v1alpha1

package
v0.0.0-...-4b4ec10 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 8, 2024 License: Apache-2.0 Imports: 8 Imported by: 0

Documentation

Overview

+kubebuilder:object:generate=true +groupName=nsxt_policy_ipsec_vpn_session.crossplane.io +versionName=v1alpha1

Index

Constants

View Source 
const (
	CRDGroup   = "nsxt_policy_ipsec_vpn_session.crossplane.io"
	CRDVersion = "v1alpha1"
)

Package type metadata.

Variables

View Source 
var (
	// CRDGroupVersion is the API Group Version used to register the objects
	CRDGroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: CRDGroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var (
	PolicyIpsecVpnSession_Kind             = "PolicyIpsecVpnSession"
	PolicyIpsecVpnSession_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: PolicyIpsecVpnSession_Kind}.String()
	PolicyIpsecVpnSession_KindAPIVersion   = PolicyIpsecVpnSession_Kind + "." + CRDGroupVersion.String()
	PolicyIpsecVpnSession_GroupVersionKind = CRDGroupVersion.WithKind(PolicyIpsecVpnSession_Kind)
)

Repository type metadata.

Functions

This section is empty.

Types

type PolicyIpsecVpnSession 

type PolicyIpsecVpnSession struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.displayName)",message="displayName is a required parameter"
	// +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.localEndpointPath)",message="localEndpointPath is a required parameter"
	// +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.peerAddress)",message="peerAddress is a required parameter"
	// +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.peerId)",message="peerId is a required parameter"
	// +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.servicePath)",message="servicePath is a required parameter"
	// +kubebuilder:validation:XValidation:rule="self.managementPolicy == 'ObserveOnly' || has(self.forProvider.vpnType)",message="vpnType is a required parameter"
	Spec   PolicyIpsecVpnSessionSpec   `json:"spec"`
	Status PolicyIpsecVpnSessionStatus `json:"status,omitempty"`
}

PolicyIpsecVpnSession is the Schema for the PolicyIpsecVpnSessions API. <no value> +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,nsxt}

func (*PolicyIpsecVpnSession) GetCondition 

func (mg *PolicyIpsecVpnSession) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this PolicyIpsecVpnSession.

func (*PolicyIpsecVpnSession) GetConnectionDetailsMapping 

func (tr *PolicyIpsecVpnSession) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this PolicyIpsecVpnSession

func (*PolicyIpsecVpnSession) GetDeletionPolicy 

func (mg *PolicyIpsecVpnSession) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this PolicyIpsecVpnSession.

func (*PolicyIpsecVpnSession) GetID 

func (tr *PolicyIpsecVpnSession) GetID() string

GetID returns ID of underlying Terraform resource of this PolicyIpsecVpnSession

func (*PolicyIpsecVpnSession) GetManagementPolicy 

func (mg *PolicyIpsecVpnSession) GetManagementPolicy() xpv1.ManagementPolicy

GetManagementPolicy of this PolicyIpsecVpnSession.

func (*PolicyIpsecVpnSession) GetObservation 

func (tr *PolicyIpsecVpnSession) GetObservation() (map[string]any, error)

GetObservation of this PolicyIpsecVpnSession

func (*PolicyIpsecVpnSession) GetParameters 

func (tr *PolicyIpsecVpnSession) GetParameters() (map[string]any, error)

GetParameters of this PolicyIpsecVpnSession

func (*PolicyIpsecVpnSession) GetProviderConfigReference 

func (mg *PolicyIpsecVpnSession) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this PolicyIpsecVpnSession.

func (*PolicyIpsecVpnSession) GetProviderReference 

func (mg *PolicyIpsecVpnSession) GetProviderReference() *xpv1.Reference

GetProviderReference of this PolicyIpsecVpnSession. Deprecated: Use GetProviderConfigReference.

func (*PolicyIpsecVpnSession) GetPublishConnectionDetailsTo 

func (mg *PolicyIpsecVpnSession) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this PolicyIpsecVpnSession.

func (*PolicyIpsecVpnSession) GetTerraformResourceType 

func (mg *PolicyIpsecVpnSession) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this PolicyIpsecVpnSession

func (*PolicyIpsecVpnSession) GetTerraformSchemaVersion 

func (tr *PolicyIpsecVpnSession) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*PolicyIpsecVpnSession) GetWriteConnectionSecretToReference 

func (mg *PolicyIpsecVpnSession) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this PolicyIpsecVpnSession.

func (*PolicyIpsecVpnSession) LateInitialize 

func (tr *PolicyIpsecVpnSession) LateInitialize(attrs []byte) (bool, error)

LateInitialize this PolicyIpsecVpnSession using its observed tfState. returns True if there are any spec changes for the resource.

func (*PolicyIpsecVpnSession) SetConditions 

func (mg *PolicyIpsecVpnSession) SetConditions(c ...xpv1.Condition)

SetConditions of this PolicyIpsecVpnSession.

func (*PolicyIpsecVpnSession) SetDeletionPolicy 

func (mg *PolicyIpsecVpnSession) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this PolicyIpsecVpnSession.

func (*PolicyIpsecVpnSession) SetManagementPolicy 

func (mg *PolicyIpsecVpnSession) SetManagementPolicy(r xpv1.ManagementPolicy)

SetManagementPolicy of this PolicyIpsecVpnSession.

func (*PolicyIpsecVpnSession) SetObservation 

func (tr *PolicyIpsecVpnSession) SetObservation(obs map[string]any) error

SetObservation for this PolicyIpsecVpnSession

func (*PolicyIpsecVpnSession) SetParameters 

func (tr *PolicyIpsecVpnSession) SetParameters(params map[string]any) error

SetParameters for this PolicyIpsecVpnSession

func (*PolicyIpsecVpnSession) SetProviderConfigReference 

func (mg *PolicyIpsecVpnSession) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this PolicyIpsecVpnSession.

func (*PolicyIpsecVpnSession) SetProviderReference 

func (mg *PolicyIpsecVpnSession) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this PolicyIpsecVpnSession. Deprecated: Use SetProviderConfigReference.

func (*PolicyIpsecVpnSession) SetPublishConnectionDetailsTo 

func (mg *PolicyIpsecVpnSession) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this PolicyIpsecVpnSession.

func (*PolicyIpsecVpnSession) SetWriteConnectionSecretToReference 

func (mg *PolicyIpsecVpnSession) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this PolicyIpsecVpnSession.

type PolicyIpsecVpnSessionList 

type PolicyIpsecVpnSessionList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []PolicyIpsecVpnSession `json:"items"`
}

PolicyIpsecVpnSessionList contains a list of PolicyIpsecVpnSessions

func (*PolicyIpsecVpnSessionList) GetItems 

func (l *PolicyIpsecVpnSessionList) GetItems() []resource.Managed

GetItems of this PolicyIpsecVpnSessionList.

type PolicyIpsecVpnSessionObservation 

type PolicyIpsecVpnSessionObservation struct {

	// Peer authentication mode. PSK - In this mode a secret key shared between local and peer sites is to be used for authentication. The secret key can be a string with a maximum length of 128 characters. CERTIFICATE - In this mode a certificate defined at the global level is to be used for authentication.
	AuthenticationMode *string `json:"authenticationMode,omitempty" tf:"authentication_mode,omitempty"`

	// Compliance suite.
	ComplianceSuite *string `json:"complianceSuite,omitempty" tf:"compliance_suite,omitempty"`

	// Connection initiation mode used by local endpoint to establish ike connection with peer site. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.
	ConnectionInitiationMode *string `json:"connectionInitiationMode,omitempty" tf:"connection_initiation_mode,omitempty"`

	// Description for this resource
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// The traffic direction apply to the MSS clamping
	Direction *string `json:"direction,omitempty" tf:"direction,omitempty"`

	// Display name for this resource
	DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"`

	// Policy path referencing dpd profile.
	DpdProfilePath *string `json:"dpdProfilePath,omitempty" tf:"dpd_profile_path,omitempty"`

	// Enable/Disable IPSec VPN session.
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// IP Tunnel interface (commonly referred as VTI) ip addresses.
	IPAddresses []*string `json:"ipAddresses,omitempty" tf:"ip_addresses,omitempty"`

	// Policy path referencing Ike profile.
	IkeProfilePath *string `json:"ikeProfilePath,omitempty" tf:"ike_profile_path,omitempty"`

	// Policy path referencing Local endpoint.
	LocalEndpointPath *string `json:"localEndpointPath,omitempty" tf:"local_endpoint_path,omitempty"`

	// Maximum amount of data the host will accept in a Tcp segment.
	MaxSegmentSize *float64 `json:"maxSegmentSize,omitempty" tf:"max_segment_size,omitempty"`

	// NSX ID for this resource
	NsxID *string `json:"nsxId,omitempty" tf:"nsx_id,omitempty"`

	// Policy path for this resource
	Path *string `json:"path,omitempty" tf:"path,omitempty"`

	// Public IPV4 address of the remote device terminating the VPN connection.
	PeerAddress *string `json:"peerAddress,omitempty" tf:"peer_address,omitempty"`

	// Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer.
	PeerID *string `json:"peerId,omitempty" tf:"peer_id,omitempty"`

	// Subnet Prefix Length.
	PrefixLength *float64 `json:"prefixLength,omitempty" tf:"prefix_length,omitempty"`

	// The _revision property describes the current revision of the resource. To prevent clients from overwriting each other's changes, PUT operations must include the current _revision of the resource, which clients should obtain by issuing a GET operation. If the _revision provided in a PUT request is missing or stale, the operation will be rejected
	Revision *float64 `json:"revision,omitempty" tf:"revision,omitempty"`

	// For policy-based IPsec VPNs, a security policy specifies as its action the VPN tunnel to be used for transit traffic that meets the policy match criteria
	Rule []RuleObservation `json:"rule,omitempty" tf:"rule,omitempty"`

	// Policy path for IPSec VPN service
	ServicePath *string `json:"servicePath,omitempty" tf:"service_path,omitempty"`

	// Set of opaque identifiers meaningful to the user
	Tag []TagObservation `json:"tag,omitempty" tf:"tag,omitempty"`

	// Policy path referencing tunnel profile.
	TunnelProfilePath *string `json:"tunnelProfilePath,omitempty" tf:"tunnel_profile_path,omitempty"`

	// A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet. A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site.
	VPNType *string `json:"vpnType,omitempty" tf:"vpn_type,omitempty"`
}

type PolicyIpsecVpnSessionParameters 

type PolicyIpsecVpnSessionParameters struct {

	// Peer authentication mode. PSK - In this mode a secret key shared between local and peer sites is to be used for authentication. The secret key can be a string with a maximum length of 128 characters. CERTIFICATE - In this mode a certificate defined at the global level is to be used for authentication.
	// +kubebuilder:validation:Optional
	AuthenticationMode *string `json:"authenticationMode,omitempty" tf:"authentication_mode,omitempty"`

	// Compliance suite.
	// +kubebuilder:validation:Optional
	ComplianceSuite *string `json:"complianceSuite,omitempty" tf:"compliance_suite,omitempty"`

	// Connection initiation mode used by local endpoint to establish ike connection with peer site. INITIATOR - In this mode local endpoint initiates tunnel setup and will also respond to incoming tunnel setup requests from peer gateway. RESPOND_ONLY - In this mode, local endpoint shall only respond to incoming tunnel setup requests. It shall not initiate the tunnel setup. ON_DEMAND - In this mode local endpoint will initiate tunnel creation once first packet matching the policy rule is received and will also respond to incoming initiation request.
	// +kubebuilder:validation:Optional
	ConnectionInitiationMode *string `json:"connectionInitiationMode,omitempty" tf:"connection_initiation_mode,omitempty"`

	// Description for this resource
	// +kubebuilder:validation:Optional
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// The traffic direction apply to the MSS clamping
	// +kubebuilder:validation:Optional
	Direction *string `json:"direction,omitempty" tf:"direction,omitempty"`

	// Display name for this resource
	// +kubebuilder:validation:Optional
	DisplayName *string `json:"displayName,omitempty" tf:"display_name,omitempty"`

	// Policy path referencing dpd profile.
	// +kubebuilder:validation:Optional
	DpdProfilePath *string `json:"dpdProfilePath,omitempty" tf:"dpd_profile_path,omitempty"`

	// Enable/Disable IPSec VPN session.
	// +kubebuilder:validation:Optional
	Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"`

	// IP Tunnel interface (commonly referred as VTI) ip addresses.
	// +kubebuilder:validation:Optional
	IPAddresses []*string `json:"ipAddresses,omitempty" tf:"ip_addresses,omitempty"`

	// Policy path referencing Ike profile.
	// +kubebuilder:validation:Optional
	IkeProfilePath *string `json:"ikeProfilePath,omitempty" tf:"ike_profile_path,omitempty"`

	// Policy path referencing Local endpoint.
	// +kubebuilder:validation:Optional
	LocalEndpointPath *string `json:"localEndpointPath,omitempty" tf:"local_endpoint_path,omitempty"`

	// Maximum amount of data the host will accept in a Tcp segment.
	// +kubebuilder:validation:Optional
	MaxSegmentSize *float64 `json:"maxSegmentSize,omitempty" tf:"max_segment_size,omitempty"`

	// NSX ID for this resource
	// +kubebuilder:validation:Optional
	NsxID *string `json:"nsxId,omitempty" tf:"nsx_id,omitempty"`

	// Public IPV4 address of the remote device terminating the VPN connection.
	// +kubebuilder:validation:Optional
	PeerAddress *string `json:"peerAddress,omitempty" tf:"peer_address,omitempty"`

	// Peer ID to uniquely identify the peer site. The peer ID is the public IP address of the remote device terminating the VPN tunnel. When NAT is configured for the peer, enter the private IP address of the peer.
	// +kubebuilder:validation:Optional
	PeerID *string `json:"peerId,omitempty" tf:"peer_id,omitempty"`

	// Subnet Prefix Length.
	// +kubebuilder:validation:Optional
	PrefixLength *float64 `json:"prefixLength,omitempty" tf:"prefix_length,omitempty"`

	// IPSec Pre-shared key. Maximum length of this field is 128 characters.
	// +kubebuilder:validation:Optional
	PskSecretRef *v1.SecretKeySelector `json:"pskSecretRef,omitempty" tf:"-"`

	// For policy-based IPsec VPNs, a security policy specifies as its action the VPN tunnel to be used for transit traffic that meets the policy match criteria
	// +kubebuilder:validation:Optional
	Rule []RuleParameters `json:"rule,omitempty" tf:"rule,omitempty"`

	// Policy path for IPSec VPN service
	// +kubebuilder:validation:Optional
	ServicePath *string `json:"servicePath,omitempty" tf:"service_path,omitempty"`

	// Set of opaque identifiers meaningful to the user
	// +kubebuilder:validation:Optional
	Tag []TagParameters `json:"tag,omitempty" tf:"tag,omitempty"`

	// Policy path referencing tunnel profile.
	// +kubebuilder:validation:Optional
	TunnelProfilePath *string `json:"tunnelProfilePath,omitempty" tf:"tunnel_profile_path,omitempty"`

	// A Policy Based VPN requires to define protect rules that match local and peer subnets. IPSec security associations is negotiated for each pair of local and peer subnet. A Route Based VPN is more flexible, more powerful and recommended over policy based VPN. IP Tunnel port is created and all traffic routed via tunnel port is protected. Routes can be configured statically or can be learned through BGP. A route based VPN is must for establishing redundant VPN session to remote site.
	// +kubebuilder:validation:Optional
	VPNType *string `json:"vpnType,omitempty" tf:"vpn_type,omitempty"`
}

type PolicyIpsecVpnSessionSpec 

type PolicyIpsecVpnSessionSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     PolicyIpsecVpnSessionParameters `json:"forProvider"`
}

PolicyIpsecVpnSessionSpec defines the desired state of PolicyIpsecVpnSession

type PolicyIpsecVpnSessionStatus 

type PolicyIpsecVpnSessionStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        PolicyIpsecVpnSessionObservation `json:"atProvider,omitempty"`
}

PolicyIpsecVpnSessionStatus defines the observed state of PolicyIpsecVpnSession.

type RuleObservation 

type RuleObservation struct {

	// PROTECT - Protect rules are defined per policy based IPSec VPN session. BYPASS - Bypass rules are defined per IPSec VPN service and affects all policy based IPSec VPN sessions. Bypass rules are prioritized over protect rules.
	Action *string `json:"action,omitempty" tf:"action,omitempty"`

	// List of remote subnets
	Destinations []*string `json:"destinations,omitempty" tf:"destinations,omitempty"`

	// NSX ID for this resource
	NsxID *string `json:"nsxId,omitempty" tf:"nsx_id,omitempty"`

	// List of local subnets. Specifying no value is interpreted as 0.0.0.0/0.
	Sources []*string `json:"sources,omitempty" tf:"sources,omitempty"`
}

type RuleParameters 

type RuleParameters struct {

	// PROTECT - Protect rules are defined per policy based IPSec VPN session. BYPASS - Bypass rules are defined per IPSec VPN service and affects all policy based IPSec VPN sessions. Bypass rules are prioritized over protect rules.
	// +kubebuilder:validation:Optional
	Action *string `json:"action,omitempty" tf:"action,omitempty"`

	// List of remote subnets
	// +kubebuilder:validation:Optional
	Destinations []*string `json:"destinations,omitempty" tf:"destinations,omitempty"`

	// List of local subnets. Specifying no value is interpreted as 0.0.0.0/0.
	// +kubebuilder:validation:Optional
	Sources []*string `json:"sources,omitempty" tf:"sources,omitempty"`
}

type TagObservation 

type TagObservation struct {
	Scope *string `json:"scope,omitempty" tf:"scope,omitempty"`

	Tag *string `json:"tag,omitempty" tf:"tag,omitempty"`
}

type TagParameters 

type TagParameters struct {

	// +kubebuilder:validation:Optional
	Scope *string `json:"scope,omitempty" tf:"scope,omitempty"`

	// +kubebuilder:validation:Optional
	Tag *string `json:"tag,omitempty" tf:"tag,omitempty"`
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.