v1alpha1

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Sep 16, 2023 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Overview

+kubebuilder:object:generate=true +groupName=managed.vault.upbound.io +versionName=v1alpha1

Index

Constants

View Source
const (
	CRDGroup   = "managed.vault.upbound.io"
	CRDVersion = "v1alpha1"
)

Package type metadata.

Variables

View Source
var (
	// CRDGroupVersion is the API Group Version used to register the objects
	CRDGroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: CRDGroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source
var (
	Keys_Kind             = "Keys"
	Keys_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: Keys_Kind}.String()
	Keys_KindAPIVersion   = Keys_Kind + "." + CRDGroupVersion.String()
	Keys_GroupVersionKind = CRDGroupVersion.WithKind(Keys_Kind)
)

Repository type metadata.

Functions

This section is empty.

Types

type AwsInitParameters added in v0.2.0

type AwsInitParameters struct {

	// The AWS access key to use.
	// The AWS access key to use
	AccessKey *string `json:"accessKey,omitempty" tf:"access_key,omitempty"`

	// If no existing key can be found in
	// the referenced backend, instructs Vault to generate a key within the backend.
	// If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
	AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"`

	// Controls the ability for Vault to replace through
	// generation or importing a key into the configured backend even
	// if a key is present, if set to false those operations are forbidden
	// if a key exists.
	// Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
	AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"`

	// Controls the ability for Vault to import a key to the
	// configured backend, if false, those operations will be forbidden.
	// Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
	AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"`

	// If true, allows usage from any mount point within the
	// namespace.
	// Allow usage from any mount point within the namespace if 'true'
	AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"`

	// The curve to use for an ECDSA key. Used when key_type
	// is ECDSA. Required if allow_generate_key is true.
	// The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
	Curve *string `json:"curve,omitempty" tf:"curve,omitempty"`

	// Used to specify a custom AWS endpoint.
	// Used to specify a custom AWS endpoint
	Endpoint *string `json:"endpoint,omitempty" tf:"endpoint,omitempty"`

	// An identifier for the key.
	// An identifier for the key
	KMSKey *string `json:"kmsKey,omitempty" tf:"kms_key,omitempty"`

	// The size in bits for an RSA key.
	// The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
	KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"`

	// The type of key to use.
	// The type of key to use
	KeyType *string `json:"keyType,omitempty" tf:"key_type,omitempty"`

	// A unique lowercase name that serves as identifying the key.
	// A unique lowercase name that serves as identifying the key
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The AWS region where the keys are stored (or will be stored).
	// The AWS region where the keys are stored (or will be stored)
	Region *string `json:"region,omitempty" tf:"region,omitempty"`

	// The AWS access key to use.
	// The AWS secret key to use
	SecretKey *string `json:"secretKey,omitempty" tf:"secret_key,omitempty"`
}

func (*AwsInitParameters) DeepCopy added in v0.2.0

func (in *AwsInitParameters) DeepCopy() *AwsInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsInitParameters.

func (*AwsInitParameters) DeepCopyInto added in v0.2.0

func (in *AwsInitParameters) DeepCopyInto(out *AwsInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AwsObservation

type AwsObservation struct {

	// The AWS access key to use.
	// The AWS access key to use
	AccessKey *string `json:"accessKey,omitempty" tf:"access_key,omitempty"`

	// If no existing key can be found in
	// the referenced backend, instructs Vault to generate a key within the backend.
	// If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
	AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"`

	// Controls the ability for Vault to replace through
	// generation or importing a key into the configured backend even
	// if a key is present, if set to false those operations are forbidden
	// if a key exists.
	// Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
	AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"`

	// Controls the ability for Vault to import a key to the
	// configured backend, if false, those operations will be forbidden.
	// Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
	AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"`

	// If true, allows usage from any mount point within the
	// namespace.
	// Allow usage from any mount point within the namespace if 'true'
	AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"`

	// The curve to use for an ECDSA key. Used when key_type
	// is ECDSA. Required if allow_generate_key is true.
	// The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
	Curve *string `json:"curve,omitempty" tf:"curve,omitempty"`

	// Used to specify a custom AWS endpoint.
	// Used to specify a custom AWS endpoint
	Endpoint *string `json:"endpoint,omitempty" tf:"endpoint,omitempty"`

	// An identifier for the key.
	// An identifier for the key
	KMSKey *string `json:"kmsKey,omitempty" tf:"kms_key,omitempty"`

	// The size in bits for an RSA key.
	// The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
	KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"`

	// The type of key to use.
	// The type of key to use
	KeyType *string `json:"keyType,omitempty" tf:"key_type,omitempty"`

	// A unique lowercase name that serves as identifying the key.
	// A unique lowercase name that serves as identifying the key
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The AWS region where the keys are stored (or will be stored).
	// The AWS region where the keys are stored (or will be stored)
	Region *string `json:"region,omitempty" tf:"region,omitempty"`

	// The AWS access key to use.
	// The AWS secret key to use
	SecretKey *string `json:"secretKey,omitempty" tf:"secret_key,omitempty"`

	// ID of the managed key read from Vault
	UUID *string `json:"uuid,omitempty" tf:"uuid,omitempty"`
}

func (*AwsObservation) DeepCopy

func (in *AwsObservation) DeepCopy() *AwsObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsObservation.

func (*AwsObservation) DeepCopyInto

func (in *AwsObservation) DeepCopyInto(out *AwsObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AwsParameters

type AwsParameters struct {

	// The AWS access key to use.
	// The AWS access key to use
	// +kubebuilder:validation:Optional
	AccessKey *string `json:"accessKey,omitempty" tf:"access_key,omitempty"`

	// If no existing key can be found in
	// the referenced backend, instructs Vault to generate a key within the backend.
	// If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
	// +kubebuilder:validation:Optional
	AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"`

	// Controls the ability for Vault to replace through
	// generation or importing a key into the configured backend even
	// if a key is present, if set to false those operations are forbidden
	// if a key exists.
	// Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
	// +kubebuilder:validation:Optional
	AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"`

	// Controls the ability for Vault to import a key to the
	// configured backend, if false, those operations will be forbidden.
	// Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
	// +kubebuilder:validation:Optional
	AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"`

	// If true, allows usage from any mount point within the
	// namespace.
	// Allow usage from any mount point within the namespace if 'true'
	// +kubebuilder:validation:Optional
	AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"`

	// The curve to use for an ECDSA key. Used when key_type
	// is ECDSA. Required if allow_generate_key is true.
	// The curve to use for an ECDSA key. Used when key_type is 'ECDSA'. Required if 'allow_generate_key' is true
	// +kubebuilder:validation:Optional
	Curve *string `json:"curve,omitempty" tf:"curve,omitempty"`

	// Used to specify a custom AWS endpoint.
	// Used to specify a custom AWS endpoint
	// +kubebuilder:validation:Optional
	Endpoint *string `json:"endpoint,omitempty" tf:"endpoint,omitempty"`

	// An identifier for the key.
	// An identifier for the key
	// +kubebuilder:validation:Optional
	KMSKey *string `json:"kmsKey,omitempty" tf:"kms_key,omitempty"`

	// The size in bits for an RSA key.
	// The size in bits for an RSA key. This field is required when 'key_type' is 'RSA'
	// +kubebuilder:validation:Optional
	KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"`

	// The type of key to use.
	// The type of key to use
	// +kubebuilder:validation:Optional
	KeyType *string `json:"keyType,omitempty" tf:"key_type,omitempty"`

	// A unique lowercase name that serves as identifying the key.
	// A unique lowercase name that serves as identifying the key
	// +kubebuilder:validation:Optional
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The AWS region where the keys are stored (or will be stored).
	// The AWS region where the keys are stored (or will be stored)
	// +kubebuilder:validation:Optional
	Region *string `json:"region,omitempty" tf:"region,omitempty"`

	// The AWS access key to use.
	// The AWS secret key to use
	// +kubebuilder:validation:Optional
	SecretKey *string `json:"secretKey,omitempty" tf:"secret_key,omitempty"`
}

func (*AwsParameters) DeepCopy

func (in *AwsParameters) DeepCopy() *AwsParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsParameters.

func (*AwsParameters) DeepCopyInto

func (in *AwsParameters) DeepCopyInto(out *AwsParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureInitParameters added in v0.2.0

type AzureInitParameters struct {

	// If no existing key can be found in
	// the referenced backend, instructs Vault to generate a key within the backend.
	// If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
	AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"`

	// Controls the ability for Vault to replace through
	// generation or importing a key into the configured backend even
	// if a key is present, if set to false those operations are forbidden
	// if a key exists.
	// Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
	AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"`

	// Controls the ability for Vault to import a key to the
	// configured backend, if false, those operations will be forbidden.
	// Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
	AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"`

	// If true, allows usage from any mount point within the
	// namespace.
	// Allow usage from any mount point within the namespace if 'true'
	AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"`

	// The client id for credentials to query the Azure APIs.
	// The client id for credentials to query the Azure APIs
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The client secret for credentials to query the Azure APIs.
	// The client secret for credentials to query the Azure APIs
	ClientSecret *string `json:"clientSecret,omitempty" tf:"client_secret,omitempty"`

	// The Azure Cloud environment API endpoints to use.
	// The Azure Cloud environment API endpoints to use
	Environment *string `json:"environment,omitempty" tf:"environment,omitempty"`

	// The size in bits for an RSA key.
	// The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
	KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"`

	// The Key Vault key to use for encryption and decryption.
	// The Key Vault key to use for encryption and decryption
	KeyName *string `json:"keyName,omitempty" tf:"key_name,omitempty"`

	// The type of key to use.
	// The type of key to use
	KeyType *string `json:"keyType,omitempty" tf:"key_type,omitempty"`

	// A unique lowercase name that serves as identifying the key.
	// A unique lowercase name that serves as identifying the key
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The Azure Key Vault resource's DNS Suffix to connect to.
	// The Azure Key Vault resource's DNS Suffix to connect to
	Resource *string `json:"resource,omitempty" tf:"resource,omitempty"`

	// The tenant id for the Azure Active Directory organization.
	// The tenant id for the Azure Active Directory organization
	TenantID *string `json:"tenantId,omitempty" tf:"tenant_id,omitempty"`

	// The Key Vault vault to use for encryption and decryption.
	// The Key Vault vault to use the encryption keys for encryption and decryption
	VaultName *string `json:"vaultName,omitempty" tf:"vault_name,omitempty"`
}

func (*AzureInitParameters) DeepCopy added in v0.2.0

func (in *AzureInitParameters) DeepCopy() *AzureInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureInitParameters.

func (*AzureInitParameters) DeepCopyInto added in v0.2.0

func (in *AzureInitParameters) DeepCopyInto(out *AzureInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureObservation

type AzureObservation struct {

	// If no existing key can be found in
	// the referenced backend, instructs Vault to generate a key within the backend.
	// If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
	AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"`

	// Controls the ability for Vault to replace through
	// generation or importing a key into the configured backend even
	// if a key is present, if set to false those operations are forbidden
	// if a key exists.
	// Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
	AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"`

	// Controls the ability for Vault to import a key to the
	// configured backend, if false, those operations will be forbidden.
	// Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
	AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"`

	// If true, allows usage from any mount point within the
	// namespace.
	// Allow usage from any mount point within the namespace if 'true'
	AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"`

	// The client id for credentials to query the Azure APIs.
	// The client id for credentials to query the Azure APIs
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The client secret for credentials to query the Azure APIs.
	// The client secret for credentials to query the Azure APIs
	ClientSecret *string `json:"clientSecret,omitempty" tf:"client_secret,omitempty"`

	// The Azure Cloud environment API endpoints to use.
	// The Azure Cloud environment API endpoints to use
	Environment *string `json:"environment,omitempty" tf:"environment,omitempty"`

	// The size in bits for an RSA key.
	// The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
	KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"`

	// The Key Vault key to use for encryption and decryption.
	// The Key Vault key to use for encryption and decryption
	KeyName *string `json:"keyName,omitempty" tf:"key_name,omitempty"`

	// The type of key to use.
	// The type of key to use
	KeyType *string `json:"keyType,omitempty" tf:"key_type,omitempty"`

	// A unique lowercase name that serves as identifying the key.
	// A unique lowercase name that serves as identifying the key
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The Azure Key Vault resource's DNS Suffix to connect to.
	// The Azure Key Vault resource's DNS Suffix to connect to
	Resource *string `json:"resource,omitempty" tf:"resource,omitempty"`

	// The tenant id for the Azure Active Directory organization.
	// The tenant id for the Azure Active Directory organization
	TenantID *string `json:"tenantId,omitempty" tf:"tenant_id,omitempty"`

	// ID of the managed key read from Vault
	UUID *string `json:"uuid,omitempty" tf:"uuid,omitempty"`

	// The Key Vault vault to use for encryption and decryption.
	// The Key Vault vault to use the encryption keys for encryption and decryption
	VaultName *string `json:"vaultName,omitempty" tf:"vault_name,omitempty"`
}

func (*AzureObservation) DeepCopy

func (in *AzureObservation) DeepCopy() *AzureObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureObservation.

func (*AzureObservation) DeepCopyInto

func (in *AzureObservation) DeepCopyInto(out *AzureObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AzureParameters

type AzureParameters struct {

	// If no existing key can be found in
	// the referenced backend, instructs Vault to generate a key within the backend.
	// If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
	// +kubebuilder:validation:Optional
	AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"`

	// Controls the ability for Vault to replace through
	// generation or importing a key into the configured backend even
	// if a key is present, if set to false those operations are forbidden
	// if a key exists.
	// Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
	// +kubebuilder:validation:Optional
	AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"`

	// Controls the ability for Vault to import a key to the
	// configured backend, if false, those operations will be forbidden.
	// Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
	// +kubebuilder:validation:Optional
	AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"`

	// If true, allows usage from any mount point within the
	// namespace.
	// Allow usage from any mount point within the namespace if 'true'
	// +kubebuilder:validation:Optional
	AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"`

	// The client id for credentials to query the Azure APIs.
	// The client id for credentials to query the Azure APIs
	// +kubebuilder:validation:Optional
	ClientID *string `json:"clientId,omitempty" tf:"client_id,omitempty"`

	// The client secret for credentials to query the Azure APIs.
	// The client secret for credentials to query the Azure APIs
	// +kubebuilder:validation:Optional
	ClientSecret *string `json:"clientSecret,omitempty" tf:"client_secret,omitempty"`

	// The Azure Cloud environment API endpoints to use.
	// The Azure Cloud environment API endpoints to use
	// +kubebuilder:validation:Optional
	Environment *string `json:"environment,omitempty" tf:"environment,omitempty"`

	// The size in bits for an RSA key.
	// The size in bits for an RSA key. This field is required when 'key_type' is 'RSA' or when 'allow_generate_key' is true
	// +kubebuilder:validation:Optional
	KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"`

	// The Key Vault key to use for encryption and decryption.
	// The Key Vault key to use for encryption and decryption
	// +kubebuilder:validation:Optional
	KeyName *string `json:"keyName,omitempty" tf:"key_name,omitempty"`

	// The type of key to use.
	// The type of key to use
	// +kubebuilder:validation:Optional
	KeyType *string `json:"keyType,omitempty" tf:"key_type,omitempty"`

	// A unique lowercase name that serves as identifying the key.
	// A unique lowercase name that serves as identifying the key
	// +kubebuilder:validation:Optional
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The Azure Key Vault resource's DNS Suffix to connect to.
	// The Azure Key Vault resource's DNS Suffix to connect to
	// +kubebuilder:validation:Optional
	Resource *string `json:"resource,omitempty" tf:"resource,omitempty"`

	// The tenant id for the Azure Active Directory organization.
	// The tenant id for the Azure Active Directory organization
	// +kubebuilder:validation:Optional
	TenantID *string `json:"tenantId,omitempty" tf:"tenant_id,omitempty"`

	// The Key Vault vault to use for encryption and decryption.
	// The Key Vault vault to use the encryption keys for encryption and decryption
	// +kubebuilder:validation:Optional
	VaultName *string `json:"vaultName,omitempty" tf:"vault_name,omitempty"`
}

func (*AzureParameters) DeepCopy

func (in *AzureParameters) DeepCopy() *AzureParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AzureParameters.

func (*AzureParameters) DeepCopyInto

func (in *AzureParameters) DeepCopyInto(out *AzureParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Keys

type Keys struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              KeysSpec   `json:"spec"`
	Status            KeysStatus `json:"status,omitempty"`
}

Keys is the Schema for the Keyss API. Configures Managed Keys in Vault +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,vault}

func (*Keys) DeepCopy

func (in *Keys) DeepCopy() *Keys

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Keys.

func (*Keys) DeepCopyInto

func (in *Keys) DeepCopyInto(out *Keys)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Keys) DeepCopyObject

func (in *Keys) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Keys) GetCondition

func (mg *Keys) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this Keys.

func (*Keys) GetConnectionDetailsMapping

func (tr *Keys) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this Keys

func (*Keys) GetDeletionPolicy

func (mg *Keys) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this Keys.

func (*Keys) GetID

func (tr *Keys) GetID() string

GetID returns ID of underlying Terraform resource of this Keys

func (*Keys) GetInitParameters added in v0.2.0

func (tr *Keys) GetInitParameters() (map[string]any, error)

GetInitParameters of this Keys

func (*Keys) GetManagementPolicies added in v0.2.0

func (mg *Keys) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this Keys.

func (*Keys) GetObservation

func (tr *Keys) GetObservation() (map[string]any, error)

GetObservation of this Keys

func (*Keys) GetParameters

func (tr *Keys) GetParameters() (map[string]any, error)

GetParameters of this Keys

func (*Keys) GetProviderConfigReference

func (mg *Keys) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this Keys.

func (*Keys) GetProviderReference

func (mg *Keys) GetProviderReference() *xpv1.Reference

GetProviderReference of this Keys. Deprecated: Use GetProviderConfigReference.

func (*Keys) GetPublishConnectionDetailsTo

func (mg *Keys) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this Keys.

func (*Keys) GetTerraformResourceType

func (mg *Keys) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this Keys

func (*Keys) GetTerraformSchemaVersion

func (tr *Keys) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*Keys) GetWriteConnectionSecretToReference

func (mg *Keys) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this Keys.

func (*Keys) LateInitialize

func (tr *Keys) LateInitialize(attrs []byte) (bool, error)

LateInitialize this Keys using its observed tfState. returns True if there are any spec changes for the resource.

func (*Keys) SetConditions

func (mg *Keys) SetConditions(c ...xpv1.Condition)

SetConditions of this Keys.

func (*Keys) SetDeletionPolicy

func (mg *Keys) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this Keys.

func (*Keys) SetManagementPolicies added in v0.2.0

func (mg *Keys) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this Keys.

func (*Keys) SetObservation

func (tr *Keys) SetObservation(obs map[string]any) error

SetObservation for this Keys

func (*Keys) SetParameters

func (tr *Keys) SetParameters(params map[string]any) error

SetParameters for this Keys

func (*Keys) SetProviderConfigReference

func (mg *Keys) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this Keys.

func (*Keys) SetProviderReference

func (mg *Keys) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this Keys. Deprecated: Use SetProviderConfigReference.

func (*Keys) SetPublishConnectionDetailsTo

func (mg *Keys) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this Keys.

func (*Keys) SetWriteConnectionSecretToReference

func (mg *Keys) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this Keys.

type KeysInitParameters added in v0.2.0

type KeysInitParameters struct {

	// Configuration block for AWS Managed Keys
	Aws []AwsInitParameters `json:"aws,omitempty" tf:"aws,omitempty"`

	// Configuration block for Azure Managed Keys
	Azure []AzureInitParameters `json:"azure,omitempty" tf:"azure,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// Configuration block for PKCS Managed Keys
	Pkcs []PkcsInitParameters `json:"pkcs,omitempty" tf:"pkcs,omitempty"`
}

func (*KeysInitParameters) DeepCopy added in v0.2.0

func (in *KeysInitParameters) DeepCopy() *KeysInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysInitParameters.

func (*KeysInitParameters) DeepCopyInto added in v0.2.0

func (in *KeysInitParameters) DeepCopyInto(out *KeysInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeysList

type KeysList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Keys `json:"items"`
}

KeysList contains a list of Keyss

func (*KeysList) DeepCopy

func (in *KeysList) DeepCopy() *KeysList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysList.

func (*KeysList) DeepCopyInto

func (in *KeysList) DeepCopyInto(out *KeysList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*KeysList) DeepCopyObject

func (in *KeysList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*KeysList) GetItems

func (l *KeysList) GetItems() []resource.Managed

GetItems of this KeysList.

type KeysObservation

type KeysObservation struct {

	// Configuration block for AWS Managed Keys
	Aws []AwsObservation `json:"aws,omitempty" tf:"aws,omitempty"`

	// Configuration block for Azure Managed Keys
	Azure []AzureObservation `json:"azure,omitempty" tf:"azure,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// Configuration block for PKCS Managed Keys
	Pkcs []PkcsObservation `json:"pkcs,omitempty" tf:"pkcs,omitempty"`
}

func (*KeysObservation) DeepCopy

func (in *KeysObservation) DeepCopy() *KeysObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysObservation.

func (*KeysObservation) DeepCopyInto

func (in *KeysObservation) DeepCopyInto(out *KeysObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeysParameters

type KeysParameters struct {

	// Configuration block for AWS Managed Keys
	// +kubebuilder:validation:Optional
	Aws []AwsParameters `json:"aws,omitempty" tf:"aws,omitempty"`

	// Configuration block for Azure Managed Keys
	// +kubebuilder:validation:Optional
	Azure []AzureParameters `json:"azure,omitempty" tf:"azure,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	// +kubebuilder:validation:Optional
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// Configuration block for PKCS Managed Keys
	// +kubebuilder:validation:Optional
	Pkcs []PkcsParameters `json:"pkcs,omitempty" tf:"pkcs,omitempty"`
}

func (*KeysParameters) DeepCopy

func (in *KeysParameters) DeepCopy() *KeysParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysParameters.

func (*KeysParameters) DeepCopyInto

func (in *KeysParameters) DeepCopyInto(out *KeysParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeysSpec

type KeysSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     KeysParameters `json:"forProvider"`
	// THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored
	// unless the relevant Crossplane feature flag is enabled, and may be
	// changed or removed without notice.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider KeysInitParameters `json:"initProvider,omitempty"`
}

KeysSpec defines the desired state of Keys

func (*KeysSpec) DeepCopy

func (in *KeysSpec) DeepCopy() *KeysSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysSpec.

func (*KeysSpec) DeepCopyInto

func (in *KeysSpec) DeepCopyInto(out *KeysSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KeysStatus

type KeysStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        KeysObservation `json:"atProvider,omitempty"`
}

KeysStatus defines the observed state of Keys.

func (*KeysStatus) DeepCopy

func (in *KeysStatus) DeepCopy() *KeysStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KeysStatus.

func (*KeysStatus) DeepCopyInto

func (in *KeysStatus) DeepCopyInto(out *KeysStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PkcsInitParameters added in v0.2.0

type PkcsInitParameters struct {

	// If no existing key can be found in
	// the referenced backend, instructs Vault to generate a key within the backend.
	// If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
	AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"`

	// Controls the ability for Vault to replace through
	// generation or importing a key into the configured backend even
	// if a key is present, if set to false those operations are forbidden
	// if a key exists.
	// Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
	AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"`

	// Controls the ability for Vault to import a key to the
	// configured backend, if false, those operations will be forbidden.
	// Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
	AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"`

	// If true, allows usage from any mount point within the
	// namespace.
	// Allow usage from any mount point within the namespace if 'true'
	AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"`

	// The curve to use for an ECDSA key. Used when key_type
	// is ECDSA. Required if allow_generate_key is true.
	// Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
	Curve *string `json:"curve,omitempty" tf:"curve,omitempty"`

	// Force all operations to open up a read-write session to
	// the HSM.
	// Force all operations to open up a read-write session to the HSM
	ForceRwSession *string `json:"forceRwSession,omitempty" tf:"force_rw_session,omitempty"`

	// The size in bits for an RSA key.
	// Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
	KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"`

	// The id of a PKCS#11 key to use.
	// The id of a PKCS#11 key to use
	KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"`

	// The label of the key to use.
	// The label of the key to use
	KeyLabel *string `json:"keyLabel,omitempty" tf:"key_label,omitempty"`

	// The name of the kms_library stanza to use from Vault's config
	// to lookup the local library path.
	// The name of the kms_library stanza to use from Vault's config to lookup the local library path
	Library *string `json:"library,omitempty" tf:"library,omitempty"`

	// The encryption/decryption mechanism to use, specified as a
	// hexadecimal (prefixed by 0x) string.
	// The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
	Mechanism *string `json:"mechanism,omitempty" tf:"mechanism,omitempty"`

	// A unique lowercase name that serves as identifying the key.
	// A unique lowercase name that serves as identifying the key
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The PIN for login.
	// The PIN for login
	Pin *string `json:"pin,omitempty" tf:"pin,omitempty"`

	// The slot number to use, specified as a string in a decimal format
	// (e.g. 2305843009213693953).
	// The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
	Slot *string `json:"slot,omitempty" tf:"slot,omitempty"`

	// The slot token label to use.
	// The slot token label to use
	TokenLabel *string `json:"tokenLabel,omitempty" tf:"token_label,omitempty"`
}

func (*PkcsInitParameters) DeepCopy added in v0.2.0

func (in *PkcsInitParameters) DeepCopy() *PkcsInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PkcsInitParameters.

func (*PkcsInitParameters) DeepCopyInto added in v0.2.0

func (in *PkcsInitParameters) DeepCopyInto(out *PkcsInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PkcsObservation

type PkcsObservation struct {

	// If no existing key can be found in
	// the referenced backend, instructs Vault to generate a key within the backend.
	// If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
	AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"`

	// Controls the ability for Vault to replace through
	// generation or importing a key into the configured backend even
	// if a key is present, if set to false those operations are forbidden
	// if a key exists.
	// Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
	AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"`

	// Controls the ability for Vault to import a key to the
	// configured backend, if false, those operations will be forbidden.
	// Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
	AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"`

	// If true, allows usage from any mount point within the
	// namespace.
	// Allow usage from any mount point within the namespace if 'true'
	AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"`

	// The curve to use for an ECDSA key. Used when key_type
	// is ECDSA. Required if allow_generate_key is true.
	// Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
	Curve *string `json:"curve,omitempty" tf:"curve,omitempty"`

	// Force all operations to open up a read-write session to
	// the HSM.
	// Force all operations to open up a read-write session to the HSM
	ForceRwSession *string `json:"forceRwSession,omitempty" tf:"force_rw_session,omitempty"`

	// The size in bits for an RSA key.
	// Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
	KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"`

	// The id of a PKCS#11 key to use.
	// The id of a PKCS#11 key to use
	KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"`

	// The label of the key to use.
	// The label of the key to use
	KeyLabel *string `json:"keyLabel,omitempty" tf:"key_label,omitempty"`

	// The name of the kms_library stanza to use from Vault's config
	// to lookup the local library path.
	// The name of the kms_library stanza to use from Vault's config to lookup the local library path
	Library *string `json:"library,omitempty" tf:"library,omitempty"`

	// The encryption/decryption mechanism to use, specified as a
	// hexadecimal (prefixed by 0x) string.
	// The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
	Mechanism *string `json:"mechanism,omitempty" tf:"mechanism,omitempty"`

	// A unique lowercase name that serves as identifying the key.
	// A unique lowercase name that serves as identifying the key
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The PIN for login.
	// The PIN for login
	Pin *string `json:"pin,omitempty" tf:"pin,omitempty"`

	// The slot number to use, specified as a string in a decimal format
	// (e.g. 2305843009213693953).
	// The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
	Slot *string `json:"slot,omitempty" tf:"slot,omitempty"`

	// The slot token label to use.
	// The slot token label to use
	TokenLabel *string `json:"tokenLabel,omitempty" tf:"token_label,omitempty"`

	// ID of the managed key read from Vault
	UUID *string `json:"uuid,omitempty" tf:"uuid,omitempty"`
}

func (*PkcsObservation) DeepCopy

func (in *PkcsObservation) DeepCopy() *PkcsObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PkcsObservation.

func (*PkcsObservation) DeepCopyInto

func (in *PkcsObservation) DeepCopyInto(out *PkcsObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PkcsParameters

type PkcsParameters struct {

	// If no existing key can be found in
	// the referenced backend, instructs Vault to generate a key within the backend.
	// If no existing key can be found in the referenced backend, instructs Vault to generate a key within the backend
	// +kubebuilder:validation:Optional
	AllowGenerateKey *bool `json:"allowGenerateKey,omitempty" tf:"allow_generate_key,omitempty"`

	// Controls the ability for Vault to replace through
	// generation or importing a key into the configured backend even
	// if a key is present, if set to false those operations are forbidden
	// if a key exists.
	// Controls the ability for Vault to replace through generation or importing a key into the configured backend even if a key is present, if set to false those operations are forbidden if a key exists.
	// +kubebuilder:validation:Optional
	AllowReplaceKey *bool `json:"allowReplaceKey,omitempty" tf:"allow_replace_key,omitempty"`

	// Controls the ability for Vault to import a key to the
	// configured backend, if false, those operations will be forbidden.
	// Controls the ability for Vault to import a key to the configured backend, if 'false', those operations will be forbidden
	// +kubebuilder:validation:Optional
	AllowStoreKey *bool `json:"allowStoreKey,omitempty" tf:"allow_store_key,omitempty"`

	// If true, allows usage from any mount point within the
	// namespace.
	// Allow usage from any mount point within the namespace if 'true'
	// +kubebuilder:validation:Optional
	AnyMount *bool `json:"anyMount,omitempty" tf:"any_mount,omitempty"`

	// The curve to use for an ECDSA key. Used when key_type
	// is ECDSA. Required if allow_generate_key is true.
	// Supplies the curve value when using the 'CKM_ECDSA' mechanism. Required if 'allow_generate_key' is true
	// +kubebuilder:validation:Optional
	Curve *string `json:"curve,omitempty" tf:"curve,omitempty"`

	// Force all operations to open up a read-write session to
	// the HSM.
	// Force all operations to open up a read-write session to the HSM
	// +kubebuilder:validation:Optional
	ForceRwSession *string `json:"forceRwSession,omitempty" tf:"force_rw_session,omitempty"`

	// The size in bits for an RSA key.
	// Supplies the size in bits of the key when using 'CKM_RSA_PKCS_PSS', 'CKM_RSA_PKCS_OAEP' or 'CKM_RSA_PKCS' as a value for 'mechanism'. Required if 'allow_generate_key' is true
	// +kubebuilder:validation:Optional
	KeyBits *string `json:"keyBits,omitempty" tf:"key_bits,omitempty"`

	// The id of a PKCS#11 key to use.
	// The id of a PKCS#11 key to use
	// +kubebuilder:validation:Optional
	KeyID *string `json:"keyId,omitempty" tf:"key_id,omitempty"`

	// The label of the key to use.
	// The label of the key to use
	// +kubebuilder:validation:Optional
	KeyLabel *string `json:"keyLabel,omitempty" tf:"key_label,omitempty"`

	// The name of the kms_library stanza to use from Vault's config
	// to lookup the local library path.
	// The name of the kms_library stanza to use from Vault's config to lookup the local library path
	// +kubebuilder:validation:Optional
	Library *string `json:"library,omitempty" tf:"library,omitempty"`

	// The encryption/decryption mechanism to use, specified as a
	// hexadecimal (prefixed by 0x) string.
	// The encryption/decryption mechanism to use, specified as a hexadecimal (prefixed by 0x) string.
	// +kubebuilder:validation:Optional
	Mechanism *string `json:"mechanism,omitempty" tf:"mechanism,omitempty"`

	// A unique lowercase name that serves as identifying the key.
	// A unique lowercase name that serves as identifying the key
	// +kubebuilder:validation:Optional
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The PIN for login.
	// The PIN for login
	// +kubebuilder:validation:Optional
	Pin *string `json:"pin,omitempty" tf:"pin,omitempty"`

	// The slot number to use, specified as a string in a decimal format
	// (e.g. 2305843009213693953).
	// The slot number to use, specified as a string in a decimal format (e.g. '2305843009213693953')
	// +kubebuilder:validation:Optional
	Slot *string `json:"slot,omitempty" tf:"slot,omitempty"`

	// The slot token label to use.
	// The slot token label to use
	// +kubebuilder:validation:Optional
	TokenLabel *string `json:"tokenLabel,omitempty" tf:"token_label,omitempty"`
}

func (*PkcsParameters) DeepCopy

func (in *PkcsParameters) DeepCopy() *PkcsParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PkcsParameters.

func (*PkcsParameters) DeepCopyInto

func (in *PkcsParameters) DeepCopyInto(out *PkcsParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL