v1alpha1

package
v0.20.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 29, 2024 License: Apache-2.0 Imports: 20 Imported by: 0

Documentation

Overview

Package v1alpha1 contains API Schema definitions for the iammanager v1alpha1 API group +kubebuilder:object:generate=true +groupName=iammanager.keikoproj.io

Index

Constants

This section is empty.

Variables

View Source 
var (
	// GroupVersion is group version used to register these objects
	GroupVersion = schema.GroupVersion{Group: "iammanager.keikoproj.io", Version: "v1alpha1"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)

Functions

func NewWClient 

func NewWClient()

Types

type AssumeRolePolicyDocument added in v0.0.4 

type AssumeRolePolicyDocument struct {
	// Version specifies IAM policy version
	// By default, this value is "2012-10-17"
	// +optional
	Version string `json:"Version,omitempty"`

	// Statement allows list of TrustPolicyStatement objects
	// +optional
	Statement []TrustPolicyStatement `json:"Statement,omitempty"`
}

+optional

func (*AssumeRolePolicyDocument) DeepCopy added in v0.0.4 

func (in *AssumeRolePolicyDocument) DeepCopy() *AssumeRolePolicyDocument

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AssumeRolePolicyDocument.

func (*AssumeRolePolicyDocument) DeepCopyInto added in v0.0.4 

func (in *AssumeRolePolicyDocument) DeepCopyInto(out *AssumeRolePolicyDocument)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Condition added in v0.0.4 

type Condition struct {
	//StringEquals can be used to define Equal condition
	// +optional
	StringEquals map[string]string `json:"StringEquals,omitempty"`
	//StringLike can be used for regex as supported by AWS
	// +optional
	StringLike map[string]string `json:"StringLike,omitempty"`
}

Condition struct holds Condition +optional

func (*Condition) DeepCopy added in v0.0.4 

func (in *Condition) DeepCopy() *Condition

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Condition.

func (*Condition) DeepCopyInto added in v0.0.4 

func (in *Condition) DeepCopyInto(out *Condition)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Effect 

type Effect string

Effect describes whether to allow or deny the specific action Allowed values are - "Allow" : allows the specific action on resources - "Deny" : denies the specific action on resources +kubebuilder:validation:Enum=Allow;Deny 

const (
	//Allow Policy allows policy
	AllowPolicy Effect = "Allow"

	//DenyPolicy denies policy
	DenyPolicy Effect = "Deny"
)

type Iamrole 

type Iamrole struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   IamroleSpec   `json:"spec,omitempty"`
	Status IamroleStatus `json:"status,omitempty"`
}

+kubebuilder:object:root=true +kubebuilder:subresource:status +kubebuilder:resource:path=iamroles,scope=Namespaced,shortName=iam,singular=iamrole +kubebuilder:printcolumn:name="State",type="string",JSONPath=".status.state",description="current state of the iam role" +kubebuilder:printcolumn:name="RoleName",type="string",JSONPath=".status.roleName",description="Name of the role" +kubebuilder:printcolumn:name="RetryCount",type="integer",JSONPath=".status.retryCount",description="Retry count" +kubebuilder:printcolumn:name="LastUpdatedTimestamp",type="string",format="date-time",JSONPath=".status.lastUpdatedTimestamp",description="last updated iam role timestamp" +kubebuilder:printcolumn:name="Age",type="date",JSONPath=".metadata.creationTimestamp",description="time passed since iamrole creation" Iamrole is the Schema for the iamroles API

func GetIamRole added in v0.15.0 

func GetIamRole(ctx context.Context, c client.Client, name, namespace string) (*Iamrole, error)

func ListIamRoles added in v0.15.0 

func ListIamRoles(ctx context.Context, c client.Client) ([]*Iamrole, error)

*

  • This function is used to retrieve all IAM-Roles from the cluster across all namespaces.
  • It will return a list of IAM-Roles in structured format.

func (*Iamrole) DeepCopy 

func (in *Iamrole) DeepCopy() *Iamrole

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Iamrole.

func (*Iamrole) DeepCopyInto 

func (in *Iamrole) DeepCopyInto(out *Iamrole)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*Iamrole) DeepCopyObject 

func (in *Iamrole) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*Iamrole) Default 

func (r *Iamrole) Default()

Default implements webhook.Defaulter so a webhook will be registered for the type

func (*Iamrole) SetupWebhookWithManager 

func (r *Iamrole) SetupWebhookWithManager(mgr ctrl.Manager) error

func (*Iamrole) ValidateCreate 

func (r *Iamrole) ValidateCreate() (admission.Warnings, error)

ValidateCreate implements webhook.Validator so a webhook will be registered for the type

func (*Iamrole) ValidateDelete 

func (r *Iamrole) ValidateDelete() (admission.Warnings, error)

ValidateDelete implements webhook.Validator so a webhook will be registered for the type

func (*Iamrole) ValidateUpdate 

func (r *Iamrole) ValidateUpdate(old runtime.Object) (admission.Warnings, error)

ValidateUpdate implements webhook.Validator so a webhook will be registered for the type

type IamroleList 

type IamroleList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []Iamrole `json:"items"`
}

IamroleList contains a list of Iamrole

func (*IamroleList) DeepCopy 

func (in *IamroleList) DeepCopy() *IamroleList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IamroleList.

func (*IamroleList) DeepCopyInto 

func (in *IamroleList) DeepCopyInto(out *IamroleList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*IamroleList) DeepCopyObject 

func (in *IamroleList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type IamroleSpec 

type IamroleSpec struct {
	PolicyDocument PolicyDocument `json:"PolicyDocument"`
	// +optional
	AssumeRolePolicyDocument *AssumeRolePolicyDocument `json:"AssumeRolePolicyDocument,omitempty"`
	// RoleName can be passed only for privileged namespaces. This will be respected only during new iamrole creation and will be ignored during iamrole update
	// Please check the documentation for more on how to configure privileged namespace using annotation for iam-manager
	// +optional
	RoleName string `json:"RoleName,omitempty"`
}

IamroleSpec defines the desired state of Iamrole

func (*IamroleSpec) DeepCopy 

func (in *IamroleSpec) DeepCopy() *IamroleSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IamroleSpec.

func (*IamroleSpec) DeepCopyInto 

func (in *IamroleSpec) DeepCopyInto(out *IamroleSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IamroleStatus 

type IamroleStatus struct {
	//RoleName represents the name of the iam role created in AWS
	RoleName string `json:"roleName,omitempty"`
	//RoleARN represents the ARN of an IAM role
	RoleARN string `json:"roleARN,omitempty"`
	//RoleID represents the unique ID of the role which can be used in S3 policy etc
	RoleID string `json:"roleID,omitempty"`
	//State of the resource
	State State `json:"state,omitempty"`
	//RetryCount in case of error
	RetryCount int `json:"retryCount"`
	//ErrorDescription in case of error
	// +optional
	ErrorDescription string `json:"errorDescription,omitempty"`
	//LastUpdatedTimestamp represents the last time the iam role has been modified
	// +optional
	LastUpdatedTimestamp metav1.Time `json:"lastUpdatedTimestamp,omitempty"`
}

IamroleStatus defines the observed state of Iamrole

func (*IamroleStatus) DeepCopy 

func (in *IamroleStatus) DeepCopy() *IamroleStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IamroleStatus.

func (*IamroleStatus) DeepCopyInto 

func (in *IamroleStatus) DeepCopyInto(out *IamroleStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type PolicyDocument 

type PolicyDocument struct {

	// Version specifies IAM policy version
	// By default, this value is "2012-10-17"
	// +optional
	Version string `json:"Version,omitempty"`

	// Statement allows list of statement object
	Statement []Statement `json:"Statement"`
}

PolicyDocument type defines IAM policy struct

func (*PolicyDocument) DeepCopy 

func (in *PolicyDocument) DeepCopy() *PolicyDocument

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new PolicyDocument.

func (*PolicyDocument) DeepCopyInto 

func (in *PolicyDocument) DeepCopyInto(out *PolicyDocument)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Principal 

type Principal struct {
	// +optional
	AWS StringOrStrings `json:"AWS,omitempty"`
	// +optional
	Service string `json:"Service,omitempty"`
	// +optional
	Federated string `json:"Federated,omitempty"`
}

Principal struct holds AWS principal +optional

func (*Principal) DeepCopy 

func (in *Principal) DeepCopy() *Principal

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Principal.

func (*Principal) DeepCopyInto 

func (in *Principal) DeepCopyInto(out *Principal)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type State 

type State string
const (
	Ready                State = "Ready"
	Error                State = "Error"
	PolicyNotAllowed     State = "PolicyNotAllowed"
	RolesMaxLimitReached State = "RolesMaxLimitReached"
	RoleNameNotAvailable State = "RoleNameNotAvailable"
)

type Statement 

type Statement struct {
	//Effect allowed/denied
	Effect Effect `json:"Effect"`

	//Action allowed on specific resources
	Action []string `json:"Action"`

	//Resources defines target resources which IAM policy will be applied
	Resource []string `json:"Resource"`
	// Sid is an optional field which describes the specific statement action
	// +optional
	Sid string `json:"Sid,omitempty"`
}

+kubebuilder:validation:Required Statement type defines the AWS IAM policy statement

func (*Statement) DeepCopy 

func (in *Statement) DeepCopy() *Statement

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Statement.

func (*Statement) DeepCopyInto 

func (in *Statement) DeepCopyInto(out *Statement)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type StringOrStrings 

type StringOrStrings []string

StringOrStrings type accepts one string or multiple strings +kubebuilder:object:generate=false

func (StringOrStrings) MarshalJSON 

func (s StringOrStrings) MarshalJSON() ([]byte, error)

MarshalJSON function is a custom implementation of json.Marshal for StringOrStrings

func (*StringOrStrings) UnmarshalJSON 

func (s *StringOrStrings) UnmarshalJSON(b []byte) error

UnmarshalJson function is a custom implementation of json to unmarshal StringOrStrings

type TrustPolicyStatement added in v0.0.4 

type TrustPolicyStatement struct {
	//Effect allowed/denied
	Effect Effect `json:"Effect,omitempty"`
	//Action can be performed
	Action string `json:"Action,omitempty"`
	// +optional
	Principal Principal `json:"Principal,omitempty"`
	// +optional
	Condition *Condition `json:"Condition,omitempty"`
}

TrustPolicy struct holds Trust policy +optional

func (*TrustPolicyStatement) ConditionChecksum added in v0.17.0 

func (tps *TrustPolicyStatement) ConditionChecksum() string

func (*TrustPolicyStatement) DeepCopy added in v0.0.4 

func (in *TrustPolicyStatement) DeepCopy() *TrustPolicyStatement

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new TrustPolicyStatement.

func (*TrustPolicyStatement) DeepCopyInto added in v0.0.4 

func (in *TrustPolicyStatement) DeepCopyInto(out *TrustPolicyStatement)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*TrustPolicyStatement) HasCondition added in v0.17.0 

func (tps *TrustPolicyStatement) HasCondition() bool

func (*TrustPolicyStatement) Id added in v0.16.0 

func (tps *TrustPolicyStatement) Id() string

Id returns the sid of the trust policy statement

func (*TrustPolicyStatement) IsConditionAnyServiceAccount added in v0.17.0 

func (tps *TrustPolicyStatement) IsConditionAnyServiceAccount() bool

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.