The highest tagged major version is
Documentation
¶
Overview ¶
Package v1alpha3 contains API Schema definitions for the controlplane v1alpha3 API group +gencrdrefdocs:force +groupName=controlplane.cluster.x-k8s.io
Package v1alpha3 contains API Schema definitions for the controlplane v1alpha3 API group +kubebuilder:object:generate=true +groupName=controlplane.cluster.x-k8s.io
Index ¶
- Constants
- Variables
- type AWSManagedControlPlane
- func (in *AWSManagedControlPlane) DeepCopy() *AWSManagedControlPlane
- func (in *AWSManagedControlPlane) DeepCopyInto(out *AWSManagedControlPlane)
- func (in *AWSManagedControlPlane) DeepCopyObject() runtime.Object
- func (r *AWSManagedControlPlane) Default()
- func (r *AWSManagedControlPlane) GetConditions() clusterv1.Conditions
- func (r *AWSManagedControlPlane) SetConditions(conditions clusterv1.Conditions)
- func (r *AWSManagedControlPlane) SetupWebhookWithManager(mgr ctrl.Manager) error
- func (r *AWSManagedControlPlane) ValidateCreate() error
- func (r *AWSManagedControlPlane) ValidateDelete() error
- func (r *AWSManagedControlPlane) ValidateUpdate(old runtime.Object) error
- type AWSManagedControlPlaneList
- type AWSManagedControlPlaneSpec
- type AWSManagedControlPlaneStatus
- type Addon
- type AddonIssue
- type AddonResolution
- type AddonState
- type AddonStatus
- type ControlPlaneLoggingSpec
- type EKSTokenMethod
- type EncryptionConfig
- type EndpointAccess
- type IAMAuthenticatorConfig
- type KubernetesMapping
- type OIDCProviderStatus
- type RoleMapping
- type UserMapping
Constants ¶
View Source
const ( // EKSControlPlaneReadyCondition condition reports on the successful reconciliation of eks control plane. EKSControlPlaneReadyCondition clusterv1.ConditionType = "EKSControlPlaneReady" // EKSControlPlaneCreatingCondition condition reports on whether the eks // control plane is creating EKSControlPlaneCreatingCondition clusterv1.ConditionType = "EKSControlPlaneCreating" // EKSControlPlaneUpdatingCondition condition reports on whether the eks // control plane is updating EKSControlPlaneUpdatingCondition clusterv1.ConditionType = "EKSControlPlaneUpdating" // EKSControlPlaneReconciliationFailedReason used to report failures while reconciling EKS control plane EKSControlPlaneReconciliationFailedReason = "EKSControlPlaneReconciliationFailed" )
View Source
const ( // IAMControlPlaneRolesReadyCondition condition reports on the successful reconciliation of eks control plane iam roles. IAMControlPlaneRolesReadyCondition clusterv1.ConditionType = "IAMControlPlaneRolesReady" // IAMControlPlaneRolesReconciliationFailedReason used to report failures while reconciling EKS control plane iam roles IAMControlPlaneRolesReconciliationFailedReason = "IAMControlPlaneRolesReconciliationFailed" )
View Source
const ( // IAMAuthenticatorConfiguredCondition condition reports on the successful reconciliation of aws-iam-authenticator config IAMAuthenticatorConfiguredCondition clusterv1.ConditionType = "IAMAuthenticatorConfigured" // IAMAuthenticatorConfigurationFailedReason used to report failures while reconciling the aws-iam-authenticator config IAMAuthenticatorConfigurationFailedReason = "IAMAuthenticatorConfigurationFailed" )
View Source
const ( // EKSAddonsConfiguredCondition condition reports on the successful reconciliation of EKS addons EKSAddonsConfiguredCondition clusterv1.ConditionType = "EKSAddonsConfigured" // EKSAddonsConfiguredFailedReason used to report failures while reconciling the EKS addons EKSAddonsConfiguredFailedReason = "EKSAddonsConfiguredFailed" )
View Source
const (
// ManagedControlPlaneFinalizer allows the controller to clean up resources on delete
ManagedControlPlaneFinalizer = "awsmanagedcontrolplane.controlplane.cluster.x-k8s.io"
)
View Source
const ( // SecurityGroupCluster is the security group for communication between EKS // control plane and managed node groups SecurityGroupCluster = infrav1.SecurityGroupRole("cluster") )
Variables ¶
View Source
var ( // GroupVersion is group version used to register these objects GroupVersion = schema.GroupVersion{Group: "controlplane.cluster.x-k8s.io", Version: "v1alpha3"} // SchemeBuilder is used to add go types to the GroupVersionKind scheme SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion} // AddToScheme adds the types in this group-version to the given scheme. AddToScheme = SchemeBuilder.AddToScheme )
View Source
var ( // EKSTokenMethodIAMAuthenticator indicates that IAM autenticator will be used to get a token EKSTokenMethodIAMAuthenticator = EKSTokenMethod("iam-authenticator") // EKSTokenMethodAWSCli indicates that the AWS CLI will be used to get a token // Version 1.16.156 or greater is required of the AWS CLI EKSTokenMethodAWSCli = EKSTokenMethod("aws-cli") )
View Source
var ( // AddonResolutionOverwrite indicates that if there are parameter conflicts then // resolution will be accomplished via overwriting AddonResolutionOverwrite = AddonResolution("overwrite") // AddonResolutionNone indicates that if there are parameter conflicts then // resolution will not be done and an error will be reported AddonResolutionNone = AddonResolution("none") )
View Source
var ( // AddonStatusCreating is a status to indicate the addon is creating AddonStatusCreating = "creating" // AddonStatusActive is a status to indicate the addon is active AddonStatusActive = "active" // AddonStatusCreateFailed is a status to indicate the addon failed creation AddonStatusCreateFailed = "create_failed" // AddonStatusUpdating is a status to indicate the addon is updating AddonStatusUpdating = "updating" // AddonStatusDeleting is a status to indicate the addon is deleting AddonStatusDeleting = "deleting" // AddonStatusDeleteFailed is a status to indicate the addon failed deletion AddonStatusDeleteFailed = "delete_failed" // AddonStatusDegraded is a status to indicate the addon is in a degraded state AddonStatusDegraded = "degraded" )
View Source
var ( ErrRoleARNRequired = errors.New("rolearn is required") ErrUserARNRequired = errors.New("userarn is required") ErrUserNameRequired = errors.New("username is required") ErrGroupsRequired = errors.New("groups are required") ErrIsNotARN = errors.New("supplied value is not a ARN") ErrIsNotRoleARN = errors.New("supplied ARN is not a role ARN") ErrIsNotUserARN = errors.New("supplied ARN is not a user ARN") )
View Source
var ( // DefaultEKSControlPlaneRole is the name of the default IAM role to use for the EKS control plane // if no other role is supplied in the spec and if iam role creation is not enabled. The default // can be created using clusterawsadm or created manually DefaultEKSControlPlaneRole = fmt.Sprintf("eks-controlplane%s", infrav1.DefaultNameSuffix) )
Functions ¶
This section is empty.
Types ¶
type AWSManagedControlPlane ¶
type AWSManagedControlPlane struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec AWSManagedControlPlaneSpec `json:"spec,omitempty"`
Status AWSManagedControlPlaneStatus `json:"status,omitempty"`
}
AWSManagedControlPlane is the Schema for the awsmanagedcontrolplanes API
func (*AWSManagedControlPlane) DeepCopy ¶
func (in *AWSManagedControlPlane) DeepCopy() *AWSManagedControlPlane
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSManagedControlPlane.
func (*AWSManagedControlPlane) DeepCopyInto ¶
func (in *AWSManagedControlPlane) DeepCopyInto(out *AWSManagedControlPlane)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*AWSManagedControlPlane) DeepCopyObject ¶
func (in *AWSManagedControlPlane) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
func (*AWSManagedControlPlane) Default ¶
func (r *AWSManagedControlPlane) Default()
Default will set default values for the AWSManagedControlPlane
func (*AWSManagedControlPlane) GetConditions ¶
func (r *AWSManagedControlPlane) GetConditions() clusterv1.Conditions
GetConditions returns the control planes conditions
func (*AWSManagedControlPlane) SetConditions ¶
func (r *AWSManagedControlPlane) SetConditions(conditions clusterv1.Conditions)
SetConditions sets the status conditions for the AWSManagedControlPlane
func (*AWSManagedControlPlane) SetupWebhookWithManager ¶
func (r *AWSManagedControlPlane) SetupWebhookWithManager(mgr ctrl.Manager) error
SetupWebhookWithManager will setup the webhooks for the AWSManagedControlPlane
func (*AWSManagedControlPlane) ValidateCreate ¶
func (r *AWSManagedControlPlane) ValidateCreate() error
ValidateCreate will do any extra validation when creating a AWSManagedControlPlane
func (*AWSManagedControlPlane) ValidateDelete ¶
func (r *AWSManagedControlPlane) ValidateDelete() error
ValidateDelete allows you to add any extra validation when deleting
func (*AWSManagedControlPlane) ValidateUpdate ¶
func (r *AWSManagedControlPlane) ValidateUpdate(old runtime.Object) error
ValidateUpdate will do any extra validation when updating a AWSManagedControlPlane
type AWSManagedControlPlaneList ¶
type AWSManagedControlPlaneList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []AWSManagedControlPlane `json:"items"`
}
AWSManagedControlPlaneList contains a list of AWSManagedControlPlane
func (*AWSManagedControlPlaneList) DeepCopy ¶
func (in *AWSManagedControlPlaneList) DeepCopy() *AWSManagedControlPlaneList
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSManagedControlPlaneList.
func (*AWSManagedControlPlaneList) DeepCopyInto ¶
func (in *AWSManagedControlPlaneList) DeepCopyInto(out *AWSManagedControlPlaneList)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*AWSManagedControlPlaneList) DeepCopyObject ¶
func (in *AWSManagedControlPlaneList) DeepCopyObject() runtime.Object
DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.
type AWSManagedControlPlaneSpec ¶
type AWSManagedControlPlaneSpec struct {
// EKSClusterName allows you to specify the name of the EKS cluster in
// AWS. If you don't specify a name then a default name will be created
// based on the namespace and name of the managed control plane.
// +optional
EKSClusterName string `json:"eksClusterName,omitempty"`
// IdentityRef is a reference to a identity to be used when reconciling the managed control plane.
// +optional
IdentityRef *infrav1.AWSIdentityReference `json:"identityRef,omitempty"`
// NetworkSpec encapsulates all things related to AWS network.
NetworkSpec infrav1.NetworkSpec `json:"networkSpec,omitempty"`
// SecondaryCidrBlock is the additional CIDR range to use for pod IPs.
// Must be within the 100.64.0.0/10 or 198.19.0.0/16 range.
// +optional
SecondaryCidrBlock *string `json:"secondaryCidrBlock,omitempty"`
// The AWS Region the cluster lives in.
Region string `json:"region,omitempty"`
// SSHKeyName is the name of the ssh key to attach to the bastion host. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)
// +optional
SSHKeyName *string `json:"sshKeyName,omitempty"`
// Version defines the desired Kubernetes version. If no version number
// is supplied then the latest version of Kubernetes that EKS supports
// will be used.
// +kubebuilder:validation:MinLength:=2
// +kubebuilder:validation:Pattern:=^v(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.?$
// +optional
Version *string `json:"version,omitempty"`
// RoleName specifies the name of IAM role that gives EKS
// permission to make API calls. If the role is pre-existing
// we will treat it as unmanaged and not delete it on
// deletion. If the EKSEnableIAM feature flag is true
// and no name is supplied then a role is created.
// +kubebuilder:validation:MinLength:=2
// +optional
RoleName *string `json:"roleName,omitempty"`
// RoleAdditionalPolicies allows you to attach additional polices to
// the control plane role. You must enable the EKSAllowAddRoles
// feature flag to incorporate these into the created role.
// +optional
RoleAdditionalPolicies *[]string `json:"roleAdditionalPolicies,omitempty"`
// Logging specifies which EKS Cluster logs should be enabled. Entries for
// each of the enabled logs will be sent to CloudWatch
// +optional
Logging *ControlPlaneLoggingSpec `json:"logging,omitempty"`
// EncryptionConfig specifies the encryption configuration for the cluster
// +optional
EncryptionConfig *EncryptionConfig `json:"encryptionConfig,omitempty"`
// AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the
// ones added by default.
// +optional
AdditionalTags infrav1.Tags `json:"additionalTags,omitempty"`
// IAMAuthenticatorConfig allows the specification of any additional user or role mappings
// for use when generating the aws-iam-authenticator configuration. If this is nil the
// default configuration is still generated for the cluster.
// +optional
IAMAuthenticatorConfig *IAMAuthenticatorConfig `json:"iamAuthenticatorConfig,omitempty"`
// Endpoints specifies access to this cluster's control plane endpoints
// +optional
EndpointAccess EndpointAccess `json:"endpointAccess,omitempty"`
// ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.
// +optional
ControlPlaneEndpoint clusterv1.APIEndpoint `json:"controlPlaneEndpoint"`
// ImageLookupFormat is the AMI naming format to look up machine images when
// a machine does not specify an AMI. When set, this will be used for all
// cluster machines unless a machine specifies a different ImageLookupOrg.
// Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base
// OS and kubernetes version, respectively. The BaseOS will be the value in
// ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as
// defined by the packages produced by kubernetes/release without v as a
// prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default
// image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up
// searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a
// Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See
// also: https://golang.org/pkg/text/template/
// +optional
ImageLookupFormat string `json:"imageLookupFormat,omitempty"`
// ImageLookupOrg is the AWS Organization ID to look up machine images when a
// machine does not specify an AMI. When set, this will be used for all
// cluster machines unless a machine specifies a different ImageLookupOrg.
// +optional
ImageLookupOrg string `json:"imageLookupOrg,omitempty"`
// ImageLookupBaseOS is the name of the base operating system used to look
// up machine images when a machine does not specify an AMI. When set, this
// will be used for all cluster machines unless a machine specifies a
// different ImageLookupBaseOS.
ImageLookupBaseOS string `json:"imageLookupBaseOS,omitempty"`
// Bastion contains options to configure the bastion host.
// +optional
Bastion infrav1.Bastion `json:"bastion"`
// TokenMethod is used to specify the method for obtaining a client token for communicating with EKS
// iam-authenticator - obtains a client token using iam-authentictor
// aws-cli - obtains a client token using the AWS CLI
// Defaults to iam-authenticator
// +kubebuilder:default=iam-authenticator
// +kubebuilder:validation:Enum=iam-authenticator;aws-cli
TokenMethod *EKSTokenMethod `json:"tokenMethod,omitempty"`
// AssociateOIDCProvider can be enabled to automatically create an identity
// provider for the controller for use with IAM roles for service accounts
// +kubebuilder:default=false
AssociateOIDCProvider bool `json:"associateOIDCProvider,omitempty"`
// Addons defines the EKS addons to enable with the EKS cluster.
// +optional
Addons *[]Addon `json:"addons,omitempty"`
// DisableVPCCNI indcates the the Amazon VPC CNI should be disabled. With EKS clusters that
// the Amazon VPC CNI is automatically installed into the cluster. For clusters where you want
// to use an alternate CNI this option provides a way to specify that the Amazon VPC CNI
// should be deleted. You cannot set this to true if you are using the
// Amazon VPC CNI addon or if you have specified a secondary CIDR block.
// +kubebuilder:default=false
DisableVPCCNI bool `json:"disableVPCCNI,omitempty"`
}
AWSManagedControlPlaneSpec defines the desired state of AWSManagedControlPlane
func (*AWSManagedControlPlaneSpec) DeepCopy ¶
func (in *AWSManagedControlPlaneSpec) DeepCopy() *AWSManagedControlPlaneSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSManagedControlPlaneSpec.
func (*AWSManagedControlPlaneSpec) DeepCopyInto ¶
func (in *AWSManagedControlPlaneSpec) DeepCopyInto(out *AWSManagedControlPlaneSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AWSManagedControlPlaneStatus ¶
type AWSManagedControlPlaneStatus struct {
// Networks holds details about the AWS networking resources used by the control plane
// +optional
Network infrav1.Network `json:"network,omitempty"`
// FailureDomains specifies a list fo available availability zones that can be used
// +optional
FailureDomains clusterv1.FailureDomains `json:"failureDomains,omitempty"`
// Bastion holds details of the instance that is used as a bastion jump box
// +optional
Bastion *infrav1.Instance `json:"bastion,omitempty"`
// OIDCProvider holds the status of the identity provider for this cluster
// +optional
OIDCProvider OIDCProviderStatus `json:"oidcProvider,omitempty"`
// ExternalManagedControlPlane indicates to cluster-api that the control plane
// is managed by an external service such as AKS, EKS, GKE, etc.
// +kubebuilder:default=true
ExternalManagedControlPlane *bool `json:"externalManagedControlPlane,omitempty"`
// Initialized denotes whether or not the control plane has the
// uploaded kubernetes config-map.
// +optional
Initialized bool `json:"initialized"`
// Ready denotes that the AWSManagedControlPlane API Server is ready to
// receive requests and that the VPC infra is ready.
// +kubebuilder:default=false
Ready bool `json:"ready"`
// ErrorMessage indicates that there is a terminal problem reconciling the
// state, and will be set to a descriptive error message.
// +optional
FailureMessage *string `json:"failureMessage,omitempty"`
// Conditions specifies the cpnditions for the managed control plane
Conditions clusterv1.Conditions `json:"conditions,omitempty"`
// Addons holds the current status of the EKS addons
// +optional
Addons []*AddonState `json:"addons,omitempty"`
}
AWSManagedControlPlaneStatus defines the observed state of AWSManagedControlPlane
func (*AWSManagedControlPlaneStatus) DeepCopy ¶
func (in *AWSManagedControlPlaneStatus) DeepCopy() *AWSManagedControlPlaneStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSManagedControlPlaneStatus.
func (*AWSManagedControlPlaneStatus) DeepCopyInto ¶
func (in *AWSManagedControlPlaneStatus) DeepCopyInto(out *AWSManagedControlPlaneStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type Addon ¶ added in v0.6.4
type Addon struct {
// Name is the name of the addon
// +kubebuilder:validation:MinLength:=2
// +kubebuilder:validation:Required
Name string `json:"name"`
// Version is the version of the addon to use
Version string `json:"version"`
// ConflictResolution is used to declare what should happen if there
// are parameter conflicts. Defaults to none
// +kubebuilder:default=none
// +kubebuilder:validation:Enum=overwrite;none
ConflictResolution *AddonResolution `json:"conflictResolution,omitempty"`
// ServiceAccountRoleArn is the ARN of an IAM role to bind to the addons service account
// +optional
ServiceAccountRoleArn *string `json:"serviceAccountRoleARN,omitempty"`
}
Addon represents a EKS addon
func (*Addon) DeepCopy ¶ added in v0.6.4
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Addon.
func (*Addon) DeepCopyInto ¶ added in v0.6.4
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AddonIssue ¶ added in v0.6.4
type AddonIssue struct {
// Code is the issue code
Code *string `json:"code,omitempty"`
// Message is the textual description of the issue
Message *string `json:"message,omitempty"`
// ResourceIDs is a list of resource ids for the issue
ResourceIDs []*string `json:"resourceIds,omitempty"`
}
AddonIssue represents an issue with an addon
func (*AddonIssue) DeepCopy ¶ added in v0.6.4
func (in *AddonIssue) DeepCopy() *AddonIssue
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AddonIssue.
func (*AddonIssue) DeepCopyInto ¶ added in v0.6.4
func (in *AddonIssue) DeepCopyInto(out *AddonIssue)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AddonResolution ¶ added in v0.6.4
type AddonResolution string
AddonResolution defines the method for resolving parameter conflicts
type AddonState ¶ added in v0.6.4
type AddonState struct {
// Name is the name of the addon
Name string `json:"name"`
// Version is the version of the addon to use
Version string `json:"version"`
// ARN is the AWS ARN of the addon
ARN string `json:"arn"`
// ServiceAccountRoleArn is the ARN of the IAM role used for the service account
ServiceAccountRoleArn *string `json:"serviceAccountRoleARN,omitempty"`
// CreatedAt is the date and time the addon was created at
CreatedAt metav1.Time `json:"createdAt,omitempty"`
// ModifiedAt is the date and time the addon was last modified
ModifiedAt metav1.Time `json:"modifiedAt,omitempty"`
// Status is the status of the addon
Status *string `json:"status,omitempty"`
// Issues is a list of issue associated with the addon
Issues []*AddonIssue `json:"issues,omitempty"`
}
AddonState represents the state of an addon
func (*AddonState) DeepCopy ¶ added in v0.6.4
func (in *AddonState) DeepCopy() *AddonState
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AddonState.
func (*AddonState) DeepCopyInto ¶ added in v0.6.4
func (in *AddonState) DeepCopyInto(out *AddonState)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type AddonStatus ¶ added in v0.6.4
type AddonStatus string
AddonStatus defines the status for an addon
type ControlPlaneLoggingSpec ¶
type ControlPlaneLoggingSpec struct {
// APIServer indicates if the Kubernetes API Server log (kube-apiserver) shoulkd be enabled
// +kubebuilder:default=false
APIServer bool `json:"apiServer"`
// Audit indicates if the Kubernetes API audit log should be enabled
// +kubebuilder:default=false
Audit bool `json:"audit"`
// Authenticator indicates if the iam authenticator log should be enabled
// +kubebuilder:default=false
Authenticator bool `json:"authenticator"`
//ControllerManager indicates if the controller manager (kube-controller-manager) log should be enabled
// +kubebuilder:default=false
ControllerManager bool `json:"controllerManager"`
// Scheduler indicates if the Kubernetes scheduler (kube-scheduler) log should be enabled
// +kubebuilder:default=false
Scheduler bool `json:"scheduler"`
}
ControlPlaneLoggingSpec defines what EKS control plane logs that should be enabled
func (*ControlPlaneLoggingSpec) DeepCopy ¶
func (in *ControlPlaneLoggingSpec) DeepCopy() *ControlPlaneLoggingSpec
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControlPlaneLoggingSpec.
func (*ControlPlaneLoggingSpec) DeepCopyInto ¶
func (in *ControlPlaneLoggingSpec) DeepCopyInto(out *ControlPlaneLoggingSpec)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*ControlPlaneLoggingSpec) IsLogEnabled ¶
func (s *ControlPlaneLoggingSpec) IsLogEnabled(logName string) bool
IsLogEnabled returns true if the log is enabled
type EKSTokenMethod ¶
type EKSTokenMethod string
EKSTokenMethod defines the method for obtaining a client token to use when connecting to EKS.
type EncryptionConfig ¶
type EncryptionConfig struct {
// Provider specifies the ARN or alias of the CMK (in AWS KMS)
Provider *string `json:"provider,omitempty"`
//Resources specifies the resources to be encrypted
Resources []*string `json:"resources,omitempty"`
}
EncryptionConfig specifies the encryption configuration for the EKS clsuter
func (*EncryptionConfig) DeepCopy ¶
func (in *EncryptionConfig) DeepCopy() *EncryptionConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EncryptionConfig.
func (*EncryptionConfig) DeepCopyInto ¶
func (in *EncryptionConfig) DeepCopyInto(out *EncryptionConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type EndpointAccess ¶
type EndpointAccess struct {
// Public controls whether control plane endpoints are publicly accessible
// +optional
Public *bool `json:"public,omitempty"`
// PublicCIDRs specifies which blocks can access the public endpoint
// +optional
PublicCIDRs []*string `json:"publicCIDRs,omitempty"`
// Private points VPC-internal control plane access to the private endpoint
// +optional
Private *bool `json:"private,omitempty"`
}
EndpointAccess specifies how control plane endpoints are accessible
func (*EndpointAccess) DeepCopy ¶
func (in *EndpointAccess) DeepCopy() *EndpointAccess
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointAccess.
func (*EndpointAccess) DeepCopyInto ¶
func (in *EndpointAccess) DeepCopyInto(out *EndpointAccess)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type IAMAuthenticatorConfig ¶
type IAMAuthenticatorConfig struct {
// RoleMappings is a list of role mappings
// +optional
RoleMappings []RoleMapping `json:"mapRoles,omitempty"`
// UserMappings is a list of user mappings
// +optional
UserMappings []UserMapping `json:"mapUsers,omitempty"`
}
IAMAuthenticatorConfig represents an aws-iam-authenticator configuration
func (*IAMAuthenticatorConfig) DeepCopy ¶
func (in *IAMAuthenticatorConfig) DeepCopy() *IAMAuthenticatorConfig
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuthenticatorConfig.
func (*IAMAuthenticatorConfig) DeepCopyInto ¶
func (in *IAMAuthenticatorConfig) DeepCopyInto(out *IAMAuthenticatorConfig)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type KubernetesMapping ¶
type KubernetesMapping struct {
// UserName is a kubernetes RBAC user subject
UserName string `json:"username"`
// Groups is a list of kubernetes RBAC groups
Groups []string `json:"groups"`
}
KubernetesMapping represents the kubernetes RBAC mapping
func (*KubernetesMapping) DeepCopy ¶
func (in *KubernetesMapping) DeepCopy() *KubernetesMapping
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesMapping.
func (*KubernetesMapping) DeepCopyInto ¶
func (in *KubernetesMapping) DeepCopyInto(out *KubernetesMapping)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type OIDCProviderStatus ¶ added in v0.6.4
type OIDCProviderStatus struct {
// ARN holds the ARN of the provider
ARN string `json:"arn,omitempty"`
// TrustPolicy contains the boilerplate IAM trust policy to use for IRSA
TrustPolicy string `json:"trustPolicy,omitempty"`
}
OIDCProviderStatus holds the status of the AWS OIDC identity provider
func (*OIDCProviderStatus) DeepCopy ¶ added in v0.6.4
func (in *OIDCProviderStatus) DeepCopy() *OIDCProviderStatus
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderStatus.
func (*OIDCProviderStatus) DeepCopyInto ¶ added in v0.6.4
func (in *OIDCProviderStatus) DeepCopyInto(out *OIDCProviderStatus)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
type RoleMapping ¶
type RoleMapping struct {
// RoleARN is the AWS ARN for the role to map
// +kubebuilder:validation:MinLength:=31
RoleARN string `json:"rolearn"`
// KubernetesMapping holds the RBAC details for the mapping
KubernetesMapping `json:",inline"`
}
RoleMapping represents a mapping from a IAM role to Kubernetes users and groups
func (*RoleMapping) DeepCopy ¶
func (in *RoleMapping) DeepCopy() *RoleMapping
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleMapping.
func (*RoleMapping) DeepCopyInto ¶
func (in *RoleMapping) DeepCopyInto(out *RoleMapping)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*RoleMapping) Validate ¶
func (r *RoleMapping) Validate() []error
Validate will return nil is there are no errors with the role mapping
type UserMapping ¶
type UserMapping struct {
// UserARN is the AWS ARN for the user to map
// +kubebuilder:validation:MinLength:=31
UserARN string `json:"userarn"`
// KubernetesMapping holds the RBAC details for the mapping
KubernetesMapping `json:",inline"`
}
UserMapping represents a mapping from an IAM user to Kubernetes users and groups
func (*UserMapping) DeepCopy ¶
func (in *UserMapping) DeepCopy() *UserMapping
DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserMapping.
func (*UserMapping) DeepCopyInto ¶
func (in *UserMapping) DeepCopyInto(out *UserMapping)
DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.
func (*UserMapping) Validate ¶
func (u *UserMapping) Validate() []error
Validate will return nil is there are no errors with the user mapping
Source Files
Click to show internal directories.
Click to hide internal directories.