v1alpha1

package
v0.1.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Aug 22, 2024 License: Apache-2.0 Imports: 9 Imported by: 4

Documentation

Overview

Package v1alpha1 contains API Schema definitions for the validation v1alpha1 API group +kubebuilder:object:generate=true +groupName=validation.spectrocloud.labs

Index

Constants

This section is empty.

Variables

View Source 
var (
	// GroupVersion is group version used to register these objects
	GroupVersion = schema.GroupVersion{Group: "validation.spectrocloud.labs", Version: "v1alpha1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

This section is empty.

Types

type AmiRule added in v0.1.1 

type AmiRule struct {
	validationrule.ManuallyNamed `json:"-"`

	RuleName string   `json:"name" yaml:"name"`
	AmiIDs   []string `json:"amiIds,omitempty" yaml:"amiIds,omitempty"`
	Filters  []Filter `json:"filters,omitempty" yaml:"filters,omitempty"`
	Owners   []string `json:"owners,omitempty" yaml:"owners,omitempty"`
	Region   string   `json:"region" yaml:"region"`
}

AmiRule ensures that an EC2 AMI exists in a particular region. AMIs can be matched by any combination of ID, owner, and filter(s). Each AmiRule is intended to match a single AMI, as an AmiRule is considered successful if at least one AMI is found. Refer to https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImages.html for more information.

func (*AmiRule) DeepCopy added in v0.1.1 

func (in *AmiRule) DeepCopy() *AmiRule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AmiRule.

func (*AmiRule) DeepCopyInto added in v0.1.1 

func (in *AmiRule) DeepCopyInto(out *AmiRule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (AmiRule) Name added in v0.1.1 

func (r AmiRule) Name() string

Name returns the name of the AmiRule.

func (*AmiRule) SetName added in v0.1.5 

func (r *AmiRule) SetName(name string)

SetName sets the name of the AmiRule.

type AwsAuth 

type AwsAuth struct {
	// If true, the AwsValidator will use the AWS SDK's default credential chain to authenticate.
	// Set to true if using node instance IAM role or IAM roles for Service Accounts.
	Implicit bool `json:"implicit" yaml:"implicit"`
	// Name of a Secret in the same namespace as the AwsValidator that contains AWS credentials.
	// The secret data's keys and values are expected to align with valid AWS environment variable credentials,
	// per the options defined in https://aws.github.io/aws-sdk-go-v2/docs/configuring-sdk/#environment-variables.
	SecretName string `json:"secretName,omitempty" yaml:"secretName,omitempty"`
	// STS authentication properties (optional)
	StsAuth *AwsSTSAuth `json:"stsAuth,omitempty" yaml:"stsAuth,omitempty"`
}

AwsAuth defines authentication configuration for an AwsValidator.

func (*AwsAuth) DeepCopy 

func (in *AwsAuth) DeepCopy() *AwsAuth

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsAuth.

func (*AwsAuth) DeepCopyInto 

func (in *AwsAuth) DeepCopyInto(out *AwsAuth)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AwsSTSAuth 

type AwsSTSAuth struct {
	// The Amazon Resource Name (ARN) of the role to assume.
	RoleArn string `json:"roleArn" yaml:"roleArn"`
	// An identifier for the assumed role session.
	RoleSessionName string `json:"roleSessionName" yaml:"roleSessionName"`
	// The duration, in seconds, of the role session.
	// +kubebuilder:default=3600
	// +kubebuilder:validation:Minimum=900
	// +kubebuilder:validation:Maximum=43200
	DurationSeconds int `json:"durationSeconds" yaml:"durationSeconds"`
	// A unique identifier that might be required when you assume a role in another account.
	ExternalID string `json:"externalId,omitempty" yaml:"externalId,omitempty"`
}

AwsSTSAuth defines AWS STS authentication configuration for an AwsValidator.

func (*AwsSTSAuth) DeepCopy 

func (in *AwsSTSAuth) DeepCopy() *AwsSTSAuth

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsSTSAuth.

func (*AwsSTSAuth) DeepCopyInto 

func (in *AwsSTSAuth) DeepCopyInto(out *AwsSTSAuth)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AwsValidator 

type AwsValidator struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AwsValidatorSpec   `json:"spec,omitempty"`
	Status AwsValidatorStatus `json:"status,omitempty"`
}

AwsValidator is the Schema for the awsvalidators API

func (*AwsValidator) DeepCopy 

func (in *AwsValidator) DeepCopy() *AwsValidator

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsValidator.

func (*AwsValidator) DeepCopyInto 

func (in *AwsValidator) DeepCopyInto(out *AwsValidator)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AwsValidator) DeepCopyObject 

func (in *AwsValidator) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (AwsValidator) GetKind added in v0.1.4 

func (v AwsValidator) GetKind() string

GetKind returns the AWS validator's kind.

func (AwsValidator) PluginCode added in v0.1.3 

func (v AwsValidator) PluginCode() string

PluginCode returns the AWS validator's plugin code.

func (AwsValidator) ResultCount added in v0.1.3 

func (v AwsValidator) ResultCount() int

ResultCount returns the number of validation results expected for an AwsValidator.

type AwsValidatorList 

type AwsValidatorList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AwsValidator `json:"items"`
}

AwsValidatorList contains a list of AwsValidator

func (*AwsValidatorList) DeepCopy 

func (in *AwsValidatorList) DeepCopy() *AwsValidatorList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsValidatorList.

func (*AwsValidatorList) DeepCopyInto 

func (in *AwsValidatorList) DeepCopyInto(out *AwsValidatorList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AwsValidatorList) DeepCopyObject 

func (in *AwsValidatorList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AwsValidatorSpec 

type AwsValidatorSpec struct {
	Auth          AwsAuth `json:"auth,omitempty" yaml:"auth,omitempty"`
	DefaultRegion string  `json:"defaultRegion" yaml:"defaultRegion"`
	// +kubebuilder:validation:MaxItems=5
	// +kubebuilder:validation:XValidation:message="AmiRules must have unique names",rule="self.all(e, size(self.filter(x, x.name == e.name)) == 1)"
	AmiRules []AmiRule `json:"amiRules,omitempty" yaml:"amiRules,omitempty"`
	// +kubebuilder:validation:MaxItems=5
	// +kubebuilder:validation:XValidation:message="IamRoleRules must have unique IamRoleNames",rule="self.all(e, size(self.filter(x, x.iamRoleName == e.iamRoleName)) == 1)"
	IamRoleRules []IamRoleRule `json:"iamRoleRules,omitempty" yaml:"iamRoleRules,omitempty"`
	// +kubebuilder:validation:MaxItems=5
	// +kubebuilder:validation:XValidation:message="IamUserRules must have unique IamUserNames",rule="self.all(e, size(self.filter(x, x.iamUserName == e.iamUserName)) == 1)"
	IamUserRules []IamUserRule `json:"iamUserRules,omitempty" yaml:"iamUserRules,omitempty"`
	// +kubebuilder:validation:MaxItems=5
	// +kubebuilder:validation:XValidation:message="IamGroupRules must have unique IamGroupNames",rule="self.all(e, size(self.filter(x, x.iamGroupName == e.iamGroupName)) == 1)"
	IamGroupRules []IamGroupRule `json:"iamGroupRules,omitempty" yaml:"iamGroupRules,omitempty"`
	// +kubebuilder:validation:MaxItems=5
	// +kubebuilder:validation:XValidation:message="IamPolicyRules must have unique ARNs",rule="self.all(e, size(self.filter(x, x.iamPolicyArn == e.iamPolicyArn)) == 1)"
	IamPolicyRules []IamPolicyRule `json:"iamPolicyRules,omitempty" yaml:"iamPolicyRules,omitempty"`
	// +kubebuilder:validation:MaxItems=5
	// +kubebuilder:validation:XValidation:message="ServiceQuotaRules must have unique names",rule="self.all(e, size(self.filter(x, x.name == e.name)) == 1)"
	ServiceQuotaRules []ServiceQuotaRule `json:"serviceQuotaRules,omitempty" yaml:"serviceQuotaRules,omitempty"`
	// +kubebuilder:validation:MaxItems=5
	// +kubebuilder:validation:XValidation:message="TagRules must have unique names",rule="self.all(e, size(self.filter(x, x.name == e.name)) == 1)"
	TagRules []TagRule `json:"tagRules,omitempty" yaml:"tagRules,omitempty"`
}

AwsValidatorSpec defines the desired state of AwsValidator

func (*AwsValidatorSpec) DeepCopy 

func (in *AwsValidatorSpec) DeepCopy() *AwsValidatorSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsValidatorSpec.

func (*AwsValidatorSpec) DeepCopyInto 

func (in *AwsValidatorSpec) DeepCopyInto(out *AwsValidatorSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (AwsValidatorSpec) PluginCode added in v0.1.3 

func (s AwsValidatorSpec) PluginCode() string

PluginCode returns the network validator's plugin code.

func (AwsValidatorSpec) ResultCount 

func (s AwsValidatorSpec) ResultCount() int

ResultCount returns the number of validation results expected for an AwsValidatorSpec.

type AwsValidatorStatus 

type AwsValidatorStatus struct{}

AwsValidatorStatus defines the observed state of AwsValidator

func (*AwsValidatorStatus) DeepCopy 

func (in *AwsValidatorStatus) DeepCopy() *AwsValidatorStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsValidatorStatus.

func (*AwsValidatorStatus) DeepCopyInto 

func (in *AwsValidatorStatus) DeepCopyInto(out *AwsValidatorStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Condition 

type Condition map[string]map[string][]string

Condition defines an IAM policy condition.

func (Condition) DeepCopy 

func (in Condition) DeepCopy() Condition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition.

func (Condition) DeepCopyInto 

func (in Condition) DeepCopyInto(out *Condition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (Condition) String 

func (c Condition) String() string

String returns a string representation of an IAM Condition.

type Filter added in v0.1.1 

type Filter struct {
	Key    string   `json:"key" yaml:"key"`
	Values []string `json:"values" yaml:"values"`
	IsTag  bool     `json:"isTag,omitempty" yaml:"isTag,omitempty"`
}

Filter defines a filter to apply to an AWS API query.

func (*Filter) DeepCopy added in v0.1.1 

func (in *Filter) DeepCopy() *Filter

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Filter.

func (*Filter) DeepCopyInto added in v0.1.1 

func (in *Filter) DeepCopyInto(out *Filter)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IamGroupRule 

type IamGroupRule struct {
	validationrule.AutomaticallyNamed `json:"-"`

	IamGroupName string           `json:"iamGroupName" yaml:"iamGroupName"`
	Policies     []PolicyDocument `json:"iamPolicies" yaml:"iamPolicies"`
}

IamGroupRule compares the IAM permissions associated with an IAM group against an expected permission set.

func (*IamGroupRule) DeepCopy 

func (in *IamGroupRule) DeepCopy() *IamGroupRule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IamGroupRule.

func (*IamGroupRule) DeepCopyInto 

func (in *IamGroupRule) DeepCopyInto(out *IamGroupRule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (IamGroupRule) IAMPolicies 

func (r IamGroupRule) IAMPolicies() []PolicyDocument

IAMPolicies returns the IAM policies associated with an IamGroupRule.

func (IamGroupRule) Name 

func (r IamGroupRule) Name() string

Name returns the name of an IamGroupRule.

type IamPolicyRule 

type IamPolicyRule struct {
	validationrule.AutomaticallyNamed `json:"-"`

	IamPolicyARN string           `json:"iamPolicyArn" yaml:"iamPolicyArn"`
	Policies     []PolicyDocument `json:"iamPolicies" yaml:"iamPolicies"`
}

IamPolicyRule compares the IAM permissions associated with an IAM policy against an expected permission set.

func (*IamPolicyRule) DeepCopy 

func (in *IamPolicyRule) DeepCopy() *IamPolicyRule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IamPolicyRule.

func (*IamPolicyRule) DeepCopyInto 

func (in *IamPolicyRule) DeepCopyInto(out *IamPolicyRule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (IamPolicyRule) IAMPolicies 

func (r IamPolicyRule) IAMPolicies() []PolicyDocument

IAMPolicies returns the IAM policies associated with an IamPolicyRule.

func (IamPolicyRule) Name 

func (r IamPolicyRule) Name() string

Name returns the name of an IamPolicyRule.

type IamRoleRule 

type IamRoleRule struct {
	validationrule.AutomaticallyNamed `json:"-"`

	IamRoleName string           `json:"iamRoleName" yaml:"iamRoleName"`
	Policies    []PolicyDocument `json:"iamPolicies" yaml:"iamPolicies"`
}

IamRoleRule compares the IAM permissions associated with an IAM role against an expected permission set.

func (*IamRoleRule) DeepCopy 

func (in *IamRoleRule) DeepCopy() *IamRoleRule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IamRoleRule.

func (*IamRoleRule) DeepCopyInto 

func (in *IamRoleRule) DeepCopyInto(out *IamRoleRule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (IamRoleRule) IAMPolicies 

func (r IamRoleRule) IAMPolicies() []PolicyDocument

IAMPolicies returns the IAM policies associated with an IamRoleRule.

func (IamRoleRule) Name 

func (r IamRoleRule) Name() string

Name returns the name of an IamRoleRule.

type IamUserRule 

type IamUserRule struct {
	validationrule.AutomaticallyNamed `json:"-"`

	IamUserName string           `json:"iamUserName" yaml:"iamUserName"`
	Policies    []PolicyDocument `json:"iamPolicies" yaml:"iamPolicies"`
}

IamUserRule compares the IAM permissions associated with an IAM user against an expected permission set.

func (*IamUserRule) DeepCopy 

func (in *IamUserRule) DeepCopy() *IamUserRule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IamUserRule.

func (*IamUserRule) DeepCopyInto 

func (in *IamUserRule) DeepCopyInto(out *IamUserRule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (IamUserRule) IAMPolicies 

func (r IamUserRule) IAMPolicies() []PolicyDocument

IAMPolicies returns the IAM policies associated with an IamUserRule.

func (IamUserRule) Name 

func (r IamUserRule) Name() string

Name returns the name of an IamUserRule.

type PolicyDocument 

type PolicyDocument struct {
	Name       string           `json:"name" yaml:"name"`
	Version    string           `json:"version" yaml:"version"`
	Statements []StatementEntry `json:"statements" yaml:"statements"`
}

PolicyDocument defines an IAM policy document.

func (*PolicyDocument) DeepCopy 

func (in *PolicyDocument) DeepCopy() *PolicyDocument

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyDocument.

func (*PolicyDocument) DeepCopyInto 

func (in *PolicyDocument) DeepCopyInto(out *PolicyDocument)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ServiceQuota 

type ServiceQuota struct {
	Name   string `json:"name" yaml:"name"`
	Buffer int    `json:"buffer" yaml:"buffer"`
}

ServiceQuota defines an AWS service quota and an associated buffer.

func (*ServiceQuota) DeepCopy 

func (in *ServiceQuota) DeepCopy() *ServiceQuota

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceQuota.

func (*ServiceQuota) DeepCopyInto 

func (in *ServiceQuota) DeepCopyInto(out *ServiceQuota)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ServiceQuotaRule 

type ServiceQuotaRule struct {
	validationrule.ManuallyNamed `json:"-"`

	RuleName      string         `json:"name" yaml:"name"`
	Region        string         `json:"region" yaml:"region"`
	ServiceCode   string         `json:"serviceCode" yaml:"serviceCode"`
	ServiceQuotas []ServiceQuota `json:"serviceQuotas" yaml:"serviceQuotas"`
}

ServiceQuotaRule ensures that AWS service quotas are within a particular threshold.

func (*ServiceQuotaRule) DeepCopy 

func (in *ServiceQuotaRule) DeepCopy() *ServiceQuotaRule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ServiceQuotaRule.

func (*ServiceQuotaRule) DeepCopyInto 

func (in *ServiceQuotaRule) DeepCopyInto(out *ServiceQuotaRule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (ServiceQuotaRule) Name 

func (r ServiceQuotaRule) Name() string

Name returns the name of the ServiceQuotaRule.

func (*ServiceQuotaRule) SetName added in v0.1.5 

func (r *ServiceQuotaRule) SetName(name string)

SetName sets the name of the ServiceQuotaRule.

type StatementEntry 

type StatementEntry struct {
	Condition Condition `json:"condition,omitempty" yaml:"condition,omitempty"`
	Effect    string    `json:"effect" yaml:"effect"`
	Actions   []string  `json:"actions" yaml:"actions"`
	Resources []string  `json:"resources" yaml:"resources"`
}

StatementEntry defines an IAM policy statement.

func (*StatementEntry) DeepCopy 

func (in *StatementEntry) DeepCopy() *StatementEntry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new StatementEntry.

func (*StatementEntry) DeepCopyInto 

func (in *StatementEntry) DeepCopyInto(out *StatementEntry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type TagRule 

type TagRule struct {
	validationrule.ManuallyNamed `json:"-"`

	RuleName      string   `json:"name" yaml:"name"`
	Key           string   `json:"key" yaml:"key"`
	ExpectedValue string   `json:"expectedValue" yaml:"expectedValue"`
	Region        string   `json:"region" yaml:"region"`
	ResourceType  string   `json:"resourceType" yaml:"resourceType"`
	ARNs          []string `json:"arns" yaml:"arns"`
}

TagRule ensures that the tags associated with a particular AWS resource match an expected tag set.

func (*TagRule) DeepCopy 

func (in *TagRule) DeepCopy() *TagRule

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TagRule.

func (*TagRule) DeepCopyInto 

func (in *TagRule) DeepCopyInto(out *TagRule)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (TagRule) Name 

func (r TagRule) Name() string

Name returns the name of the ServiceQuotaRule.

func (*TagRule) SetName added in v0.1.5 

func (r *TagRule) SetName(name string)

SetName sets the name of the ServiceQuotaRule.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.