v1alpha1

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 21, 2023 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Overview

+kubebuilder:object:generate=true +groupName=managed.vault.upbound.io +versionName=v1alpha1

Index

Constants

View Source 
const (
	CRDGroup   = "managed.vault.upbound.io"
	CRDVersion = "v1alpha1"
)

Package type metadata.

Variables

View Source 
var (
	// CRDGroupVersion is the API Group Version used to register the objects
	CRDGroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: CRDGroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var (
	Keys_Kind             = "Keys"
	Keys_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: Keys_Kind}.String()
	Keys_KindAPIVersion   = Keys_Kind + "." + CRDGroupVersion.String()
	Keys_GroupVersionKind = CRDGroupVersion.WithKind(Keys_Kind)
)

Repository type metadata.

Functions

This section is empty.

Types

type AwsObservation 

type AwsObservation struct {

	// The AWS access key to use
	AccessKey *string `json:"accessKey,omitempty" tf:"access_key,omitempty"`

	// If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
	AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"`

	// Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
	AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"`

	// Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
	AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"`

	// Allow usage from any mount point within the namespace if 'true'
	AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"`

	// The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
	Curve *string `json:"curve,omitempty" tf:"curve,omitempty"`

	// Used to specify a custom AWS endpoint
	Endpoint *string `json:"endpoint,omitempty" tf:"endpoint,omitempty"`

	// An identifier for the key
	KMSKey *string `json:"kmsKey,omitempty" tf:"kms_key,omitempty"`

	// The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
	KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"`

	// The type of key to use
	KeyType *string `json:"keyType,omitempty" tf:"key_type,omitempty"`

	// A unique lowercase name that serves as identifying the key
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The AWS region where the keys are stored (or will be stored)
	Region *string `json:"region,omitempty" tf:"region,omitempty"`

	// The AWS secret key to use
	SecretKey *string `json:"secretKey,omitempty" tf:"secret_key,omitempty"`

	// ID of the managed key read from Vault
	UUID *string `json:"uuid,omitempty" tf:"uuid,omitempty"`
}

func (*AwsObservation) DeepCopy 

func (in *AwsObservation) DeepCopy() *AwsObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsObservation.

func (*AwsObservation) DeepCopyInto 

func (in *AwsObservation) DeepCopyInto(out *AwsObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AwsParameters 

type AwsParameters struct {

	// The AWS access key to use
	// +kubebuilder:validation:Required
	AccessKey *string `json:"accessKey" tf:"access_key,omitempty"`

	// If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
	// +kubebuilder:validation:Optional
	AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"`

	// Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
	// +kubebuilder:validation:Optional
	AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"`

	// Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
	// +kubebuilder:validation:Optional
	AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"`

	// Allow usage from any mount point within the namespace if 'true'
	// +kubebuilder:validation:Optional
	AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"`

	// The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
	// +kubebuilder:validation:Optional
	Curve *string `json:"curve,omitempty" tf:"curve,omitempty"`

	// Used to specify a custom AWS endpoint
	// +kubebuilder:validation:Optional
	Endpoint *string `json:"endpoint,omitempty" tf:"endpoint,omitempty"`

	// An identifier for the key
	// +kubebuilder:validation:Required
	KMSKey *string `json:"kmsKey" tf:"kms_key,omitempty"`

	// The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
	// +kubebuilder:validation:Required
	KeyBits *string `json:"keyBits" tf:"key_bits,omitempty"`

	// The type of key to use
	// +kubebuilder:validation:Required
	KeyType *string `json:"keyType" tf:"key_type,omitempty"`

	// A unique lowercase name that serves as identifying the key
	// +kubebuilder:validation:Required
	Name *string `json:"name" tf:"name,omitempty"`

	// The AWS region where the keys are stored (or will be stored)
	// +kubebuilder:validation:Optional
	Region *string `json:"region,omitempty" tf:"region,omitempty"`

	// The AWS secret key to use
	// +kubebuilder:validation:Required
	SecretKey *string `json:"secretKey" tf:"secret_key,omitempty"`
}

func (*AwsParameters) DeepCopy 

func (in *AwsParameters) DeepCopy() *AwsParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsParameters.

func (*AwsParameters) DeepCopyInto 

func (in *AwsParameters) DeepCopyInto(out *AwsParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureObservation 

type AzureObservation struct {

	// If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
	AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"`

	// Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
	AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"`

	// Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
	AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"`

	// Allow usage from any mount point within the namespace if 'true'
	AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"`

	// The client id for credentials to query the Azure APIs
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The client secret for credentials to query the Azure APIs
	ClientSecret *string `json:"clientSecret,omitempty" tf:"client_secret,omitempty"`

	// The Azure Cloud environment API endpoints to use
	Environment *string `json:"environment,omitempty" tf:"environment,omitempty"`

	// The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
	KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"`

	// The Key Vault key to use for encryption and decryption
	KeyName *string `json:"keyName,omitempty" tf:"key_name,omitempty"`

	// The type of key to use
	KeyType *string `json:"keyType,omitempty" tf:"key_type,omitempty"`

	// A unique lowercase name that serves as identifying the key
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The Azure Key Vault resource's DNS Suffix to connect to
	Resource *string `json:"resource,omitempty" tf:"resource,omitempty"`

	// The tenant id for the Azure Active Directory organization
	TenantID *string `json:"tenantId,omitempty" tf:"tenant_id,omitempty"`

	// ID of the managed key read from Vault
	UUID *string `json:"uuid,omitempty" tf:"uuid,omitempty"`

	// The Key Vault vault to use the encryption keys for encryption and decryption
	VaultName *string `json:"vaultName,omitempty" tf:"vault_name,omitempty"`
}

func (*AzureObservation) DeepCopy 

func (in *AzureObservation) DeepCopy() *AzureObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureObservation.

func (*AzureObservation) DeepCopyInto 

func (in *AzureObservation) DeepCopyInto(out *AzureObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureParameters 

type AzureParameters struct {

	// If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
	// +kubebuilder:validation:Optional
	AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"`

	// Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
	// +kubebuilder:validation:Optional
	AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"`

	// Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
	// +kubebuilder:validation:Optional
	AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"`

	// Allow usage from any mount point within the namespace if 'true'
	// +kubebuilder:validation:Optional
	AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"`

	// The client id for credentials to query the Azure APIs
	// +kubebuilder:validation:Required
	ClientID *string `json:"clientId" tf:"client_id,omitempty"`

	// The client secret for credentials to query the Azure APIs
	// +kubebuilder:validation:Required
	ClientSecret *string `json:"clientSecret" tf:"client_secret,omitempty"`

	// The Azure Cloud environment API endpoints to use
	// +kubebuilder:validation:Optional
	Environment *string `json:"environment,omitempty" tf:"environment,omitempty"`

	// The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
	// +kubebuilder:validation:Optional
	KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"`

	// The Key Vault key to use for encryption and decryption
	// +kubebuilder:validation:Required
	KeyName *string `json:"keyName" tf:"key_name,omitempty"`

	// The type of key to use
	// +kubebuilder:validation:Required
	KeyType *string `json:"keyType" tf:"key_type,omitempty"`

	// A unique lowercase name that serves as identifying the key
	// +kubebuilder:validation:Required
	Name *string `json:"name" tf:"name,omitempty"`

	// The Azure Key Vault resource's DNS Suffix to connect to
	// +kubebuilder:validation:Optional
	Resource *string `json:"resource,omitempty" tf:"resource,omitempty"`

	// The tenant id for the Azure Active Directory organization
	// +kubebuilder:validation:Required
	TenantID *string `json:"tenantId" tf:"tenant_id,omitempty"`

	// The Key Vault vault to use the encryption keys for encryption and decryption
	// +kubebuilder:validation:Required
	VaultName *string `json:"vaultName" tf:"vault_name,omitempty"`
}

func (*AzureParameters) DeepCopy 

func (in *AzureParameters) DeepCopy() *AzureParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureParameters.

func (*AzureParameters) DeepCopyInto 

func (in *AzureParameters) DeepCopyInto(out *AzureParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Keys 

type Keys struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              KeysSpec   `json:"spec"`
	Status            KeysStatus `json:"status,omitempty"`
}

Keys is the Schema for the Keyss API. <no value> +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,vault}

func (*Keys) DeepCopy 

func (in *Keys) DeepCopy() *Keys

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Keys.

func (*Keys) DeepCopyInto 

func (in *Keys) DeepCopyInto(out *Keys)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Keys) DeepCopyObject 

func (in *Keys) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Keys) GetCondition 

func (mg *Keys) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this Keys.

func (*Keys) GetConnectionDetailsMapping 

func (tr *Keys) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this Keys

func (*Keys) GetDeletionPolicy 

func (mg *Keys) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this Keys.

func (*Keys) GetID 

func (tr *Keys) GetID() string

GetID returns ID of underlying Terraform resource of this Keys

func (*Keys) GetManagementPolicy 

func (mg *Keys) GetManagementPolicy() xpv1.ManagementPolicy

GetManagementPolicy of this Keys.

func (*Keys) GetObservation 

func (tr *Keys) GetObservation() (map[string]any, error)

GetObservation of this Keys

func (*Keys) GetParameters 

func (tr *Keys) GetParameters() (map[string]any, error)

GetParameters of this Keys

func (*Keys) GetProviderConfigReference 

func (mg *Keys) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this Keys.

func (*Keys) GetProviderReference 

func (mg *Keys) GetProviderReference() *xpv1.Reference

GetProviderReference of this Keys. Deprecated: Use GetProviderConfigReference.

func (*Keys) GetPublishConnectionDetailsTo 

func (mg *Keys) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this Keys.

func (*Keys) GetTerraformResourceType 

func (mg *Keys) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this Keys

func (*Keys) GetTerraformSchemaVersion 

func (tr *Keys) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*Keys) GetWriteConnectionSecretToReference 

func (mg *Keys) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this Keys.

func (*Keys) LateInitialize 

func (tr *Keys) LateInitialize(attrs []byte) (bool, error)

LateInitialize this Keys using its observed tfState. returns True if there are any spec changes for the resource.

func (*Keys) SetConditions 

func (mg *Keys) SetConditions(c ...xpv1.Condition)

SetConditions of this Keys.

func (*Keys) SetDeletionPolicy 

func (mg *Keys) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this Keys.

func (*Keys) SetManagementPolicy 

func (mg *Keys) SetManagementPolicy(r xpv1.ManagementPolicy)

SetManagementPolicy of this Keys.

func (*Keys) SetObservation 

func (tr *Keys) SetObservation(obs map[string]any) error

SetObservation for this Keys

func (*Keys) SetParameters 

func (tr *Keys) SetParameters(params map[string]any) error

SetParameters for this Keys

func (*Keys) SetProviderConfigReference 

func (mg *Keys) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this Keys.

func (*Keys) SetProviderReference 

func (mg *Keys) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this Keys. Deprecated: Use SetProviderConfigReference.

func (*Keys) SetPublishConnectionDetailsTo 

func (mg *Keys) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this Keys.

func (*Keys) SetWriteConnectionSecretToReference 

func (mg *Keys) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this Keys.

type KeysList 

type KeysList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Keys `json:"items"`
}

KeysList contains a list of Keyss

func (*KeysList) DeepCopy 

func (in *KeysList) DeepCopy() *KeysList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysList.

func (*KeysList) DeepCopyInto 

func (in *KeysList) DeepCopyInto(out *KeysList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KeysList) DeepCopyObject 

func (in *KeysList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*KeysList) GetItems 

func (l *KeysList) GetItems() []resource.Managed

GetItems of this KeysList.

type KeysObservation 

type KeysObservation struct {

	// Configuration block for AWS Managed Keys
	Aws []AwsObservation `json:"aws,omitempty" tf:"aws,omitempty"`

	// Configuration block for Azure Managed Keys
	Azure []AzureObservation `json:"azure,omitempty" tf:"azure,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// Configuration block for PKCS Managed Keys
	Pkcs []PkcsObservation `json:"pkcs,omitempty" tf:"pkcs,omitempty"`
}

func (*KeysObservation) DeepCopy 

func (in *KeysObservation) DeepCopy() *KeysObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysObservation.

func (*KeysObservation) DeepCopyInto 

func (in *KeysObservation) DeepCopyInto(out *KeysObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeysParameters 

type KeysParameters struct {

	// Configuration block for AWS Managed Keys
	// +kubebuilder:validation:Optional
	Aws []AwsParameters `json:"aws,omitempty" tf:"aws,omitempty"`

	// Configuration block for Azure Managed Keys
	// +kubebuilder:validation:Optional
	Azure []AzureParameters `json:"azure,omitempty" tf:"azure,omitempty"`

	// Target namespace. (requires Enterprise)
	// +kubebuilder:validation:Optional
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// Configuration block for PKCS Managed Keys
	// +kubebuilder:validation:Optional
	Pkcs []PkcsParameters `json:"pkcs,omitempty" tf:"pkcs,omitempty"`
}

func (*KeysParameters) DeepCopy 

func (in *KeysParameters) DeepCopy() *KeysParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysParameters.

func (*KeysParameters) DeepCopyInto 

func (in *KeysParameters) DeepCopyInto(out *KeysParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeysSpec 

type KeysSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     KeysParameters `json:"forProvider"`
}

KeysSpec defines the desired state of Keys

func (*KeysSpec) DeepCopy 

func (in *KeysSpec) DeepCopy() *KeysSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysSpec.

func (*KeysSpec) DeepCopyInto 

func (in *KeysSpec) DeepCopyInto(out *KeysSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeysStatus 

type KeysStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        KeysObservation `json:"atProvider,omitempty"`
}

KeysStatus defines the observed state of Keys.

func (*KeysStatus) DeepCopy 

func (in *KeysStatus) DeepCopy() *KeysStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysStatus.

func (*KeysStatus) DeepCopyInto 

func (in *KeysStatus) DeepCopyInto(out *KeysStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PkcsObservation 

type PkcsObservation struct {

	// If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
	AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"`

	// Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
	AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"`

	// Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
	AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"`

	// Allow usage from any mount point within the namespace if 'true'
	AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"`

	// Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
	Curve *string `json:"curve,omitempty" tf:"curve,omitempty"`

	// Force all operations to open up a read-write session to the HSM
	ForceRwSession *string `json:"forceRwSession,omitempty" tf:"force_rw_session,omitempty"`

	// Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
	KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"`

	// The id of a PKCS#11 key to use
	KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"`

	// The label of the key to use
	KeyLabel *string `json:"keyLabel,omitempty" tf:"key_label,omitempty"`

	// The name of the kms_library stanza to use from Vault's config to lookup the local library path
	Library *string `json:"library,omitempty" tf:"library,omitempty"`

	// The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
	Mechanism *string `json:"mechanism,omitempty" tf:"mechanism,omitempty"`

	// A unique lowercase name that serves as identifying the key
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The PIN for login
	Pin *string `json:"pin,omitempty" tf:"pin,omitempty"`

	// The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
	Slot *string `json:"slot,omitempty" tf:"slot,omitempty"`

	// The slot token label to use
	TokenLabel *string `json:"tokenLabel,omitempty" tf:"token_label,omitempty"`

	// ID of the managed key read from Vault
	UUID *string `json:"uuid,omitempty" tf:"uuid,omitempty"`
}

func (*PkcsObservation) DeepCopy 

func (in *PkcsObservation) DeepCopy() *PkcsObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PkcsObservation.

func (*PkcsObservation) DeepCopyInto 

func (in *PkcsObservation) DeepCopyInto(out *PkcsObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PkcsParameters 

type PkcsParameters struct {

	// If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
	// +kubebuilder:validation:Optional
	AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"`

	// Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
	// +kubebuilder:validation:Optional
	AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"`

	// Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
	// +kubebuilder:validation:Optional
	AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"`

	// Allow usage from any mount point within the namespace if 'true'
	// +kubebuilder:validation:Optional
	AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"`

	// Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
	// +kubebuilder:validation:Optional
	Curve *string `json:"curve,omitempty" tf:"curve,omitempty"`

	// Force all operations to open up a read-write session to the HSM
	// +kubebuilder:validation:Optional
	ForceRwSession *string `json:"forceRwSession,omitempty" tf:"force_rw_session,omitempty"`

	// Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
	// +kubebuilder:validation:Optional
	KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"`

	// The id of a PKCS#11 key to use
	// +kubebuilder:validation:Required
	KeyID *string `json:"keyId" tf:"key_id,omitempty"`

	// The label of the key to use
	// +kubebuilder:validation:Required
	KeyLabel *string `json:"keyLabel" tf:"key_label,omitempty"`

	// The name of the kms_library stanza to use from Vault's config to lookup the local library path
	// +kubebuilder:validation:Required
	Library *string `json:"library" tf:"library,omitempty"`

	// The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
	// +kubebuilder:validation:Required
	Mechanism *string `json:"mechanism" tf:"mechanism,omitempty"`

	// A unique lowercase name that serves as identifying the key
	// +kubebuilder:validation:Required
	Name *string `json:"name" tf:"name,omitempty"`

	// The PIN for login
	// +kubebuilder:validation:Required
	Pin *string `json:"pin" tf:"pin,omitempty"`

	// The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
	// +kubebuilder:validation:Optional
	Slot *string `json:"slot,omitempty" tf:"slot,omitempty"`

	// The slot token label to use
	// +kubebuilder:validation:Optional
	TokenLabel *string `json:"tokenLabel,omitempty" tf:"token_label,omitempty"`
}

func (*PkcsParameters) DeepCopy 

func (in *PkcsParameters) DeepCopy() *PkcsParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PkcsParameters.

func (*PkcsParameters) DeepCopyInto 

func (in *PkcsParameters) DeepCopyInto(out *PkcsParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.