customiamrole

package
v1.4.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 19, 2024 License: MPL-2.0 Imports: 13 Imported by: 0

Documentation

Index

Constants

View Source
const (
	ResourceName = "tanzu-mission-control_custom_iam_role"

	// Root Keys.
	NameKey = "name"
	SpecKey = "spec"

	// Spec Directive Keys.
	AllowedScopesKey         = "allowed_scopes"
	AggregationRuleKey       = "aggregation_rule"
	IsDeprecatedKey          = "is_deprecated"
	TanzuPermissionsKey      = "tanzu_permissions"
	KubernetesPermissionsKey = "kubernetes_permissions"

	// Kubernetes Permissions Directive Keys.
	RuleKey = "rule"

	// Rule Directive Keys.
	ResourcesKey     = "resources"
	APIGroupsKey     = "api_groups"
	URLPathsKey      = "url_paths"
	ResourceNamesKey = "resource_names"
	VerbsKey         = "verbs"

	// Aggregation Rule Directive Keys.
	ClusterRoleSelectorKey = "cluster_role_selector"

	// Cluster Role Selector Directive Keys.
	MatchLabelsKey     = "match_labels"
	MatchExpressionKey = "match_expression"

	// Match Expression Directive Keys.
	MeKey         = "key"
	MeOperatorKey = "operator"
	MeValuesKey   = "values"
)

Variables

View Source
var AggregationRuleSchema = &schema.Schema{
	Type:        schema.TypeList,
	Description: "Aggregation rules for the iam role.",
	MaxItems:    1,
	Optional:    true,
	Elem: &schema.Resource{
		Schema: map[string]*schema.Schema{
			ClusterRoleSelectorKey: {
				Type:        schema.TypeList,
				Description: "Cluster role selector for the iam role.",
				Required:    true,
				Elem: &schema.Resource{
					Schema: map[string]*schema.Schema{
						MatchLabelsKey: {
							Type:        schema.TypeMap,
							Description: "Map of {key,value} pairs.\nA single {key,value} in the match_labels map is equivalent to an element of match_expression, whose key field is \"key\", the operator is \"In\", and the values array contains only \"value\". \nThe requirements are ANDed.",
							Optional:    true,
						},
						MatchExpressionKey: {
							Type:        schema.TypeList,
							Description: "List of label selector requirements.\nThe requirements are ANDed.",
							Optional:    true,
							Elem: &schema.Resource{
								Schema: map[string]*schema.Schema{
									MeKey: {
										Type:        schema.TypeString,
										Description: "Key is the label key that the selector applies to.",
										Required:    true,
									},
									MeOperatorKey: {
										Type:        schema.TypeString,
										Description: "Operator represents a key's relationship to a set of values.\nValid operators are \"In\", \"NotIn\", \"Exists\" and \"DoesNotExist\".",
										Required:    true,
									},
									MeValuesKey: {
										Type:        schema.TypeList,
										Description: "Values is an array of string values.\nIf the operator is \"In\" or \"NotIn\", the values array must be non-empty.\nIf the operator is \"Exists\" or \"DoesNotExist\", the values array must be empty.\nThis array is replaced during a strategic merge patch.",
										Optional:    true,
										Elem: &schema.Schema{
											Type: schema.TypeString,
										},
									},
								},
							},
						},
					},
				},
			},
		},
	},
}
View Source
var AllowedScopesSchema = &schema.Schema{
	Type:        schema.TypeList,
	Description: fmt.Sprintf("The allowed scopes for the iam role.\nValid values are (%s)", strings.Join(AllowedScopesValidValues, ", ")),
	Required:    true,
	Elem: &schema.Schema{
		Type:             schema.TypeString,
		ValidateDiagFunc: validation.ToDiagFunc(validation.StringInSlice(AllowedScopesValidValues, false)),
	},
}
View Source
var KubernetesPermissionsSchema = &schema.Schema{
	Type:        schema.TypeList,
	Description: "Kubernetes permissions for the iam role.",
	MaxItems:    1,
	Optional:    true,
	Elem: &schema.Resource{
		Schema: map[string]*schema.Schema{
			RuleKey: RuleSchema,
		},
	},
}
View Source
var RuleSchema = &schema.Schema{
	Type:        schema.TypeList,
	Description: "Kubernetes rules.",
	Required:    true,
	Elem: &schema.Resource{
		Schema: map[string]*schema.Schema{
			APIGroupsKey: {
				Type:        schema.TypeList,
				Description: "API groups.",
				Optional:    true,
				Elem: &schema.Schema{
					Type: schema.TypeString,
				},
			},
			VerbsKey: {
				Type:        schema.TypeList,
				Description: "Verbs.",
				Required:    true,
				Elem: &schema.Schema{
					Type: schema.TypeString,
				},
			},
			ResourcesKey: {
				Type:        schema.TypeList,
				Description: "Resources for the role.",
				Optional:    true,
				Elem: &schema.Schema{
					Type: schema.TypeString,
				},
			},
			ResourceNamesKey: {
				Type:        schema.TypeList,
				Description: "Restricts the rule to resources by name.",
				Optional:    true,
				Elem: &schema.Schema{
					Type: schema.TypeString,
				},
			},
			URLPathsKey: {
				Type:        schema.TypeList,
				Description: "Non-resource urls for the role.",
				Optional:    true,
				Elem: &schema.Schema{
					Type: schema.TypeString,
				},
			},
		},
	},
}

Functions

func ResourceCustomIAMRole

func ResourceCustomIAMRole() *schema.Resource

Types

This section is empty.

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL