Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type AwsAuth ¶
type AwsAuth struct {
// A reference to a secret containing an AWS Access ID and Secret Key
// pair. The Secret must have data saved in the standard fields:
// AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY. Other fields are
// ingored.
// +optional
AccessKeyRef *NamespacedName `json:"accessKeyRef,omitempty"`
// +optional
JWTAuth *AwsJwtAuth `json:"jwt,omitempty"`
// An optional Role ARN to assume
// +optional
Role string `json:"roleArn,omitempty"`
}
Details on how to authenticate with the AWS API. If this is not specified, we will fall back to the ambient credentials given to the controller pod. +kubebuilder:object:generate=true
func (*AwsAuth) DeepCopy ¶
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsAuth.
func (*AwsAuth) DeepCopyInto ¶
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AwsJwtAuth ¶
type AwsJwtAuth struct {
// A reference to the ServiceAccount to use. A ServiceAccount token
// will be generated for this resource, and used as the web identity.
ServiceAccount NamespacedName `json:"serviceAccount"`
// The audience to use for the token. It is normally save to leave
// this as the default ("sts.amazonaws.com") unless you know you have
// a different setup.
// +kubebuilder:default="sts.amazonaws.com"
// +optional
Audience string `json:"stsAudience"`
// The name of the annotation on the ServiceAccount to search for the
// Role to assume. On EKS, the standard annotation is the default
// ("eks.amazonaws.com/role-arn").
// +kubebuilder:default="eks.amazonaws.com/role-arn"
// +optional
AnnotationName string `json:"annotationName"`
}
Details on how to authenticate using a ServiceAccount token as a web identity for AWS STS. You should already have setup the cluster as an identity provider in AWS IAM. +kubebuilder:object:generate=true
func (*AwsJwtAuth) DeepCopy ¶
func (in *AwsJwtAuth) DeepCopy() *AwsJwtAuth
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AwsJwtAuth.
func (*AwsJwtAuth) DeepCopyInto ¶
func (in *AwsJwtAuth) DeepCopyInto(out *AwsJwtAuth)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type CloudFrontSpec ¶
type CloudFrontSpec struct {
Auth *AwsAuth `json:"auth,omitempty"`
// Set this true if you need to request a dedicated IP address for
// your distribution in order to support legacy (non-SNI) clients.
// Warning, this will incurr high costs from AWS!
// +kubebuilder:default=sni-only
// +kubebuilder:validation:Enum=sni-only;vpi;static-ip
// +optional
SSLMode string `json:"sslMode"`
// The Policy ID of the CloudFront Cache Policy you want to use on
// distributions. This value is normally optional, but required if you
// want to set an originRequestPolicyId.
// +optional
CachePolicyId string `json:"cachePolicyId,omitempty"`
// The Policy ID of the CloudFront Origin Request Policy you want to
// use on distributions. If you specify this value, cachePolicyId is
// required.
// +optional
OriginRequestPolicyId string `json:"originRequestPolicyId,omitempty"`
// The list of HTTP methods to support. Others will be rejected with
// the CDN provider's native behaviour. NB: the controller can only
// guarantee that methods will work if they are "standard", eg
// CloudFront only supports HEAD, GET, OPTIONS, POST, PUT, DELETE.
//
// In addition, the controller cannot guarantee that methods you don't
// specify here _won't_ be accessible. For example, CloudFront only
// supports limited subsets, so if you specify any one of POST, PUT,
// or DELETE, all methods are enabled.
SupportedMethods []string `json:"supportedMethods"`
}
The access details for cloudfront distributions If this section is provided, a cloudfront distribution will be setup, even if access details are not given in this block. +kubebuilder:object:generate=true
func (*CloudFrontSpec) DeepCopy ¶
func (in *CloudFrontSpec) DeepCopy() *CloudFrontSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CloudFrontSpec.
func (*CloudFrontSpec) DeepCopyInto ¶
func (in *CloudFrontSpec) DeepCopyInto(out *CloudFrontSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type NamespacedName ¶
type NamespacedName struct {
// The name of the resource
Name string `json:"name"`
// The namespace of the resource. For ClusterDistributionClasses, this
// field is required.
// +optional
Namespace *string `json:"namespace"`
}
A reference to a kuberenetes resource, possibly in another namespace +kubebuilder:object:generate=true
func (*NamespacedName) DeepCopy ¶
func (in *NamespacedName) DeepCopy() *NamespacedName
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new NamespacedName.
func (*NamespacedName) DeepCopyInto ¶
func (in *NamespacedName) DeepCopyInto(out *NamespacedName)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
Source Files