (*Keys) GetProviderConfigReference ¶
GetProviderConfigReference of this Keys.
func (*Keys) GetProviderReference ¶
GetProviderReference of this Keys. Deprecated: Use GetProviderConfigReference.
func (*Keys) GetPublishConnectionDetailsTo ¶
func (mg *Keys) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo
GetPublishConnectionDetailsTo of this Keys.
func (*Keys) GetTerraformResourceType ¶
GetTerraformResourceType returns Terraform resource type for this Keys
func (*Keys) GetTerraformSchemaVersion ¶
GetTerraformSchemaVersion returns the associated Terraform schema version
func (*Keys) GetWriteConnectionSecretToReference ¶
func (mg *Keys) GetWriteConnectionSecretToReference() *xpv1.SecretReference
GetWriteConnectionSecretToReference of this Keys.
func (*Keys) LateInitialize ¶
LateInitialize this Keys using its observed tfState. returns True if there are any spec changes for the resource.
func (*Keys) SetConditions ¶
SetConditions of this Keys.
func (*Keys) SetDeletionPolicy ¶
func (mg *Keys) SetDeletionPolicy(r xpv1.DeletionPolicy)
SetDeletionPolicy of this Keys.
func (*Keys) SetManagementPolicies ¶ added in v0.2.0
func (mg *Keys) SetManagementPolicies(r xpv1.ManagementPolicies)
SetManagementPolicies of this Keys.
func (*Keys) SetObservation ¶
SetObservation for this Keys
func (*Keys) SetParameters ¶
SetParameters for this Keys
func (*Keys) SetProviderConfigReference ¶
SetProviderConfigReference of this Keys.
func (*Keys) SetProviderReference ¶
SetProviderReference of this Keys. Deprecated: Use SetProviderConfigReference.
func (*Keys) SetPublishConnectionDetailsTo ¶
func (mg *Keys) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)
SetPublishConnectionDetailsTo of this Keys.
func (*Keys) SetWriteConnectionSecretToReference ¶
func (mg *Keys) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)
SetWriteConnectionSecretToReference of this Keys.
type KeysInitParameters ¶ added in v0.2.0
type KeysInitParameters struct { // Configuration block for AWS Managed Keys Aws []AwsInitParameters `json:"aws,omitempty" tf:"aws,omitempty"` // Configuration block for Azure Managed Keys Azure []AzureInitParameters `json:"azure,omitempty" tf:"azure,omitempty"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The namespace is always relative to the provider's configured namespace. // Available only for Vault Enterprise. // Target namespace. (requires Enterprise) Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"` // Configuration block for PKCS Managed Keys Pkcs []PkcsInitParameters `json:"pkcs,omitempty" tf:"pkcs,omitempty"` }
func (*KeysInitParameters) DeepCopy ¶ added in v0.2.0
func (in *KeysInitParameters) DeepCopy() *KeysInitParameters
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysInitParameters.
func (*KeysInitParameters) DeepCopyInto ¶ added in v0.2.0
func (in *KeysInitParameters) DeepCopyInto(out *KeysInitParameters)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KeysList ¶
type KeysList struct { metav1.TypeMeta `json:",inline"` metav1.ListMeta `json:"metadata,omitempty"` Items []Keys `json:"items"` }
KeysList contains a list of Keyss
func (*KeysList) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysList.
func (*KeysList) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*KeysList) DeepCopyObject ¶
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type KeysObservation ¶
type KeysObservation struct { // Configuration block for AWS Managed Keys Aws []AwsObservation `json:"aws,omitempty" tf:"aws,omitempty"` // Configuration block for Azure Managed Keys Azure []AzureObservation `json:"azure,omitempty" tf:"azure,omitempty"` ID *string `json:"id,omitempty" tf:"id,omitempty"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The namespace is always relative to the provider's configured namespace. // Available only for Vault Enterprise. // Target namespace. (requires Enterprise) Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"` // Configuration block for PKCS Managed Keys Pkcs []PkcsObservation `json:"pkcs,omitempty" tf:"pkcs,omitempty"` }
func (*KeysObservation) DeepCopy ¶
func (in *KeysObservation) DeepCopy() *KeysObservation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysObservation.
func (*KeysObservation) DeepCopyInto ¶
func (in *KeysObservation) DeepCopyInto(out *KeysObservation)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KeysParameters ¶
type KeysParameters struct { // Configuration block for AWS Managed Keys // +kubebuilder:validation:Optional Aws []AwsParameters `json:"aws,omitempty" tf:"aws,omitempty"` // Configuration block for Azure Managed Keys // +kubebuilder:validation:Optional Azure []AzureParameters `json:"azure,omitempty" tf:"azure,omitempty"` // The namespace to provision the resource in. // The value should not contain leading or trailing forward slashes. // The namespace is always relative to the provider's configured namespace. // Available only for Vault Enterprise. // Target namespace. (requires Enterprise) // +kubebuilder:validation:Optional Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"` // Configuration block for PKCS Managed Keys // +kubebuilder:validation:Optional Pkcs []PkcsParameters `json:"pkcs,omitempty" tf:"pkcs,omitempty"` }
func (*KeysParameters) DeepCopy ¶
func (in *KeysParameters) DeepCopy() *KeysParameters
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysParameters.
func (*KeysParameters) DeepCopyInto ¶
func (in *KeysParameters) DeepCopyInto(out *KeysParameters)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KeysSpec ¶
type KeysSpec struct { v1.ResourceSpec `json:",inline"` ForProvider KeysParameters `json:"forProvider"` // THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored // unless the relevant Crossplane feature flag is enabled, and may be // changed or removed without notice. // InitProvider holds the same fields as ForProvider, with the exception // of Identifier and other resource reference fields. The fields that are // in InitProvider are merged into ForProvider when the resource is created. // The same fields are also added to the terraform ignore_changes hook, to // avoid updating them after creation. This is useful for fields that are // required on creation, but we do not desire to update them after creation, // for example because of an external controller is managing them, like an // autoscaler. InitProvider KeysInitParameters `json:"initProvider,omitempty"` }
KeysSpec defines the desired state of Keys
func (*KeysSpec) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysSpec.
func (*KeysSpec) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KeysStatus ¶
type KeysStatus struct { v1.ResourceStatus `json:",inline"` AtProvider KeysObservation `json:"atProvider,omitempty"` }
KeysStatus defines the observed state of Keys.
func (*KeysStatus) DeepCopy ¶
func (in *KeysStatus) DeepCopy() *KeysStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysStatus.
func (*KeysStatus) DeepCopyInto ¶
func (in *KeysStatus) DeepCopyInto(out *KeysStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PkcsInitParameters ¶ added in v0.2.0
type PkcsInitParameters struct { // If no existing key can be found in // the referenced backend, instructs Vault to generate a key within the backend. // If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"` // Controls the ability for Vault to replace through // generation or importing a key into the configured backend even // if a key is present, if set to false those operations are forbidden // if a key exists. // Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists. AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"` // Controls the ability for Vault to import a key to the // configured backend, if false, those operations will be forbidden. // Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"` // If true, allows usage from any mount point within the // namespace. // Allow usage from any mount point within the namespace if 'true' AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"` // The curve to use for an ECDSA key. Used when key_type // is ECDSA. Required if allow_generate_key is true. // Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true Curve *string `json:"curve,omitempty" tf:"curve,omitempty"` // Force all operations to open up a read-write session to // the HSM. // Force all operations to open up a read-write session to the HSM ForceRwSession *string `json:"forceRwSession,omitempty" tf:"force_rw_session,omitempty"` // The size in bits for an RSA key. // Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"` // The id of a PKCS#11 key to use. // The id of a PKCS#11 key to use KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"` // The label of the key to use. // The label of the key to use KeyLabel *string `json:"keyLabel,omitempty" tf:"key_label,omitempty"` // The name of the kms_library stanza to use from Vault's config // to lookup the local library path. // The name of the kms_library stanza to use from Vault's config to lookup the local library path Library *string `json:"library,omitempty" tf:"library,omitempty"` // The encryption/decryption mechanism to use, specified as a // hexadecimal (prefixed by 0x) string. // The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string. Mechanism *string `json:"mechanism,omitempty" tf:"mechanism,omitempty"` // A unique lowercase name that serves as identifying the key. // A unique lowercase name that serves as identifying the key Name *string `json:"name,omitempty" tf:"name,omitempty"` // The PIN for login. // The PIN for login Pin *string `json:"pin,omitempty" tf:"pin,omitempty"` // The slot number to use, specified as a string in a decimal format // (e.g. 2305843009213693953). // The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953') Slot *string `json:"slot,omitempty" tf:"slot,omitempty"` // The slot token label to use. // The slot token label to use TokenLabel *string `json:"tokenLabel,omitempty" tf:"token_label,omitempty"` }
func (*PkcsInitParameters) DeepCopy ¶ added in v0.2.0
func (in *PkcsInitParameters) DeepCopy() *PkcsInitParameters
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PkcsInitParameters.
func (*PkcsInitParameters) DeepCopyInto ¶ added in v0.2.0
func (in *PkcsInitParameters) DeepCopyInto(out *PkcsInitParameters)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PkcsObservation ¶
type PkcsObservation struct { // If no existing key can be found in // the referenced backend, instructs Vault to generate a key within the backend. // If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"` // Controls the ability for Vault to replace through // generation or importing a key into the configured backend even // if a key is present, if set to false those operations are forbidden // if a key exists. // Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists. AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"` // Controls the ability for Vault to import a key to the // configured backend, if false, those operations will be forbidden. // Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"` // If true, allows usage from any mount point within the // namespace. // Allow usage from any mount point within the namespace if 'true' AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"` // The curve to use for an ECDSA key. Used when key_type // is ECDSA. Required if allow_generate_key is true. // Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true Curve *string `json:"curve,omitempty" tf:"curve,omitempty"` // Force all operations to open up a read-write session to // the HSM. // Force all operations to open up a read-write session to the HSM ForceRwSession *string `json:"forceRwSession,omitempty" tf:"force_rw_session,omitempty"` // The size in bits for an RSA key. // Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"` // The id of a PKCS#11 key to use. // The id of a PKCS#11 key to use KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"` // The label of the key to use. // The label of the key to use KeyLabel *string `json:"keyLabel,omitempty" tf:"key_label,omitempty"` // The name of the kms_library stanza to use from Vault's config // to lookup the local library path. // The name of the kms_library stanza to use from Vault's config to lookup the local library path Library *string `json:"library,omitempty" tf:"library,omitempty"` // The encryption/decryption mechanism to use, specified as a // hexadecimal (prefixed by 0x) string. // The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string. Mechanism *string `json:"mechanism,omitempty" tf:"mechanism,omitempty"` // A unique lowercase name that serves as identifying the key. // A unique lowercase name that serves as identifying the key Name *string `json:"name,omitempty" tf:"name,omitempty"` // The PIN for login. // The PIN for login Pin *string `json:"pin,omitempty" tf:"pin,omitempty"` // The slot number to use, specified as a string in a decimal format // (e.g. 2305843009213693953). // The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953') Slot *string `json:"slot,omitempty" tf:"slot,omitempty"` // The slot token label to use. // The slot token label to use TokenLabel *string `json:"tokenLabel,omitempty" tf:"token_label,omitempty"` // ID of the managed key read from Vault UUID *string `json:"uuid,omitempty" tf:"uuid,omitempty"` }
func (*PkcsObservation) DeepCopy ¶
func (in *PkcsObservation) DeepCopy() *PkcsObservation
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PkcsObservation.
func (*PkcsObservation) DeepCopyInto ¶
func (in *PkcsObservation) DeepCopyInto(out *PkcsObservation)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type PkcsParameters ¶
type PkcsParameters struct { // If no existing key can be found in // the referenced backend, instructs Vault to generate a key within the backend. // If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend // +kubebuilder:validation:Optional AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"` // Controls the ability for Vault to replace through // generation or importing a key into the configured backend even // if a key is present, if set to false those operations are forbidden // if a key exists. // Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists. // +kubebuilder:validation:Optional AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"` // Controls the ability for Vault to import a key to the // configured backend, if false, those operations will be forbidden. // Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden // +kubebuilder:validation:Optional AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"` // If true, allows usage from any mount point within the // namespace. // Allow usage from any mount point within the namespace if 'true' // +kubebuilder:validation:Optional AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"` // The curve to use for an ECDSA key. Used when key_type // is ECDSA. Required if allow_generate_key is true. // Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true // +kubebuilder:validation:Optional Curve *string `json:"curve,omitempty" tf:"curve,omitempty"` // Force all operations to open up a read-write session to // the HSM. // Force all operations to open up a read-write session to the HSM // +kubebuilder:validation:Optional ForceRwSession *string `json:"forceRwSession,omitempty" tf:"force_rw_session,omitempty"` // The size in bits for an RSA key. // Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true // +kubebuilder:validation:Optional KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"` // The id of a PKCS#11 key to use. // The id of a PKCS#11 key to use // +kubebuilder:validation:Optional KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"` // The label of the key to use. // The label of the key to use // +kubebuilder:validation:Optional KeyLabel *string `json:"keyLabel,omitempty" tf:"key_label,omitempty"` // The name of the kms_library stanza to use from Vault's config // to lookup the local library path. // The name of the kms_library stanza to use from Vault's config to lookup the local library path // +kubebuilder:validation:Optional Library *string `json:"library,omitempty" tf:"library,omitempty"` // The encryption/decryption mechanism to use, specified as a // hexadecimal (prefixed by 0x) string. // The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string. // +kubebuilder:validation:Optional Mechanism *string `json:"mechanism,omitempty" tf:"mechanism,omitempty"` // A unique lowercase name that serves as identifying the key. // A unique lowercase name that serves as identifying the key // +kubebuilder:validation:Optional Name *string `json:"name,omitempty" tf:"name,omitempty"` // The PIN for login. // The PIN for login // +kubebuilder:validation:Optional Pin *string `json:"pin,omitempty" tf:"pin,omitempty"` // The slot number to use, specified as a string in a decimal format // (e.g. 2305843009213693953). // The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953') // +kubebuilder:validation:Optional Slot *string `json:"slot,omitempty" tf:"slot,omitempty"` // The slot token label to use. // The slot token label to use // +kubebuilder:validation:Optional TokenLabel *string `json:"tokenLabel,omitempty" tf:"token_label,omitempty"` }
func (*PkcsParameters) DeepCopy ¶
func (in *PkcsParameters) DeepCopy() *PkcsParameters
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PkcsParameters.
func (*PkcsParameters) DeepCopyInto ¶
func (in *PkcsParameters) DeepCopyInto(out *PkcsParameters)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.