v1beta1

package
v0.47.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 15, 2024 License: Apache-2.0 Imports: 11 Imported by: 2

Documentation

Index

Constants

View Source 
const (
	CRDGroup   = "secretsmanager.aws.crossplane.io"
	CRDVersion = "v1beta1"
)

Package type metadata.

Variables

View Source 
var (
	// GroupVersion is the API Group Version used to register the objects
	GroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var (
	SecretKind             = "Secret"
	SecretGroupKind        = schema.GroupKind{Group: CRDGroup, Kind: SecretKind}.String()
	SecretKindAPIVersion   = SecretKind + "." + GroupVersion.String()
	SecretGroupVersionKind = GroupVersion.WithKind(SecretKind)
)

Repository type metadata.

Functions

This section is empty.

Types

type CustomSecretParameters 

type CustomSecretParameters struct {
	// KMSKeyIDRef is a reference to an kms/v1alpha1.Key used
	// to set the KMSKeyID field.
	// +optional
	KMSKeyIDRef *xpv1.Reference `json:"kmsKeyIDRef,omitempty"`

	// KMSKeyIDSelector selects references to kms/v1alpha1.Key
	// used to set the KMSKeyID.
	// +optional
	KMSKeyIDSelector *xpv1.Selector `json:"kmsKeyIDSelector,omitempty"`

	// StringSecretRef points to the Kubernetes Secret whose data will be sent
	// as string to AWS. If key parameter is given, only the value of that key
	// will be used. Otherwise, all data in the Secret will be marshalled into
	// JSON and sent to AWS.
	// Either StringSecretRef or BinarySecretRef must be set, but not both.
	StringSecretRef *SecretReference `json:"stringSecretRef,omitempty"`

	// BinarySecretRef points to the Kubernetes Secret whose data will be encoded
	// as binary data to AWS. If key parameter is given, only the value of that
	// key will be used. Otherwise, all data in the Secret will be marshalled
	// into JSON and sent to AWS.
	// Either StringSecretRef or BinarySecretRef must be set, but not both.
	BinarySecretRef *SecretReference `json:"binarySecretRef,omitempty"`

	// (Optional) Specifies that the secret is to be deleted without any recovery
	// window. You can't use both this parameter and the RecoveryWindowInDays parameter
	// in the same API call.
	//
	// An asynchronous background process performs the actual deletion, so there
	// can be a short delay before the operation completes. If you write code to
	// delete and then immediately recreate a secret with the same name, ensure
	// that your code includes appropriate back off and retry logic.
	//
	// Use this parameter with caution. This parameter causes the operation to skip
	// the normal waiting period before the permanent deletion that AWS would normally
	// impose with the RecoveryWindowInDays parameter. If you delete a secret with
	// the ForceDeleteWithouRecovery parameter, then you have no opportunity to
	// recover the secret. It is permanently lost.
	ForceDeleteWithoutRecovery *bool `json:"forceDeleteWithoutRecovery,omitempty"`

	// (Optional) Specifies the number of days that Secrets Manager waits before
	// it can delete the secret. You can't use both this parameter and the ForceDeleteWithoutRecovery
	// parameter in the same API call.
	//
	// This value can range from 7 to 30 days. The default value is 30.
	RecoveryWindowInDays *int64 `json:"recoveryWindowInDays,omitempty"`

	// A JSON-formatted string constructed according to the grammar and syntax for
	// an Amazon Web Services resource-based policy. The policy in the string identifies
	// who can access or manage this secret and its versions. For information on
	// how to format a JSON parameter for the various command line tool environments,
	// see Using JSON for Parameters (http://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json)
	// in the CLI User Guide.
	//
	// ResourcePolicy is a required field
	// +optional
	ResourcePolicy *string `json:"resourcePolicy,omitempty"`
}

CustomSecretParameters contains the additional fields for SecretParameters.

func (*CustomSecretParameters) DeepCopy 

func (in *CustomSecretParameters) DeepCopy() *CustomSecretParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new CustomSecretParameters.

func (*CustomSecretParameters) DeepCopyInto 

func (in *CustomSecretParameters) DeepCopyInto(out *CustomSecretParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Filter 

type Filter struct {
	Key *string `json:"key,omitempty"`

	Values []*string `json:"values,omitempty"`
}

+kubebuilder:skipversion

func (*Filter) DeepCopy 

func (in *Filter) DeepCopy() *Filter

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Filter.

func (*Filter) DeepCopyInto 

func (in *Filter) DeepCopyInto(out *Filter)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type FilterNameStringType 

type FilterNameStringType string
const (
	FilterNameStringType_description    FilterNameStringType = "description"
	FilterNameStringType_name           FilterNameStringType = "name"
	FilterNameStringType_tag_key        FilterNameStringType = "tag-key"
	FilterNameStringType_tag_value      FilterNameStringType = "tag-value"
	FilterNameStringType_primary_region FilterNameStringType = "primary-region"
	FilterNameStringType_owning_service FilterNameStringType = "owning-service"
	FilterNameStringType_all            FilterNameStringType = "all"
)

type ReplicaRegionType 

type ReplicaRegionType struct {
	KMSKeyID *string `json:"kmsKeyID,omitempty"`

	Region *string `json:"region,omitempty"`
}

+kubebuilder:skipversion

func (*ReplicaRegionType) DeepCopy 

func (in *ReplicaRegionType) DeepCopy() *ReplicaRegionType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicaRegionType.

func (*ReplicaRegionType) DeepCopyInto 

func (in *ReplicaRegionType) DeepCopyInto(out *ReplicaRegionType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type ReplicationStatusType 

type ReplicationStatusType struct {
	KMSKeyID *string `json:"kmsKeyID,omitempty"`

	LastAccessedDate *metav1.Time `json:"lastAccessedDate,omitempty"`

	Region *string `json:"region,omitempty"`

	Status *string `json:"status,omitempty"`

	StatusMessage *string `json:"statusMessage,omitempty"`
}

+kubebuilder:skipversion

func (*ReplicationStatusType) DeepCopy 

func (in *ReplicationStatusType) DeepCopy() *ReplicationStatusType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ReplicationStatusType.

func (*ReplicationStatusType) DeepCopyInto 

func (in *ReplicationStatusType) DeepCopyInto(out *ReplicationStatusType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RotationRulesType 

type RotationRulesType struct {
	AutomaticallyAfterDays *int64 `json:"automaticallyAfterDays,omitempty"`

	Duration *string `json:"duration,omitempty"`

	ScheduleExpression *string `json:"scheduleExpression,omitempty"`
}

+kubebuilder:skipversion

func (*RotationRulesType) DeepCopy 

func (in *RotationRulesType) DeepCopy() *RotationRulesType

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RotationRulesType.

func (*RotationRulesType) DeepCopyInto 

func (in *RotationRulesType) DeepCopyInto(out *RotationRulesType)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Secret 

type Secret struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              SecretSpec   `json:"spec"`
	Status            SecretStatus `json:"status,omitempty"`
}

Secret is the Schema for the Secrets API +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:storageversion +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}

func (*Secret) DeepCopy 

func (in *Secret) DeepCopy() *Secret

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Secret.

func (*Secret) DeepCopyInto 

func (in *Secret) DeepCopyInto(out *Secret)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Secret) DeepCopyObject 

func (in *Secret) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Secret) GetCondition 

func (mg *Secret) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this Secret.

func (*Secret) GetDeletionPolicy 

func (mg *Secret) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this Secret.

func (*Secret) GetManagementPolicies added in v0.43.0 

func (mg *Secret) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this Secret.

func (*Secret) GetProviderConfigReference 

func (mg *Secret) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this Secret.

func (*Secret) GetPublishConnectionDetailsTo 

func (mg *Secret) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this Secret.

func (*Secret) GetWriteConnectionSecretToReference 

func (mg *Secret) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this Secret.

func (*Secret) ResolveReferences 

func (mg *Secret) ResolveReferences(ctx context.Context, c client.Reader) error

ResolveReferences of this Secret

func (*Secret) SetConditions 

func (mg *Secret) SetConditions(c ...xpv1.Condition)

SetConditions of this Secret.

func (*Secret) SetDeletionPolicy 

func (mg *Secret) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this Secret.

func (*Secret) SetManagementPolicies added in v0.43.0 

func (mg *Secret) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this Secret.

func (*Secret) SetProviderConfigReference 

func (mg *Secret) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this Secret.

func (*Secret) SetPublishConnectionDetailsTo 

func (mg *Secret) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this Secret.

func (*Secret) SetWriteConnectionSecretToReference 

func (mg *Secret) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this Secret.

type SecretList 

type SecretList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Secret `json:"items"`
}

SecretList contains a list of Secrets

func (*SecretList) DeepCopy 

func (in *SecretList) DeepCopy() *SecretList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretList.

func (*SecretList) DeepCopyInto 

func (in *SecretList) DeepCopyInto(out *SecretList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*SecretList) DeepCopyObject 

func (in *SecretList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*SecretList) GetItems 

func (l *SecretList) GetItems() []resource.Managed

GetItems of this SecretList.

type SecretListEntry 

type SecretListEntry struct {
	ARN *string `json:"arn,omitempty"`

	CreatedDate *metav1.Time `json:"createdDate,omitempty"`

	DeletedDate *metav1.Time `json:"deletedDate,omitempty"`

	Description *string `json:"description,omitempty"`

	KMSKeyID *string `json:"kmsKeyID,omitempty"`

	LastAccessedDate *metav1.Time `json:"lastAccessedDate,omitempty"`

	LastChangedDate *metav1.Time `json:"lastChangedDate,omitempty"`

	LastRotatedDate *metav1.Time `json:"lastRotatedDate,omitempty"`

	Name *string `json:"name,omitempty"`

	NextRotationDate *metav1.Time `json:"nextRotationDate,omitempty"`

	OwningService *string `json:"owningService,omitempty"`

	PrimaryRegion *string `json:"primaryRegion,omitempty"`

	RotationEnabled *bool `json:"rotationEnabled,omitempty"`

	RotationLambdaARN *string `json:"rotationLambdaARN,omitempty"`
	// A structure that defines the rotation configuration for the secret.
	RotationRules *RotationRulesType `json:"rotationRules,omitempty"`

	SecretVersionsToStages map[string][]*string `json:"secretVersionsToStages,omitempty"`

	Tags []*Tag `json:"tags,omitempty"`
}

+kubebuilder:skipversion

func (*SecretListEntry) DeepCopy 

func (in *SecretListEntry) DeepCopy() *SecretListEntry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretListEntry.

func (*SecretListEntry) DeepCopyInto 

func (in *SecretListEntry) DeepCopyInto(out *SecretListEntry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretObservation 

type SecretObservation struct {
	// The ARN of the new secret. The ARN includes the name of the secret followed
	// by six random characters. This ensures that if you create a new secret with
	// the same name as a deleted secret, then users with access to the old secret
	// don't get access to the new secret because the ARNs are different.
	ARN *string `json:"arn,omitempty"`
	// A list of the replicas of this secret and their status:
	//
	//    * Failed, which indicates that the replica was not created.
	//
	//    * InProgress, which indicates that Secrets Manager is in the process of
	//    creating the replica.
	//
	//    * InSync, which indicates that the replica was created.
	ReplicationStatus []*ReplicationStatusType `json:"replicationStatus,omitempty"`
}

SecretObservation defines the observed state of Secret

func (*SecretObservation) DeepCopy 

func (in *SecretObservation) DeepCopy() *SecretObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretObservation.

func (*SecretObservation) DeepCopyInto 

func (in *SecretObservation) DeepCopyInto(out *SecretObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretParameters 

type SecretParameters struct {
	// Region is which region the Secret will be created.
	// +kubebuilder:validation:Required
	Region string `json:"region"`
	// A list of Regions and KMS keys to replicate secrets.
	AddReplicaRegions []*ReplicaRegionType `json:"addReplicaRegions,omitempty"`
	// The description of the secret.
	Description *string `json:"description,omitempty"`
	// Specifies whether to overwrite a secret with the same name in the destination
	// Region. By default, secrets aren't overwritten.
	ForceOverwriteReplicaSecret *bool `json:"forceOverwriteReplicaSecret,omitempty"`
	// The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt
	// the secret value in the secret. An alias is always prefixed by alias/, for
	// example alias/aws/secretsmanager. For more information, see About aliases
	// (https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html).
	//
	// To use a KMS key in a different account, use the key ARN or the alias ARN.
	//
	// If you don't specify this value, then Secrets Manager uses the key aws/secretsmanager.
	// If that key doesn't yet exist, then Secrets Manager creates it for you automatically
	// the first time it encrypts the secret value.
	//
	// If the secret is in a different Amazon Web Services account from the credentials
	// calling the API, then you can't use aws/secretsmanager to encrypt the secret,
	// and you must create and use a customer managed KMS key.
	KMSKeyID *string `json:"kmsKeyID,omitempty"`
	// A list of tags to attach to the secret. Each tag is a key and value pair
	// of strings in a JSON text string, for example:
	//
	// [{"Key":"CostCenter","Value":"12345"},{"Key":"environment","Value":"production"}]
	//
	// Secrets Manager tag key names are case sensitive. A tag with the key "ABC"
	// is a different tag from one with key "abc".
	//
	// If you check tags in permissions policies as part of your security strategy,
	// then adding or removing a tag can change permissions. If the completion of
	// this operation would result in you losing your permissions for this secret,
	// then Secrets Manager blocks the operation and returns an Access Denied error.
	// For more information, see Control access to secrets using tags (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#tag-secrets-abac)
	// and Limit access to identities with tags that match secrets' tags (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access_examples.html#auth-and-access_tags2).
	//
	// For information about how to format a JSON parameter for the various command
	// line tool environments, see Using JSON for Parameters (https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json).
	// If your command-line tool or SDK requires quotation marks around the parameter,
	// you should use single quotes to avoid confusion with the double quotes required
	// in the JSON text.
	//
	// The following restrictions apply to tags:
	//
	//    * Maximum number of tags per secret: 50
	//
	//    * Maximum key length: 127 Unicode characters in UTF-8
	//
	//    * Maximum value length: 255 Unicode characters in UTF-8
	//
	//    * Tag keys and values are case sensitive.
	//
	//    * Do not use the aws: prefix in your tag names or values because Amazon
	//    Web Services reserves it for Amazon Web Services use. You can't edit or
	//    delete tag names or values with this prefix. Tags with this prefix do
	//    not count against your tags per secret limit.
	//
	//    * If you use your tagging schema across multiple services and resources,
	//    other services might have restrictions on allowed characters. Generally
	//    allowed characters: letters, spaces, and numbers representable in UTF-8,
	//    plus the following special characters: + - = . _ : / @.
	Tags                   []*Tag `json:"tags,omitempty"`
	CustomSecretParameters `json:",inline"`
}

SecretParameters defines the desired state of Secret

func (*SecretParameters) DeepCopy 

func (in *SecretParameters) DeepCopy() *SecretParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretParameters.

func (*SecretParameters) DeepCopyInto 

func (in *SecretParameters) DeepCopyInto(out *SecretParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretReference 

type SecretReference struct {
	// Name of the secret.
	Name string `json:"name"`

	// Namespace of the secret.
	Namespace string `json:"namespace"`

	// Key whose value will be used. If not given, the whole map in the Secret
	// data will be used.
	Key *string `json:"key,omitempty"`

	// Type of the secret. Used to (re)create k8s secret in case of loss.
	// If not given, the controller will try to fetch the type from the referenced secret.
	Type *string `json:"type,omitempty"`
}

A SecretReference is a reference to a secret in an arbitrary namespace.

func (*SecretReference) DeepCopy 

func (in *SecretReference) DeepCopy() *SecretReference

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretReference.

func (*SecretReference) DeepCopyInto 

func (in *SecretReference) DeepCopyInto(out *SecretReference)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretSpec 

type SecretSpec struct {
	xpv1.ResourceSpec `json:",inline"`
	ForProvider       SecretParameters `json:"forProvider"`
}

SecretSpec defines the desired state of Secret

func (*SecretSpec) DeepCopy 

func (in *SecretSpec) DeepCopy() *SecretSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretSpec.

func (*SecretSpec) DeepCopyInto 

func (in *SecretSpec) DeepCopyInto(out *SecretSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretStatus 

type SecretStatus struct {
	xpv1.ResourceStatus `json:",inline"`
	AtProvider          SecretObservation `json:"atProvider,omitempty"`
}

SecretStatus defines the observed state of Secret.

func (*SecretStatus) DeepCopy 

func (in *SecretStatus) DeepCopy() *SecretStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretStatus.

func (*SecretStatus) DeepCopyInto 

func (in *SecretStatus) DeepCopyInto(out *SecretStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretVersionsListEntry 

type SecretVersionsListEntry struct {
	LastAccessedDate *metav1.Time `json:"lastAccessedDate,omitempty"`

	VersionStages []*string `json:"versionStages,omitempty"`
}

+kubebuilder:skipversion

func (*SecretVersionsListEntry) DeepCopy 

func (in *SecretVersionsListEntry) DeepCopy() *SecretVersionsListEntry

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretVersionsListEntry.

func (*SecretVersionsListEntry) DeepCopyInto 

func (in *SecretVersionsListEntry) DeepCopyInto(out *SecretVersionsListEntry)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SortOrderType 

type SortOrderType string
const (
	SortOrderType_asc  SortOrderType = "asc"
	SortOrderType_desc SortOrderType = "desc"
)

type StatusType 

type StatusType string
const (
	StatusType_InSync     StatusType = "InSync"
	StatusType_Failed     StatusType = "Failed"
	StatusType_InProgress StatusType = "InProgress"
)

type Tag 

type Tag struct {
	Key *string `json:"key,omitempty"`

	Value *string `json:"value,omitempty"`
}

+kubebuilder:skipversion

func (*Tag) DeepCopy 

func (in *Tag) DeepCopy() *Tag

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Tag.

func (*Tag) DeepCopyInto 

func (in *Tag) DeepCopyInto(out *Tag)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.