v1alpha1

package
v0.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 22, 2024 License: Apache-2.0 Imports: 9 Imported by: 0

Documentation

Overview

+kubebuilder:object:generate=true +groupName=aws.vault.upbound.io +versionName=v1alpha1

Index

Constants

View Source 
const (
	CRDGroup   = "aws.vault.upbound.io"
	CRDVersion = "v1alpha1"
)

Package type metadata.

Variables

View Source 
var (
	AuthBackendCert_Kind             = "AuthBackendCert"
	AuthBackendCert_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: AuthBackendCert_Kind}.String()
	AuthBackendCert_KindAPIVersion   = AuthBackendCert_Kind + "." + CRDGroupVersion.String()
	AuthBackendCert_GroupVersionKind = CRDGroupVersion.WithKind(AuthBackendCert_Kind)
)

Repository type metadata.

View Source 
var (
	AuthBackendClient_Kind             = "AuthBackendClient"
	AuthBackendClient_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: AuthBackendClient_Kind}.String()
	AuthBackendClient_KindAPIVersion   = AuthBackendClient_Kind + "." + CRDGroupVersion.String()
	AuthBackendClient_GroupVersionKind = CRDGroupVersion.WithKind(AuthBackendClient_Kind)
)

Repository type metadata.

View Source 
var (
	AuthBackendConfigIdentity_Kind             = "AuthBackendConfigIdentity"
	AuthBackendConfigIdentity_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: AuthBackendConfigIdentity_Kind}.String()
	AuthBackendConfigIdentity_KindAPIVersion   = AuthBackendConfigIdentity_Kind + "." + CRDGroupVersion.String()
	AuthBackendConfigIdentity_GroupVersionKind = CRDGroupVersion.WithKind(AuthBackendConfigIdentity_Kind)
)

Repository type metadata.

View Source 
var (
	AuthBackendIdentityWhitelist_Kind             = "AuthBackendIdentityWhitelist"
	AuthBackendIdentityWhitelist_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: AuthBackendIdentityWhitelist_Kind}.String()
	AuthBackendIdentityWhitelist_KindAPIVersion   = AuthBackendIdentityWhitelist_Kind + "." + CRDGroupVersion.String()
	AuthBackendIdentityWhitelist_GroupVersionKind = CRDGroupVersion.WithKind(AuthBackendIdentityWhitelist_Kind)
)

Repository type metadata.

View Source 
var (
	AuthBackendLogin_Kind             = "AuthBackendLogin"
	AuthBackendLogin_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: AuthBackendLogin_Kind}.String()
	AuthBackendLogin_KindAPIVersion   = AuthBackendLogin_Kind + "." + CRDGroupVersion.String()
	AuthBackendLogin_GroupVersionKind = CRDGroupVersion.WithKind(AuthBackendLogin_Kind)
)

Repository type metadata.

View Source 
var (
	AuthBackendRole_Kind             = "AuthBackendRole"
	AuthBackendRole_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: AuthBackendRole_Kind}.String()
	AuthBackendRole_KindAPIVersion   = AuthBackendRole_Kind + "." + CRDGroupVersion.String()
	AuthBackendRole_GroupVersionKind = CRDGroupVersion.WithKind(AuthBackendRole_Kind)
)

Repository type metadata.

View Source 
var (
	AuthBackendRoleTag_Kind             = "AuthBackendRoleTag"
	AuthBackendRoleTag_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: AuthBackendRoleTag_Kind}.String()
	AuthBackendRoleTag_KindAPIVersion   = AuthBackendRoleTag_Kind + "." + CRDGroupVersion.String()
	AuthBackendRoleTag_GroupVersionKind = CRDGroupVersion.WithKind(AuthBackendRoleTag_Kind)
)

Repository type metadata.

View Source 
var (
	AuthBackendRoletagBlacklist_Kind             = "AuthBackendRoletagBlacklist"
	AuthBackendRoletagBlacklist_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: AuthBackendRoletagBlacklist_Kind}.String()
	AuthBackendRoletagBlacklist_KindAPIVersion   = AuthBackendRoletagBlacklist_Kind + "." + CRDGroupVersion.String()
	AuthBackendRoletagBlacklist_GroupVersionKind = CRDGroupVersion.WithKind(AuthBackendRoletagBlacklist_Kind)
)

Repository type metadata.

View Source 
var (
	AuthBackendStsRole_Kind             = "AuthBackendStsRole"
	AuthBackendStsRole_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: AuthBackendStsRole_Kind}.String()
	AuthBackendStsRole_KindAPIVersion   = AuthBackendStsRole_Kind + "." + CRDGroupVersion.String()
	AuthBackendStsRole_GroupVersionKind = CRDGroupVersion.WithKind(AuthBackendStsRole_Kind)
)

Repository type metadata.

View Source 
var (
	// CRDGroupVersion is the API Group Version used to register the objects
	CRDGroupVersion = schema.GroupVersion{Group: CRDGroup, Version: CRDVersion}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme
	SchemeBuilder = &scheme.Builder{GroupVersion: CRDGroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var (
	SecretBackend_Kind             = "SecretBackend"
	SecretBackend_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: SecretBackend_Kind}.String()
	SecretBackend_KindAPIVersion   = SecretBackend_Kind + "." + CRDGroupVersion.String()
	SecretBackend_GroupVersionKind = CRDGroupVersion.WithKind(SecretBackend_Kind)
)

Repository type metadata.

View Source 
var (
	SecretBackendRole_Kind             = "SecretBackendRole"
	SecretBackendRole_GroupKind        = schema.GroupKind{Group: CRDGroup, Kind: SecretBackendRole_Kind}.String()
	SecretBackendRole_KindAPIVersion   = SecretBackendRole_Kind + "." + CRDGroupVersion.String()
	SecretBackendRole_GroupVersionKind = CRDGroupVersion.WithKind(SecretBackendRole_Kind)
)

Repository type metadata.

Functions

This section is empty.

Types

type AuthBackendCert 

type AuthBackendCert struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.awsPublicCert) || has(self.initProvider.awsPublicCert)",message="awsPublicCert is a required parameter"
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.certName) || has(self.initProvider.certName)",message="certName is a required parameter"
	Spec   AuthBackendCertSpec   `json:"spec"`
	Status AuthBackendCertStatus `json:"status,omitempty"`
}

AuthBackendCert is the Schema for the AuthBackendCerts API. Manages a certificate for an AWS Auth Backend in Vault. +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,vault}

func (*AuthBackendCert) DeepCopy 

func (in *AuthBackendCert) DeepCopy() *AuthBackendCert

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendCert.

func (*AuthBackendCert) DeepCopyInto 

func (in *AuthBackendCert) DeepCopyInto(out *AuthBackendCert)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendCert) DeepCopyObject 

func (in *AuthBackendCert) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendCert) GetCondition 

func (mg *AuthBackendCert) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this AuthBackendCert.

func (*AuthBackendCert) GetConnectionDetailsMapping 

func (tr *AuthBackendCert) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this AuthBackendCert

func (*AuthBackendCert) GetDeletionPolicy 

func (mg *AuthBackendCert) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this AuthBackendCert.

func (*AuthBackendCert) GetID 

func (tr *AuthBackendCert) GetID() string

GetID returns ID of underlying Terraform resource of this AuthBackendCert

func (*AuthBackendCert) GetInitParameters added in v0.2.0 

func (tr *AuthBackendCert) GetInitParameters() (map[string]any, error)

GetInitParameters of this AuthBackendCert

func (*AuthBackendCert) GetManagementPolicies added in v0.2.0 

func (mg *AuthBackendCert) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this AuthBackendCert.

func (*AuthBackendCert) GetObservation 

func (tr *AuthBackendCert) GetObservation() (map[string]any, error)

GetObservation of this AuthBackendCert

func (*AuthBackendCert) GetParameters 

func (tr *AuthBackendCert) GetParameters() (map[string]any, error)

GetParameters of this AuthBackendCert

func (*AuthBackendCert) GetProviderConfigReference 

func (mg *AuthBackendCert) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this AuthBackendCert.

func (*AuthBackendCert) GetProviderReference 

func (mg *AuthBackendCert) GetProviderReference() *xpv1.Reference

GetProviderReference of this AuthBackendCert. Deprecated: Use GetProviderConfigReference.

func (*AuthBackendCert) GetPublishConnectionDetailsTo 

func (mg *AuthBackendCert) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this AuthBackendCert.

func (*AuthBackendCert) GetTerraformResourceType 

func (mg *AuthBackendCert) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this AuthBackendCert

func (*AuthBackendCert) GetTerraformSchemaVersion 

func (tr *AuthBackendCert) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*AuthBackendCert) GetWriteConnectionSecretToReference 

func (mg *AuthBackendCert) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this AuthBackendCert.

func (*AuthBackendCert) LateInitialize 

func (tr *AuthBackendCert) LateInitialize(attrs []byte) (bool, error)

LateInitialize this AuthBackendCert using its observed tfState. returns True if there are any spec changes for the resource.

func (*AuthBackendCert) SetConditions 

func (mg *AuthBackendCert) SetConditions(c ...xpv1.Condition)

SetConditions of this AuthBackendCert.

func (*AuthBackendCert) SetDeletionPolicy 

func (mg *AuthBackendCert) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this AuthBackendCert.

func (*AuthBackendCert) SetManagementPolicies added in v0.2.0 

func (mg *AuthBackendCert) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this AuthBackendCert.

func (*AuthBackendCert) SetObservation 

func (tr *AuthBackendCert) SetObservation(obs map[string]any) error

SetObservation for this AuthBackendCert

func (*AuthBackendCert) SetParameters 

func (tr *AuthBackendCert) SetParameters(params map[string]any) error

SetParameters for this AuthBackendCert

func (*AuthBackendCert) SetProviderConfigReference 

func (mg *AuthBackendCert) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this AuthBackendCert.

func (*AuthBackendCert) SetProviderReference 

func (mg *AuthBackendCert) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this AuthBackendCert. Deprecated: Use SetProviderConfigReference.

func (*AuthBackendCert) SetPublishConnectionDetailsTo 

func (mg *AuthBackendCert) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this AuthBackendCert.

func (*AuthBackendCert) SetWriteConnectionSecretToReference 

func (mg *AuthBackendCert) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this AuthBackendCert.

type AuthBackendCertInitParameters added in v0.2.0 

type AuthBackendCertInitParameters struct {

	// The  Base64 encoded AWS Public key required to
	// verify PKCS7 signature of the EC2 instance metadata. You can find this key in
	// the AWS
	// documentation.
	// Base64 encoded AWS Public key required to verify PKCS7 signature of the EC2 instance metadata.
	AwsPublicCert *string `json:"awsPublicCert,omitempty" tf:"aws_public_cert,omitempty"`

	// The path the AWS auth backend being configured was
	// mounted at.  Defaults to aws.
	// Unique name of the auth backend to configure.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// The name of the certificate.
	// Name of the certificate to configure.
	CertName *string `json:"certName,omitempty" tf:"cert_name,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// Either "pkcs7" or "identity", indicating the type of
	// document which can be verified using the given certificate. Defaults to
	// "pkcs7".
	// The type of document that can be verified using the certificate. Must be either "pkcs7" or "identity".
	Type *string `json:"type,omitempty" tf:"type,omitempty"`
}

func (*AuthBackendCertInitParameters) DeepCopy added in v0.2.0 

func (in *AuthBackendCertInitParameters) DeepCopy() *AuthBackendCertInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendCertInitParameters.

func (*AuthBackendCertInitParameters) DeepCopyInto added in v0.2.0 

func (in *AuthBackendCertInitParameters) DeepCopyInto(out *AuthBackendCertInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendCertList 

type AuthBackendCertList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AuthBackendCert `json:"items"`
}

AuthBackendCertList contains a list of AuthBackendCerts

func (*AuthBackendCertList) DeepCopy 

func (in *AuthBackendCertList) DeepCopy() *AuthBackendCertList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendCertList.

func (*AuthBackendCertList) DeepCopyInto 

func (in *AuthBackendCertList) DeepCopyInto(out *AuthBackendCertList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendCertList) DeepCopyObject 

func (in *AuthBackendCertList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendCertList) GetItems 

func (l *AuthBackendCertList) GetItems() []resource.Managed

GetItems of this AuthBackendCertList.

type AuthBackendCertObservation 

type AuthBackendCertObservation struct {

	// The  Base64 encoded AWS Public key required to
	// verify PKCS7 signature of the EC2 instance metadata. You can find this key in
	// the AWS
	// documentation.
	// Base64 encoded AWS Public key required to verify PKCS7 signature of the EC2 instance metadata.
	AwsPublicCert *string `json:"awsPublicCert,omitempty" tf:"aws_public_cert,omitempty"`

	// The path the AWS auth backend being configured was
	// mounted at.  Defaults to aws.
	// Unique name of the auth backend to configure.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// The name of the certificate.
	// Name of the certificate to configure.
	CertName *string `json:"certName,omitempty" tf:"cert_name,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// Either "pkcs7" or "identity", indicating the type of
	// document which can be verified using the given certificate. Defaults to
	// "pkcs7".
	// The type of document that can be verified using the certificate. Must be either "pkcs7" or "identity".
	Type *string `json:"type,omitempty" tf:"type,omitempty"`
}

func (*AuthBackendCertObservation) DeepCopy 

func (in *AuthBackendCertObservation) DeepCopy() *AuthBackendCertObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendCertObservation.

func (*AuthBackendCertObservation) DeepCopyInto 

func (in *AuthBackendCertObservation) DeepCopyInto(out *AuthBackendCertObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendCertParameters 

type AuthBackendCertParameters struct {

	// The  Base64 encoded AWS Public key required to
	// verify PKCS7 signature of the EC2 instance metadata. You can find this key in
	// the AWS
	// documentation.
	// Base64 encoded AWS Public key required to verify PKCS7 signature of the EC2 instance metadata.
	// +kubebuilder:validation:Optional
	AwsPublicCert *string `json:"awsPublicCert,omitempty" tf:"aws_public_cert,omitempty"`

	// The path the AWS auth backend being configured was
	// mounted at.  Defaults to aws.
	// Unique name of the auth backend to configure.
	// +kubebuilder:validation:Optional
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// The name of the certificate.
	// Name of the certificate to configure.
	// +kubebuilder:validation:Optional
	CertName *string `json:"certName,omitempty" tf:"cert_name,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	// +kubebuilder:validation:Optional
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// Either "pkcs7" or "identity", indicating the type of
	// document which can be verified using the given certificate. Defaults to
	// "pkcs7".
	// The type of document that can be verified using the certificate. Must be either "pkcs7" or "identity".
	// +kubebuilder:validation:Optional
	Type *string `json:"type,omitempty" tf:"type,omitempty"`
}

func (*AuthBackendCertParameters) DeepCopy 

func (in *AuthBackendCertParameters) DeepCopy() *AuthBackendCertParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendCertParameters.

func (*AuthBackendCertParameters) DeepCopyInto 

func (in *AuthBackendCertParameters) DeepCopyInto(out *AuthBackendCertParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendCertSpec 

type AuthBackendCertSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     AuthBackendCertParameters `json:"forProvider"`
	// THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored
	// unless the relevant Crossplane feature flag is enabled, and may be
	// changed or removed without notice.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider AuthBackendCertInitParameters `json:"initProvider,omitempty"`
}

AuthBackendCertSpec defines the desired state of AuthBackendCert

func (*AuthBackendCertSpec) DeepCopy 

func (in *AuthBackendCertSpec) DeepCopy() *AuthBackendCertSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendCertSpec.

func (*AuthBackendCertSpec) DeepCopyInto 

func (in *AuthBackendCertSpec) DeepCopyInto(out *AuthBackendCertSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendCertStatus 

type AuthBackendCertStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        AuthBackendCertObservation `json:"atProvider,omitempty"`
}

AuthBackendCertStatus defines the observed state of AuthBackendCert.

func (*AuthBackendCertStatus) DeepCopy 

func (in *AuthBackendCertStatus) DeepCopy() *AuthBackendCertStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendCertStatus.

func (*AuthBackendCertStatus) DeepCopyInto 

func (in *AuthBackendCertStatus) DeepCopyInto(out *AuthBackendCertStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendClient 

type AuthBackendClient struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              AuthBackendClientSpec   `json:"spec"`
	Status            AuthBackendClientStatus `json:"status,omitempty"`
}

AuthBackendClient is the Schema for the AuthBackendClients API. Configures the client used by an AWS Auth Backend in Vault. +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,vault}

func (*AuthBackendClient) DeepCopy 

func (in *AuthBackendClient) DeepCopy() *AuthBackendClient

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendClient.

func (*AuthBackendClient) DeepCopyInto 

func (in *AuthBackendClient) DeepCopyInto(out *AuthBackendClient)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendClient) DeepCopyObject 

func (in *AuthBackendClient) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendClient) GetCondition 

func (mg *AuthBackendClient) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this AuthBackendClient.

func (*AuthBackendClient) GetConnectionDetailsMapping 

func (tr *AuthBackendClient) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this AuthBackendClient

func (*AuthBackendClient) GetDeletionPolicy 

func (mg *AuthBackendClient) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this AuthBackendClient.

func (*AuthBackendClient) GetID 

func (tr *AuthBackendClient) GetID() string

GetID returns ID of underlying Terraform resource of this AuthBackendClient

func (*AuthBackendClient) GetInitParameters added in v0.2.0 

func (tr *AuthBackendClient) GetInitParameters() (map[string]any, error)

GetInitParameters of this AuthBackendClient

func (*AuthBackendClient) GetManagementPolicies added in v0.2.0 

func (mg *AuthBackendClient) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this AuthBackendClient.

func (*AuthBackendClient) GetObservation 

func (tr *AuthBackendClient) GetObservation() (map[string]any, error)

GetObservation of this AuthBackendClient

func (*AuthBackendClient) GetParameters 

func (tr *AuthBackendClient) GetParameters() (map[string]any, error)

GetParameters of this AuthBackendClient

func (*AuthBackendClient) GetProviderConfigReference 

func (mg *AuthBackendClient) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this AuthBackendClient.

func (*AuthBackendClient) GetProviderReference 

func (mg *AuthBackendClient) GetProviderReference() *xpv1.Reference

GetProviderReference of this AuthBackendClient. Deprecated: Use GetProviderConfigReference.

func (*AuthBackendClient) GetPublishConnectionDetailsTo 

func (mg *AuthBackendClient) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this AuthBackendClient.

func (*AuthBackendClient) GetTerraformResourceType 

func (mg *AuthBackendClient) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this AuthBackendClient

func (*AuthBackendClient) GetTerraformSchemaVersion 

func (tr *AuthBackendClient) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*AuthBackendClient) GetWriteConnectionSecretToReference 

func (mg *AuthBackendClient) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this AuthBackendClient.

func (*AuthBackendClient) LateInitialize 

func (tr *AuthBackendClient) LateInitialize(attrs []byte) (bool, error)

LateInitialize this AuthBackendClient using its observed tfState. returns True if there are any spec changes for the resource.

func (*AuthBackendClient) SetConditions 

func (mg *AuthBackendClient) SetConditions(c ...xpv1.Condition)

SetConditions of this AuthBackendClient.

func (*AuthBackendClient) SetDeletionPolicy 

func (mg *AuthBackendClient) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this AuthBackendClient.

func (*AuthBackendClient) SetManagementPolicies added in v0.2.0 

func (mg *AuthBackendClient) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this AuthBackendClient.

func (*AuthBackendClient) SetObservation 

func (tr *AuthBackendClient) SetObservation(obs map[string]any) error

SetObservation for this AuthBackendClient

func (*AuthBackendClient) SetParameters 

func (tr *AuthBackendClient) SetParameters(params map[string]any) error

SetParameters for this AuthBackendClient

func (*AuthBackendClient) SetProviderConfigReference 

func (mg *AuthBackendClient) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this AuthBackendClient.

func (*AuthBackendClient) SetProviderReference 

func (mg *AuthBackendClient) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this AuthBackendClient. Deprecated: Use SetProviderConfigReference.

func (*AuthBackendClient) SetPublishConnectionDetailsTo 

func (mg *AuthBackendClient) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this AuthBackendClient.

func (*AuthBackendClient) SetWriteConnectionSecretToReference 

func (mg *AuthBackendClient) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this AuthBackendClient.

type AuthBackendClientInitParameters added in v0.2.0 

type AuthBackendClientInitParameters struct {

	// The path the AWS auth backend being configured was
	// mounted at.  Defaults to aws.
	// Unique name of the auth backend to configure.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// Override the URL Vault uses when making EC2 API
	// calls.
	// URL to override the default generated endpoint for making AWS EC2 API calls.
	EC2Endpoint *string `json:"ec2Endpoint,omitempty" tf:"ec2_endpoint,omitempty"`

	// Override the URL Vault uses when making IAM API
	// calls.
	// URL to override the default generated endpoint for making AWS IAM API calls.
	IAMEndpoint *string `json:"iamEndpoint,omitempty" tf:"iam_endpoint,omitempty"`

	// The value to require in the
	// X-Vault-AWS-IAM-Server-ID header as part of GetCallerIdentity requests
	// that are used in the IAM auth method.
	// The value to require in the X-Vault-AWS-IAM-Server-ID header as part of GetCallerIdentity requests that are used in the iam auth method.
	IAMServerIDHeaderValue *string `json:"iamServerIdHeaderValue,omitempty" tf:"iam_server_id_header_value,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// Override the URL Vault uses when making STS API
	// calls.
	// URL to override the default generated endpoint for making AWS STS API calls.
	StsEndpoint *string `json:"stsEndpoint,omitempty" tf:"sts_endpoint,omitempty"`

	// Override the default region when making STS API
	// calls. The sts_endpoint argument must be set when using sts_region.
	// Region to override the default region for making AWS STS API calls.
	StsRegion *string `json:"stsRegion,omitempty" tf:"sts_region,omitempty"`

	// Available in Vault v1.15+. If set,
	// overrides both sts_endpoint and sts_region to instead use the region
	// specified in the client request headers for IAM-based authentication.
	// This can be useful when you have client requests coming from different
	// regions and want flexibility in which regional STS API is used.
	// If set, will override sts_region and use the region from the client request's header
	UseStsRegionFromClient *bool `json:"useStsRegionFromClient,omitempty" tf:"use_sts_region_from_client,omitempty"`
}

func (*AuthBackendClientInitParameters) DeepCopy added in v0.2.0 

func (in *AuthBackendClientInitParameters) DeepCopy() *AuthBackendClientInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendClientInitParameters.

func (*AuthBackendClientInitParameters) DeepCopyInto added in v0.2.0 

func (in *AuthBackendClientInitParameters) DeepCopyInto(out *AuthBackendClientInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendClientList 

type AuthBackendClientList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AuthBackendClient `json:"items"`
}

AuthBackendClientList contains a list of AuthBackendClients

func (*AuthBackendClientList) DeepCopy 

func (in *AuthBackendClientList) DeepCopy() *AuthBackendClientList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendClientList.

func (*AuthBackendClientList) DeepCopyInto 

func (in *AuthBackendClientList) DeepCopyInto(out *AuthBackendClientList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendClientList) DeepCopyObject 

func (in *AuthBackendClientList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendClientList) GetItems 

func (l *AuthBackendClientList) GetItems() []resource.Managed

GetItems of this AuthBackendClientList.

type AuthBackendClientObservation 

type AuthBackendClientObservation struct {

	// The path the AWS auth backend being configured was
	// mounted at.  Defaults to aws.
	// Unique name of the auth backend to configure.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// Override the URL Vault uses when making EC2 API
	// calls.
	// URL to override the default generated endpoint for making AWS EC2 API calls.
	EC2Endpoint *string `json:"ec2Endpoint,omitempty" tf:"ec2_endpoint,omitempty"`

	// Override the URL Vault uses when making IAM API
	// calls.
	// URL to override the default generated endpoint for making AWS IAM API calls.
	IAMEndpoint *string `json:"iamEndpoint,omitempty" tf:"iam_endpoint,omitempty"`

	// The value to require in the
	// X-Vault-AWS-IAM-Server-ID header as part of GetCallerIdentity requests
	// that are used in the IAM auth method.
	// The value to require in the X-Vault-AWS-IAM-Server-ID header as part of GetCallerIdentity requests that are used in the iam auth method.
	IAMServerIDHeaderValue *string `json:"iamServerIdHeaderValue,omitempty" tf:"iam_server_id_header_value,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// Override the URL Vault uses when making STS API
	// calls.
	// URL to override the default generated endpoint for making AWS STS API calls.
	StsEndpoint *string `json:"stsEndpoint,omitempty" tf:"sts_endpoint,omitempty"`

	// Override the default region when making STS API
	// calls. The sts_endpoint argument must be set when using sts_region.
	// Region to override the default region for making AWS STS API calls.
	StsRegion *string `json:"stsRegion,omitempty" tf:"sts_region,omitempty"`

	// Available in Vault v1.15+. If set,
	// overrides both sts_endpoint and sts_region to instead use the region
	// specified in the client request headers for IAM-based authentication.
	// This can be useful when you have client requests coming from different
	// regions and want flexibility in which regional STS API is used.
	// If set, will override sts_region and use the region from the client request's header
	UseStsRegionFromClient *bool `json:"useStsRegionFromClient,omitempty" tf:"use_sts_region_from_client,omitempty"`
}

func (*AuthBackendClientObservation) DeepCopy 

func (in *AuthBackendClientObservation) DeepCopy() *AuthBackendClientObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendClientObservation.

func (*AuthBackendClientObservation) DeepCopyInto 

func (in *AuthBackendClientObservation) DeepCopyInto(out *AuthBackendClientObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendClientParameters 

type AuthBackendClientParameters struct {

	// The AWS access key that Vault should use for the
	// auth backend.
	// AWS Access key with permissions to query AWS APIs.
	// +kubebuilder:validation:Optional
	AccessKeySecretRef *v1.SecretKeySelector `json:"accessKeySecretRef,omitempty" tf:"-"`

	// The path the AWS auth backend being configured was
	// mounted at.  Defaults to aws.
	// Unique name of the auth backend to configure.
	// +kubebuilder:validation:Optional
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// Override the URL Vault uses when making EC2 API
	// calls.
	// URL to override the default generated endpoint for making AWS EC2 API calls.
	// +kubebuilder:validation:Optional
	EC2Endpoint *string `json:"ec2Endpoint,omitempty" tf:"ec2_endpoint,omitempty"`

	// Override the URL Vault uses when making IAM API
	// calls.
	// URL to override the default generated endpoint for making AWS IAM API calls.
	// +kubebuilder:validation:Optional
	IAMEndpoint *string `json:"iamEndpoint,omitempty" tf:"iam_endpoint,omitempty"`

	// The value to require in the
	// X-Vault-AWS-IAM-Server-ID header as part of GetCallerIdentity requests
	// that are used in the IAM auth method.
	// The value to require in the X-Vault-AWS-IAM-Server-ID header as part of GetCallerIdentity requests that are used in the iam auth method.
	// +kubebuilder:validation:Optional
	IAMServerIDHeaderValue *string `json:"iamServerIdHeaderValue,omitempty" tf:"iam_server_id_header_value,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	// +kubebuilder:validation:Optional
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The AWS secret key that Vault should use for the
	// auth backend.
	// AWS Secret key with permissions to query AWS APIs.
	// +kubebuilder:validation:Optional
	SecretKeySecretRef *v1.SecretKeySelector `json:"secretKeySecretRef,omitempty" tf:"-"`

	// Override the URL Vault uses when making STS API
	// calls.
	// URL to override the default generated endpoint for making AWS STS API calls.
	// +kubebuilder:validation:Optional
	StsEndpoint *string `json:"stsEndpoint,omitempty" tf:"sts_endpoint,omitempty"`

	// Override the default region when making STS API
	// calls. The sts_endpoint argument must be set when using sts_region.
	// Region to override the default region for making AWS STS API calls.
	// +kubebuilder:validation:Optional
	StsRegion *string `json:"stsRegion,omitempty" tf:"sts_region,omitempty"`

	// Available in Vault v1.15+. If set,
	// overrides both sts_endpoint and sts_region to instead use the region
	// specified in the client request headers for IAM-based authentication.
	// This can be useful when you have client requests coming from different
	// regions and want flexibility in which regional STS API is used.
	// If set, will override sts_region and use the region from the client request's header
	// +kubebuilder:validation:Optional
	UseStsRegionFromClient *bool `json:"useStsRegionFromClient,omitempty" tf:"use_sts_region_from_client,omitempty"`
}

func (*AuthBackendClientParameters) DeepCopy 

func (in *AuthBackendClientParameters) DeepCopy() *AuthBackendClientParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendClientParameters.

func (*AuthBackendClientParameters) DeepCopyInto 

func (in *AuthBackendClientParameters) DeepCopyInto(out *AuthBackendClientParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendClientSpec 

type AuthBackendClientSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     AuthBackendClientParameters `json:"forProvider"`
	// THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored
	// unless the relevant Crossplane feature flag is enabled, and may be
	// changed or removed without notice.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider AuthBackendClientInitParameters `json:"initProvider,omitempty"`
}

AuthBackendClientSpec defines the desired state of AuthBackendClient

func (*AuthBackendClientSpec) DeepCopy 

func (in *AuthBackendClientSpec) DeepCopy() *AuthBackendClientSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendClientSpec.

func (*AuthBackendClientSpec) DeepCopyInto 

func (in *AuthBackendClientSpec) DeepCopyInto(out *AuthBackendClientSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendClientStatus 

type AuthBackendClientStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        AuthBackendClientObservation `json:"atProvider,omitempty"`
}

AuthBackendClientStatus defines the observed state of AuthBackendClient.

func (*AuthBackendClientStatus) DeepCopy 

func (in *AuthBackendClientStatus) DeepCopy() *AuthBackendClientStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendClientStatus.

func (*AuthBackendClientStatus) DeepCopyInto 

func (in *AuthBackendClientStatus) DeepCopyInto(out *AuthBackendClientStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendConfigIdentity 

type AuthBackendConfigIdentity struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              AuthBackendConfigIdentitySpec   `json:"spec"`
	Status            AuthBackendConfigIdentityStatus `json:"status,omitempty"`
}

AuthBackendConfigIdentity is the Schema for the AuthBackendConfigIdentitys API. Manages AWS auth backend identity configuration in Vault. +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,vault}

func (*AuthBackendConfigIdentity) DeepCopy 

func (in *AuthBackendConfigIdentity) DeepCopy() *AuthBackendConfigIdentity

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendConfigIdentity.

func (*AuthBackendConfigIdentity) DeepCopyInto 

func (in *AuthBackendConfigIdentity) DeepCopyInto(out *AuthBackendConfigIdentity)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendConfigIdentity) DeepCopyObject 

func (in *AuthBackendConfigIdentity) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendConfigIdentity) GetCondition 

func (mg *AuthBackendConfigIdentity) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this AuthBackendConfigIdentity.

func (*AuthBackendConfigIdentity) GetConnectionDetailsMapping 

func (tr *AuthBackendConfigIdentity) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this AuthBackendConfigIdentity

func (*AuthBackendConfigIdentity) GetDeletionPolicy 

func (mg *AuthBackendConfigIdentity) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this AuthBackendConfigIdentity.

func (*AuthBackendConfigIdentity) GetID 

func (tr *AuthBackendConfigIdentity) GetID() string

GetID returns ID of underlying Terraform resource of this AuthBackendConfigIdentity

func (*AuthBackendConfigIdentity) GetInitParameters added in v0.2.0 

func (tr *AuthBackendConfigIdentity) GetInitParameters() (map[string]any, error)

GetInitParameters of this AuthBackendConfigIdentity

func (*AuthBackendConfigIdentity) GetManagementPolicies added in v0.2.0 

func (mg *AuthBackendConfigIdentity) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this AuthBackendConfigIdentity.

func (*AuthBackendConfigIdentity) GetObservation 

func (tr *AuthBackendConfigIdentity) GetObservation() (map[string]any, error)

GetObservation of this AuthBackendConfigIdentity

func (*AuthBackendConfigIdentity) GetParameters 

func (tr *AuthBackendConfigIdentity) GetParameters() (map[string]any, error)

GetParameters of this AuthBackendConfigIdentity

func (*AuthBackendConfigIdentity) GetProviderConfigReference 

func (mg *AuthBackendConfigIdentity) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this AuthBackendConfigIdentity.

func (*AuthBackendConfigIdentity) GetProviderReference 

func (mg *AuthBackendConfigIdentity) GetProviderReference() *xpv1.Reference

GetProviderReference of this AuthBackendConfigIdentity. Deprecated: Use GetProviderConfigReference.

func (*AuthBackendConfigIdentity) GetPublishConnectionDetailsTo 

func (mg *AuthBackendConfigIdentity) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this AuthBackendConfigIdentity.

func (*AuthBackendConfigIdentity) GetTerraformResourceType 

func (mg *AuthBackendConfigIdentity) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this AuthBackendConfigIdentity

func (*AuthBackendConfigIdentity) GetTerraformSchemaVersion 

func (tr *AuthBackendConfigIdentity) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*AuthBackendConfigIdentity) GetWriteConnectionSecretToReference 

func (mg *AuthBackendConfigIdentity) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this AuthBackendConfigIdentity.

func (*AuthBackendConfigIdentity) LateInitialize 

func (tr *AuthBackendConfigIdentity) LateInitialize(attrs []byte) (bool, error)

LateInitialize this AuthBackendConfigIdentity using its observed tfState. returns True if there are any spec changes for the resource.

func (*AuthBackendConfigIdentity) SetConditions 

func (mg *AuthBackendConfigIdentity) SetConditions(c ...xpv1.Condition)

SetConditions of this AuthBackendConfigIdentity.

func (*AuthBackendConfigIdentity) SetDeletionPolicy 

func (mg *AuthBackendConfigIdentity) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this AuthBackendConfigIdentity.

func (*AuthBackendConfigIdentity) SetManagementPolicies added in v0.2.0 

func (mg *AuthBackendConfigIdentity) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this AuthBackendConfigIdentity.

func (*AuthBackendConfigIdentity) SetObservation 

func (tr *AuthBackendConfigIdentity) SetObservation(obs map[string]any) error

SetObservation for this AuthBackendConfigIdentity

func (*AuthBackendConfigIdentity) SetParameters 

func (tr *AuthBackendConfigIdentity) SetParameters(params map[string]any) error

SetParameters for this AuthBackendConfigIdentity

func (*AuthBackendConfigIdentity) SetProviderConfigReference 

func (mg *AuthBackendConfigIdentity) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this AuthBackendConfigIdentity.

func (*AuthBackendConfigIdentity) SetProviderReference 

func (mg *AuthBackendConfigIdentity) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this AuthBackendConfigIdentity. Deprecated: Use SetProviderConfigReference.

func (*AuthBackendConfigIdentity) SetPublishConnectionDetailsTo 

func (mg *AuthBackendConfigIdentity) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this AuthBackendConfigIdentity.

func (*AuthBackendConfigIdentity) SetWriteConnectionSecretToReference 

func (mg *AuthBackendConfigIdentity) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this AuthBackendConfigIdentity.

type AuthBackendConfigIdentityInitParameters added in v0.2.0 

type AuthBackendConfigIdentityInitParameters struct {

	// Unique name of the auth backend to configure.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// How to generate the identity alias when using the ec2 auth method. Valid choices are
	// role_id, instance_id, and image_id. Defaults to role_id
	// Configures how to generate the identity alias when using the ec2 auth method.
	EC2Alias *string `json:"ec2Alias,omitempty" tf:"ec2_alias,omitempty"`

	// The metadata to include on the token returned by the login endpoint. This metadata will be
	// added to both audit logs, and on the ec2_alias
	// The metadata to include on the token returned by the login endpoint.
	EC2Metadata []*string `json:"ec2Metadata,omitempty" tf:"ec2_metadata,omitempty"`

	// How to generate the identity alias when using the iam auth method. Valid choices are
	// role_id, unique_id, and full_arn. Defaults to role_id
	// How to generate the identity alias when using the iam auth method.
	IAMAlias *string `json:"iamAlias,omitempty" tf:"iam_alias,omitempty"`

	// The metadata to include on the token returned by the login endpoint. This metadata will be
	// added to both audit logs, and on the iam_alias
	// The metadata to include on the token returned by the login endpoint.
	IAMMetadata []*string `json:"iamMetadata,omitempty" tf:"iam_metadata,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`
}

func (*AuthBackendConfigIdentityInitParameters) DeepCopy added in v0.2.0 

func (in *AuthBackendConfigIdentityInitParameters) DeepCopy() *AuthBackendConfigIdentityInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendConfigIdentityInitParameters.

func (*AuthBackendConfigIdentityInitParameters) DeepCopyInto added in v0.2.0 

func (in *AuthBackendConfigIdentityInitParameters) DeepCopyInto(out *AuthBackendConfigIdentityInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendConfigIdentityList 

type AuthBackendConfigIdentityList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AuthBackendConfigIdentity `json:"items"`
}

AuthBackendConfigIdentityList contains a list of AuthBackendConfigIdentitys

func (*AuthBackendConfigIdentityList) DeepCopy 

func (in *AuthBackendConfigIdentityList) DeepCopy() *AuthBackendConfigIdentityList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendConfigIdentityList.

func (*AuthBackendConfigIdentityList) DeepCopyInto 

func (in *AuthBackendConfigIdentityList) DeepCopyInto(out *AuthBackendConfigIdentityList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendConfigIdentityList) DeepCopyObject 

func (in *AuthBackendConfigIdentityList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendConfigIdentityList) GetItems 

func (l *AuthBackendConfigIdentityList) GetItems() []resource.Managed

GetItems of this AuthBackendConfigIdentityList.

type AuthBackendConfigIdentityObservation 

type AuthBackendConfigIdentityObservation struct {

	// Unique name of the auth backend to configure.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// How to generate the identity alias when using the ec2 auth method. Valid choices are
	// role_id, instance_id, and image_id. Defaults to role_id
	// Configures how to generate the identity alias when using the ec2 auth method.
	EC2Alias *string `json:"ec2Alias,omitempty" tf:"ec2_alias,omitempty"`

	// The metadata to include on the token returned by the login endpoint. This metadata will be
	// added to both audit logs, and on the ec2_alias
	// The metadata to include on the token returned by the login endpoint.
	EC2Metadata []*string `json:"ec2Metadata,omitempty" tf:"ec2_metadata,omitempty"`

	// How to generate the identity alias when using the iam auth method. Valid choices are
	// role_id, unique_id, and full_arn. Defaults to role_id
	// How to generate the identity alias when using the iam auth method.
	IAMAlias *string `json:"iamAlias,omitempty" tf:"iam_alias,omitempty"`

	// The metadata to include on the token returned by the login endpoint. This metadata will be
	// added to both audit logs, and on the iam_alias
	// The metadata to include on the token returned by the login endpoint.
	IAMMetadata []*string `json:"iamMetadata,omitempty" tf:"iam_metadata,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`
}

func (*AuthBackendConfigIdentityObservation) DeepCopy 

func (in *AuthBackendConfigIdentityObservation) DeepCopy() *AuthBackendConfigIdentityObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendConfigIdentityObservation.

func (*AuthBackendConfigIdentityObservation) DeepCopyInto 

func (in *AuthBackendConfigIdentityObservation) DeepCopyInto(out *AuthBackendConfigIdentityObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendConfigIdentityParameters 

type AuthBackendConfigIdentityParameters struct {

	// Unique name of the auth backend to configure.
	// +kubebuilder:validation:Optional
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// How to generate the identity alias when using the ec2 auth method. Valid choices are
	// role_id, instance_id, and image_id. Defaults to role_id
	// Configures how to generate the identity alias when using the ec2 auth method.
	// +kubebuilder:validation:Optional
	EC2Alias *string `json:"ec2Alias,omitempty" tf:"ec2_alias,omitempty"`

	// The metadata to include on the token returned by the login endpoint. This metadata will be
	// added to both audit logs, and on the ec2_alias
	// The metadata to include on the token returned by the login endpoint.
	// +kubebuilder:validation:Optional
	EC2Metadata []*string `json:"ec2Metadata,omitempty" tf:"ec2_metadata,omitempty"`

	// How to generate the identity alias when using the iam auth method. Valid choices are
	// role_id, unique_id, and full_arn. Defaults to role_id
	// How to generate the identity alias when using the iam auth method.
	// +kubebuilder:validation:Optional
	IAMAlias *string `json:"iamAlias,omitempty" tf:"iam_alias,omitempty"`

	// The metadata to include on the token returned by the login endpoint. This metadata will be
	// added to both audit logs, and on the iam_alias
	// The metadata to include on the token returned by the login endpoint.
	// +kubebuilder:validation:Optional
	IAMMetadata []*string `json:"iamMetadata,omitempty" tf:"iam_metadata,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	// +kubebuilder:validation:Optional
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`
}

func (*AuthBackendConfigIdentityParameters) DeepCopy 

func (in *AuthBackendConfigIdentityParameters) DeepCopy() *AuthBackendConfigIdentityParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendConfigIdentityParameters.

func (*AuthBackendConfigIdentityParameters) DeepCopyInto 

func (in *AuthBackendConfigIdentityParameters) DeepCopyInto(out *AuthBackendConfigIdentityParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendConfigIdentitySpec 

type AuthBackendConfigIdentitySpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     AuthBackendConfigIdentityParameters `json:"forProvider"`
	// THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored
	// unless the relevant Crossplane feature flag is enabled, and may be
	// changed or removed without notice.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider AuthBackendConfigIdentityInitParameters `json:"initProvider,omitempty"`
}

AuthBackendConfigIdentitySpec defines the desired state of AuthBackendConfigIdentity

func (*AuthBackendConfigIdentitySpec) DeepCopy 

func (in *AuthBackendConfigIdentitySpec) DeepCopy() *AuthBackendConfigIdentitySpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendConfigIdentitySpec.

func (*AuthBackendConfigIdentitySpec) DeepCopyInto 

func (in *AuthBackendConfigIdentitySpec) DeepCopyInto(out *AuthBackendConfigIdentitySpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendConfigIdentityStatus 

type AuthBackendConfigIdentityStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        AuthBackendConfigIdentityObservation `json:"atProvider,omitempty"`
}

AuthBackendConfigIdentityStatus defines the observed state of AuthBackendConfigIdentity.

func (*AuthBackendConfigIdentityStatus) DeepCopy 

func (in *AuthBackendConfigIdentityStatus) DeepCopy() *AuthBackendConfigIdentityStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendConfigIdentityStatus.

func (*AuthBackendConfigIdentityStatus) DeepCopyInto 

func (in *AuthBackendConfigIdentityStatus) DeepCopyInto(out *AuthBackendConfigIdentityStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendIdentityWhitelist 

type AuthBackendIdentityWhitelist struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              AuthBackendIdentityWhitelistSpec   `json:"spec"`
	Status            AuthBackendIdentityWhitelistStatus `json:"status,omitempty"`
}

AuthBackendIdentityWhitelist is the Schema for the AuthBackendIdentityWhitelists API. Configures the periodic tidying operation of the whitelisted identity entries. +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,vault}

func (*AuthBackendIdentityWhitelist) DeepCopy 

func (in *AuthBackendIdentityWhitelist) DeepCopy() *AuthBackendIdentityWhitelist

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendIdentityWhitelist.

func (*AuthBackendIdentityWhitelist) DeepCopyInto 

func (in *AuthBackendIdentityWhitelist) DeepCopyInto(out *AuthBackendIdentityWhitelist)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendIdentityWhitelist) DeepCopyObject 

func (in *AuthBackendIdentityWhitelist) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendIdentityWhitelist) GetCondition 

func (mg *AuthBackendIdentityWhitelist) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this AuthBackendIdentityWhitelist.

func (*AuthBackendIdentityWhitelist) GetConnectionDetailsMapping 

func (tr *AuthBackendIdentityWhitelist) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this AuthBackendIdentityWhitelist

func (*AuthBackendIdentityWhitelist) GetDeletionPolicy 

func (mg *AuthBackendIdentityWhitelist) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this AuthBackendIdentityWhitelist.

func (*AuthBackendIdentityWhitelist) GetID 

func (tr *AuthBackendIdentityWhitelist) GetID() string

GetID returns ID of underlying Terraform resource of this AuthBackendIdentityWhitelist

func (*AuthBackendIdentityWhitelist) GetInitParameters added in v0.2.0 

func (tr *AuthBackendIdentityWhitelist) GetInitParameters() (map[string]any, error)

GetInitParameters of this AuthBackendIdentityWhitelist

func (*AuthBackendIdentityWhitelist) GetManagementPolicies added in v0.2.0 

func (mg *AuthBackendIdentityWhitelist) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this AuthBackendIdentityWhitelist.

func (*AuthBackendIdentityWhitelist) GetObservation 

func (tr *AuthBackendIdentityWhitelist) GetObservation() (map[string]any, error)

GetObservation of this AuthBackendIdentityWhitelist

func (*AuthBackendIdentityWhitelist) GetParameters 

func (tr *AuthBackendIdentityWhitelist) GetParameters() (map[string]any, error)

GetParameters of this AuthBackendIdentityWhitelist

func (*AuthBackendIdentityWhitelist) GetProviderConfigReference 

func (mg *AuthBackendIdentityWhitelist) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this AuthBackendIdentityWhitelist.

func (*AuthBackendIdentityWhitelist) GetProviderReference 

func (mg *AuthBackendIdentityWhitelist) GetProviderReference() *xpv1.Reference

GetProviderReference of this AuthBackendIdentityWhitelist. Deprecated: Use GetProviderConfigReference.

func (*AuthBackendIdentityWhitelist) GetPublishConnectionDetailsTo 

func (mg *AuthBackendIdentityWhitelist) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this AuthBackendIdentityWhitelist.

func (*AuthBackendIdentityWhitelist) GetTerraformResourceType 

func (mg *AuthBackendIdentityWhitelist) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this AuthBackendIdentityWhitelist

func (*AuthBackendIdentityWhitelist) GetTerraformSchemaVersion 

func (tr *AuthBackendIdentityWhitelist) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*AuthBackendIdentityWhitelist) GetWriteConnectionSecretToReference 

func (mg *AuthBackendIdentityWhitelist) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this AuthBackendIdentityWhitelist.

func (*AuthBackendIdentityWhitelist) LateInitialize 

func (tr *AuthBackendIdentityWhitelist) LateInitialize(attrs []byte) (bool, error)

LateInitialize this AuthBackendIdentityWhitelist using its observed tfState. returns True if there are any spec changes for the resource.

func (*AuthBackendIdentityWhitelist) SetConditions 

func (mg *AuthBackendIdentityWhitelist) SetConditions(c ...xpv1.Condition)

SetConditions of this AuthBackendIdentityWhitelist.

func (*AuthBackendIdentityWhitelist) SetDeletionPolicy 

func (mg *AuthBackendIdentityWhitelist) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this AuthBackendIdentityWhitelist.

func (*AuthBackendIdentityWhitelist) SetManagementPolicies added in v0.2.0 

func (mg *AuthBackendIdentityWhitelist) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this AuthBackendIdentityWhitelist.

func (*AuthBackendIdentityWhitelist) SetObservation 

func (tr *AuthBackendIdentityWhitelist) SetObservation(obs map[string]any) error

SetObservation for this AuthBackendIdentityWhitelist

func (*AuthBackendIdentityWhitelist) SetParameters 

func (tr *AuthBackendIdentityWhitelist) SetParameters(params map[string]any) error

SetParameters for this AuthBackendIdentityWhitelist

func (*AuthBackendIdentityWhitelist) SetProviderConfigReference 

func (mg *AuthBackendIdentityWhitelist) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this AuthBackendIdentityWhitelist.

func (*AuthBackendIdentityWhitelist) SetProviderReference 

func (mg *AuthBackendIdentityWhitelist) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this AuthBackendIdentityWhitelist. Deprecated: Use SetProviderConfigReference.

func (*AuthBackendIdentityWhitelist) SetPublishConnectionDetailsTo 

func (mg *AuthBackendIdentityWhitelist) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this AuthBackendIdentityWhitelist.

func (*AuthBackendIdentityWhitelist) SetWriteConnectionSecretToReference 

func (mg *AuthBackendIdentityWhitelist) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this AuthBackendIdentityWhitelist.

type AuthBackendIdentityWhitelistInitParameters added in v0.2.0 

type AuthBackendIdentityWhitelistInitParameters struct {

	// The path of the AWS backend being configured.
	// Unique name of the auth backend to configure.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// If set to true, disables the periodic
	// tidying of the identity-whitelist entries.
	// If true, disables the periodic tidying of the identiy whitelist entries.
	DisablePeriodicTidy *bool `json:"disablePeriodicTidy,omitempty" tf:"disable_periodic_tidy,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The amount of extra time, in minutes, that must
	// have passed beyond the roletag expiration, before it is removed from the
	// backend storage.
	// The amount of extra time that must have passed beyond the roletag expiration, before it's removed from backend storage.
	SafetyBuffer *float64 `json:"safetyBuffer,omitempty" tf:"safety_buffer,omitempty"`
}

func (*AuthBackendIdentityWhitelistInitParameters) DeepCopy added in v0.2.0 

func (in *AuthBackendIdentityWhitelistInitParameters) DeepCopy() *AuthBackendIdentityWhitelistInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendIdentityWhitelistInitParameters.

func (*AuthBackendIdentityWhitelistInitParameters) DeepCopyInto added in v0.2.0 

func (in *AuthBackendIdentityWhitelistInitParameters) DeepCopyInto(out *AuthBackendIdentityWhitelistInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendIdentityWhitelistList 

type AuthBackendIdentityWhitelistList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AuthBackendIdentityWhitelist `json:"items"`
}

AuthBackendIdentityWhitelistList contains a list of AuthBackendIdentityWhitelists

func (*AuthBackendIdentityWhitelistList) DeepCopy 

func (in *AuthBackendIdentityWhitelistList) DeepCopy() *AuthBackendIdentityWhitelistList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendIdentityWhitelistList.

func (*AuthBackendIdentityWhitelistList) DeepCopyInto 

func (in *AuthBackendIdentityWhitelistList) DeepCopyInto(out *AuthBackendIdentityWhitelistList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendIdentityWhitelistList) DeepCopyObject 

func (in *AuthBackendIdentityWhitelistList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendIdentityWhitelistList) GetItems 

func (l *AuthBackendIdentityWhitelistList) GetItems() []resource.Managed

GetItems of this AuthBackendIdentityWhitelistList.

type AuthBackendIdentityWhitelistObservation 

type AuthBackendIdentityWhitelistObservation struct {

	// The path of the AWS backend being configured.
	// Unique name of the auth backend to configure.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// If set to true, disables the periodic
	// tidying of the identity-whitelist entries.
	// If true, disables the periodic tidying of the identiy whitelist entries.
	DisablePeriodicTidy *bool `json:"disablePeriodicTidy,omitempty" tf:"disable_periodic_tidy,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The amount of extra time, in minutes, that must
	// have passed beyond the roletag expiration, before it is removed from the
	// backend storage.
	// The amount of extra time that must have passed beyond the roletag expiration, before it's removed from backend storage.
	SafetyBuffer *float64 `json:"safetyBuffer,omitempty" tf:"safety_buffer,omitempty"`
}

func (*AuthBackendIdentityWhitelistObservation) DeepCopy 

func (in *AuthBackendIdentityWhitelistObservation) DeepCopy() *AuthBackendIdentityWhitelistObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendIdentityWhitelistObservation.

func (*AuthBackendIdentityWhitelistObservation) DeepCopyInto 

func (in *AuthBackendIdentityWhitelistObservation) DeepCopyInto(out *AuthBackendIdentityWhitelistObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendIdentityWhitelistParameters 

type AuthBackendIdentityWhitelistParameters struct {

	// The path of the AWS backend being configured.
	// Unique name of the auth backend to configure.
	// +kubebuilder:validation:Optional
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// If set to true, disables the periodic
	// tidying of the identity-whitelist entries.
	// If true, disables the periodic tidying of the identiy whitelist entries.
	// +kubebuilder:validation:Optional
	DisablePeriodicTidy *bool `json:"disablePeriodicTidy,omitempty" tf:"disable_periodic_tidy,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	// +kubebuilder:validation:Optional
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The amount of extra time, in minutes, that must
	// have passed beyond the roletag expiration, before it is removed from the
	// backend storage.
	// The amount of extra time that must have passed beyond the roletag expiration, before it's removed from backend storage.
	// +kubebuilder:validation:Optional
	SafetyBuffer *float64 `json:"safetyBuffer,omitempty" tf:"safety_buffer,omitempty"`
}

func (*AuthBackendIdentityWhitelistParameters) DeepCopy 

func (in *AuthBackendIdentityWhitelistParameters) DeepCopy() *AuthBackendIdentityWhitelistParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendIdentityWhitelistParameters.

func (*AuthBackendIdentityWhitelistParameters) DeepCopyInto 

func (in *AuthBackendIdentityWhitelistParameters) DeepCopyInto(out *AuthBackendIdentityWhitelistParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendIdentityWhitelistSpec 

type AuthBackendIdentityWhitelistSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     AuthBackendIdentityWhitelistParameters `json:"forProvider"`
	// THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored
	// unless the relevant Crossplane feature flag is enabled, and may be
	// changed or removed without notice.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider AuthBackendIdentityWhitelistInitParameters `json:"initProvider,omitempty"`
}

AuthBackendIdentityWhitelistSpec defines the desired state of AuthBackendIdentityWhitelist

func (*AuthBackendIdentityWhitelistSpec) DeepCopy 

func (in *AuthBackendIdentityWhitelistSpec) DeepCopy() *AuthBackendIdentityWhitelistSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendIdentityWhitelistSpec.

func (*AuthBackendIdentityWhitelistSpec) DeepCopyInto 

func (in *AuthBackendIdentityWhitelistSpec) DeepCopyInto(out *AuthBackendIdentityWhitelistSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendIdentityWhitelistStatus 

type AuthBackendIdentityWhitelistStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        AuthBackendIdentityWhitelistObservation `json:"atProvider,omitempty"`
}

AuthBackendIdentityWhitelistStatus defines the observed state of AuthBackendIdentityWhitelist.

func (*AuthBackendIdentityWhitelistStatus) DeepCopy 

func (in *AuthBackendIdentityWhitelistStatus) DeepCopy() *AuthBackendIdentityWhitelistStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendIdentityWhitelistStatus.

func (*AuthBackendIdentityWhitelistStatus) DeepCopyInto 

func (in *AuthBackendIdentityWhitelistStatus) DeepCopyInto(out *AuthBackendIdentityWhitelistStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendLogin 

type AuthBackendLogin struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              AuthBackendLoginSpec   `json:"spec"`
	Status            AuthBackendLoginStatus `json:"status,omitempty"`
}

AuthBackendLogin is the Schema for the AuthBackendLogins API. Manages Vault tokens acquired using the AWS auth backend. +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,vault}

func (*AuthBackendLogin) DeepCopy 

func (in *AuthBackendLogin) DeepCopy() *AuthBackendLogin

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendLogin.

func (*AuthBackendLogin) DeepCopyInto 

func (in *AuthBackendLogin) DeepCopyInto(out *AuthBackendLogin)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendLogin) DeepCopyObject 

func (in *AuthBackendLogin) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendLogin) GetCondition 

func (mg *AuthBackendLogin) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this AuthBackendLogin.

func (*AuthBackendLogin) GetConnectionDetailsMapping 

func (tr *AuthBackendLogin) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this AuthBackendLogin

func (*AuthBackendLogin) GetDeletionPolicy 

func (mg *AuthBackendLogin) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this AuthBackendLogin.

func (*AuthBackendLogin) GetID 

func (tr *AuthBackendLogin) GetID() string

GetID returns ID of underlying Terraform resource of this AuthBackendLogin

func (*AuthBackendLogin) GetInitParameters added in v0.2.0 

func (tr *AuthBackendLogin) GetInitParameters() (map[string]any, error)

GetInitParameters of this AuthBackendLogin

func (*AuthBackendLogin) GetManagementPolicies added in v0.2.0 

func (mg *AuthBackendLogin) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this AuthBackendLogin.

func (*AuthBackendLogin) GetObservation 

func (tr *AuthBackendLogin) GetObservation() (map[string]any, error)

GetObservation of this AuthBackendLogin

func (*AuthBackendLogin) GetParameters 

func (tr *AuthBackendLogin) GetParameters() (map[string]any, error)

GetParameters of this AuthBackendLogin

func (*AuthBackendLogin) GetProviderConfigReference 

func (mg *AuthBackendLogin) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this AuthBackendLogin.

func (*AuthBackendLogin) GetProviderReference 

func (mg *AuthBackendLogin) GetProviderReference() *xpv1.Reference

GetProviderReference of this AuthBackendLogin. Deprecated: Use GetProviderConfigReference.

func (*AuthBackendLogin) GetPublishConnectionDetailsTo 

func (mg *AuthBackendLogin) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this AuthBackendLogin.

func (*AuthBackendLogin) GetTerraformResourceType 

func (mg *AuthBackendLogin) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this AuthBackendLogin

func (*AuthBackendLogin) GetTerraformSchemaVersion 

func (tr *AuthBackendLogin) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*AuthBackendLogin) GetWriteConnectionSecretToReference 

func (mg *AuthBackendLogin) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this AuthBackendLogin.

func (*AuthBackendLogin) LateInitialize 

func (tr *AuthBackendLogin) LateInitialize(attrs []byte) (bool, error)

LateInitialize this AuthBackendLogin using its observed tfState. returns True if there are any spec changes for the resource.

func (*AuthBackendLogin) SetConditions 

func (mg *AuthBackendLogin) SetConditions(c ...xpv1.Condition)

SetConditions of this AuthBackendLogin.

func (*AuthBackendLogin) SetDeletionPolicy 

func (mg *AuthBackendLogin) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this AuthBackendLogin.

func (*AuthBackendLogin) SetManagementPolicies added in v0.2.0 

func (mg *AuthBackendLogin) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this AuthBackendLogin.

func (*AuthBackendLogin) SetObservation 

func (tr *AuthBackendLogin) SetObservation(obs map[string]any) error

SetObservation for this AuthBackendLogin

func (*AuthBackendLogin) SetParameters 

func (tr *AuthBackendLogin) SetParameters(params map[string]any) error

SetParameters for this AuthBackendLogin

func (*AuthBackendLogin) SetProviderConfigReference 

func (mg *AuthBackendLogin) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this AuthBackendLogin.

func (*AuthBackendLogin) SetProviderReference 

func (mg *AuthBackendLogin) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this AuthBackendLogin. Deprecated: Use SetProviderConfigReference.

func (*AuthBackendLogin) SetPublishConnectionDetailsTo 

func (mg *AuthBackendLogin) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this AuthBackendLogin.

func (*AuthBackendLogin) SetWriteConnectionSecretToReference 

func (mg *AuthBackendLogin) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this AuthBackendLogin.

type AuthBackendLoginInitParameters added in v0.2.0 

type AuthBackendLoginInitParameters struct {

	// The unique name of the AWS auth backend. Defaults to
	// 'aws'.
	// AWS Auth Backend to read the token from.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// The HTTP method used in the signed IAM
	// request.
	// The HTTP method used in the signed request.
	IAMHTTPRequestMethod *string `json:"iamHttpRequestMethod,omitempty" tf:"iam_http_request_method,omitempty"`

	// The base64-encoded body of the signed
	// request.
	// The Base64-encoded body of the signed request.
	IAMRequestBody *string `json:"iamRequestBody,omitempty" tf:"iam_request_body,omitempty"`

	// The base64-encoded, JSON serialized
	// representation of the GetCallerIdentity HTTP request headers.
	// The Base64-encoded, JSON serialized representation of the sts:GetCallerIdentity HTTP request headers.
	IAMRequestHeaders *string `json:"iamRequestHeaders,omitempty" tf:"iam_request_headers,omitempty"`

	// The base64-encoded HTTP URL used in the signed
	// request.
	// The Base64-encoded HTTP URL used in the signed request.
	IAMRequestURL *string `json:"iamRequestUrl,omitempty" tf:"iam_request_url,omitempty"`

	// The base64-encoded EC2 instance identity document to
	// authenticate with. Can be retrieved from the EC2 metadata server.
	// Base64-encoded EC2 instance identity document to authenticate with.
	Identity *string `json:"identity,omitempty" tf:"identity,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The unique nonce to be used for login requests. Can be
	// set to a user-specified value, or will contain the server-generated value
	// once a token is issued. EC2 instances can only acquire a single token until
	// the whitelist is tidied again unless they keep track of this nonce.
	// The nonce to be used for subsequent login requests.
	Nonce *string `json:"nonce,omitempty" tf:"nonce,omitempty"`

	// The PKCS#7 signature of the identity document to
	// authenticate with, with all newline characters removed. Can be retrieved from
	// the EC2 metadata server.
	// PKCS7 signature of the identity document to authenticate with, with all newline characters removed.
	Pkcs7 *string `json:"pkcs7,omitempty" tf:"pkcs7,omitempty"`

	// The name of the AWS auth backend role to create tokens
	// against.
	// AWS Auth Role to read the token from.
	Role *string `json:"role,omitempty" tf:"role,omitempty"`

	// The base64-encoded SHA256 RSA signature of the
	// instance identity document to authenticate with, with all newline characters
	// removed. Can be retrieved from the EC2 metadata server.
	// Base64-encoded SHA256 RSA signature of the instance identtiy document to authenticate with.
	Signature *string `json:"signature,omitempty" tf:"signature,omitempty"`
}

func (*AuthBackendLoginInitParameters) DeepCopy added in v0.2.0 

func (in *AuthBackendLoginInitParameters) DeepCopy() *AuthBackendLoginInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendLoginInitParameters.

func (*AuthBackendLoginInitParameters) DeepCopyInto added in v0.2.0 

func (in *AuthBackendLoginInitParameters) DeepCopyInto(out *AuthBackendLoginInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendLoginList 

type AuthBackendLoginList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AuthBackendLogin `json:"items"`
}

AuthBackendLoginList contains a list of AuthBackendLogins

func (*AuthBackendLoginList) DeepCopy 

func (in *AuthBackendLoginList) DeepCopy() *AuthBackendLoginList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendLoginList.

func (*AuthBackendLoginList) DeepCopyInto 

func (in *AuthBackendLoginList) DeepCopyInto(out *AuthBackendLoginList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendLoginList) DeepCopyObject 

func (in *AuthBackendLoginList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendLoginList) GetItems 

func (l *AuthBackendLoginList) GetItems() []resource.Managed

GetItems of this AuthBackendLoginList.

type AuthBackendLoginObservation 

type AuthBackendLoginObservation struct {

	// The token's accessor.
	// The accessor returned from Vault for this token.
	Accessor *string `json:"accessor,omitempty" tf:"accessor,omitempty"`

	// The authentication type used to generate this token.
	// The auth method used to generate this token.
	AuthType *string `json:"authType,omitempty" tf:"auth_type,omitempty"`

	// The unique name of the AWS auth backend. Defaults to
	// 'aws'.
	// AWS Auth Backend to read the token from.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// The HTTP method used in the signed IAM
	// request.
	// The HTTP method used in the signed request.
	IAMHTTPRequestMethod *string `json:"iamHttpRequestMethod,omitempty" tf:"iam_http_request_method,omitempty"`

	// The base64-encoded body of the signed
	// request.
	// The Base64-encoded body of the signed request.
	IAMRequestBody *string `json:"iamRequestBody,omitempty" tf:"iam_request_body,omitempty"`

	// The base64-encoded, JSON serialized
	// representation of the GetCallerIdentity HTTP request headers.
	// The Base64-encoded, JSON serialized representation of the sts:GetCallerIdentity HTTP request headers.
	IAMRequestHeaders *string `json:"iamRequestHeaders,omitempty" tf:"iam_request_headers,omitempty"`

	// The base64-encoded HTTP URL used in the signed
	// request.
	// The Base64-encoded HTTP URL used in the signed request.
	IAMRequestURL *string `json:"iamRequestUrl,omitempty" tf:"iam_request_url,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The base64-encoded EC2 instance identity document to
	// authenticate with. Can be retrieved from the EC2 metadata server.
	// Base64-encoded EC2 instance identity document to authenticate with.
	Identity *string `json:"identity,omitempty" tf:"identity,omitempty"`

	// The duration in seconds the token will be valid, relative
	// to the time in lease_start_time.
	// Lease duration in seconds relative to the time in lease_start_time.
	LeaseDuration *float64 `json:"leaseDuration,omitempty" tf:"lease_duration,omitempty"`

	// the approximate time at which the token was created,
	// using the clock of the system where Upbound official provider was running.
	// time at which the lease was read, using the clock of the system where Upbound official provider was running
	LeaseStartTime *string `json:"leaseStartTime,omitempty" tf:"lease_start_time,omitempty"`

	// A map of information returned by the Vault server about the
	// authentication used to generate this token.
	// The metadata reported by the Vault server.
	Metadata map[string]*string `json:"metadata,omitempty" tf:"metadata,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The unique nonce to be used for login requests. Can be
	// set to a user-specified value, or will contain the server-generated value
	// once a token is issued. EC2 instances can only acquire a single token until
	// the whitelist is tidied again unless they keep track of this nonce.
	// The nonce to be used for subsequent login requests.
	Nonce *string `json:"nonce,omitempty" tf:"nonce,omitempty"`

	// The PKCS#7 signature of the identity document to
	// authenticate with, with all newline characters removed. Can be retrieved from
	// the EC2 metadata server.
	// PKCS7 signature of the identity document to authenticate with, with all newline characters removed.
	Pkcs7 *string `json:"pkcs7,omitempty" tf:"pkcs7,omitempty"`

	// The Vault policies assigned to this token.
	// The policies assigned to this token.
	Policies []*string `json:"policies,omitempty" tf:"policies,omitempty"`

	// Set to true if the token can be extended through renewal.
	// True if the duration of this lease can be extended through renewal.
	Renewable *bool `json:"renewable,omitempty" tf:"renewable,omitempty"`

	// The name of the AWS auth backend role to create tokens
	// against.
	// AWS Auth Role to read the token from.
	Role *string `json:"role,omitempty" tf:"role,omitempty"`

	// The base64-encoded SHA256 RSA signature of the
	// instance identity document to authenticate with, with all newline characters
	// removed. Can be retrieved from the EC2 metadata server.
	// Base64-encoded SHA256 RSA signature of the instance identtiy document to authenticate with.
	Signature *string `json:"signature,omitempty" tf:"signature,omitempty"`
}

func (*AuthBackendLoginObservation) DeepCopy 

func (in *AuthBackendLoginObservation) DeepCopy() *AuthBackendLoginObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendLoginObservation.

func (*AuthBackendLoginObservation) DeepCopyInto 

func (in *AuthBackendLoginObservation) DeepCopyInto(out *AuthBackendLoginObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendLoginParameters 

type AuthBackendLoginParameters struct {

	// The unique name of the AWS auth backend. Defaults to
	// 'aws'.
	// AWS Auth Backend to read the token from.
	// +kubebuilder:validation:Optional
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// The HTTP method used in the signed IAM
	// request.
	// The HTTP method used in the signed request.
	// +kubebuilder:validation:Optional
	IAMHTTPRequestMethod *string `json:"iamHttpRequestMethod,omitempty" tf:"iam_http_request_method,omitempty"`

	// The base64-encoded body of the signed
	// request.
	// The Base64-encoded body of the signed request.
	// +kubebuilder:validation:Optional
	IAMRequestBody *string `json:"iamRequestBody,omitempty" tf:"iam_request_body,omitempty"`

	// The base64-encoded, JSON serialized
	// representation of the GetCallerIdentity HTTP request headers.
	// The Base64-encoded, JSON serialized representation of the sts:GetCallerIdentity HTTP request headers.
	// +kubebuilder:validation:Optional
	IAMRequestHeaders *string `json:"iamRequestHeaders,omitempty" tf:"iam_request_headers,omitempty"`

	// The base64-encoded HTTP URL used in the signed
	// request.
	// The Base64-encoded HTTP URL used in the signed request.
	// +kubebuilder:validation:Optional
	IAMRequestURL *string `json:"iamRequestUrl,omitempty" tf:"iam_request_url,omitempty"`

	// The base64-encoded EC2 instance identity document to
	// authenticate with. Can be retrieved from the EC2 metadata server.
	// Base64-encoded EC2 instance identity document to authenticate with.
	// +kubebuilder:validation:Optional
	Identity *string `json:"identity,omitempty" tf:"identity,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	// +kubebuilder:validation:Optional
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The unique nonce to be used for login requests. Can be
	// set to a user-specified value, or will contain the server-generated value
	// once a token is issued. EC2 instances can only acquire a single token until
	// the whitelist is tidied again unless they keep track of this nonce.
	// The nonce to be used for subsequent login requests.
	// +kubebuilder:validation:Optional
	Nonce *string `json:"nonce,omitempty" tf:"nonce,omitempty"`

	// The PKCS#7 signature of the identity document to
	// authenticate with, with all newline characters removed. Can be retrieved from
	// the EC2 metadata server.
	// PKCS7 signature of the identity document to authenticate with, with all newline characters removed.
	// +kubebuilder:validation:Optional
	Pkcs7 *string `json:"pkcs7,omitempty" tf:"pkcs7,omitempty"`

	// The name of the AWS auth backend role to create tokens
	// against.
	// AWS Auth Role to read the token from.
	// +kubebuilder:validation:Optional
	Role *string `json:"role,omitempty" tf:"role,omitempty"`

	// The base64-encoded SHA256 RSA signature of the
	// instance identity document to authenticate with, with all newline characters
	// removed. Can be retrieved from the EC2 metadata server.
	// Base64-encoded SHA256 RSA signature of the instance identtiy document to authenticate with.
	// +kubebuilder:validation:Optional
	Signature *string `json:"signature,omitempty" tf:"signature,omitempty"`
}

func (*AuthBackendLoginParameters) DeepCopy 

func (in *AuthBackendLoginParameters) DeepCopy() *AuthBackendLoginParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendLoginParameters.

func (*AuthBackendLoginParameters) DeepCopyInto 

func (in *AuthBackendLoginParameters) DeepCopyInto(out *AuthBackendLoginParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendLoginSpec 

type AuthBackendLoginSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     AuthBackendLoginParameters `json:"forProvider"`
	// THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored
	// unless the relevant Crossplane feature flag is enabled, and may be
	// changed or removed without notice.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider AuthBackendLoginInitParameters `json:"initProvider,omitempty"`
}

AuthBackendLoginSpec defines the desired state of AuthBackendLogin

func (*AuthBackendLoginSpec) DeepCopy 

func (in *AuthBackendLoginSpec) DeepCopy() *AuthBackendLoginSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendLoginSpec.

func (*AuthBackendLoginSpec) DeepCopyInto 

func (in *AuthBackendLoginSpec) DeepCopyInto(out *AuthBackendLoginSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendLoginStatus 

type AuthBackendLoginStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        AuthBackendLoginObservation `json:"atProvider,omitempty"`
}

AuthBackendLoginStatus defines the observed state of AuthBackendLogin.

func (*AuthBackendLoginStatus) DeepCopy 

func (in *AuthBackendLoginStatus) DeepCopy() *AuthBackendLoginStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendLoginStatus.

func (*AuthBackendLoginStatus) DeepCopyInto 

func (in *AuthBackendLoginStatus) DeepCopyInto(out *AuthBackendLoginStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRole 

type AuthBackendRole struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.role) || has(self.initProvider.role)",message="role is a required parameter"
	Spec   AuthBackendRoleSpec   `json:"spec"`
	Status AuthBackendRoleStatus `json:"status,omitempty"`
}

AuthBackendRole is the Schema for the AuthBackendRoles API. Manages AWS auth backend roles in Vault. +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,vault}

func (*AuthBackendRole) DeepCopy 

func (in *AuthBackendRole) DeepCopy() *AuthBackendRole

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRole.

func (*AuthBackendRole) DeepCopyInto 

func (in *AuthBackendRole) DeepCopyInto(out *AuthBackendRole)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendRole) DeepCopyObject 

func (in *AuthBackendRole) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendRole) GetCondition 

func (mg *AuthBackendRole) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this AuthBackendRole.

func (*AuthBackendRole) GetConnectionDetailsMapping 

func (tr *AuthBackendRole) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this AuthBackendRole

func (*AuthBackendRole) GetDeletionPolicy 

func (mg *AuthBackendRole) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this AuthBackendRole.

func (*AuthBackendRole) GetID 

func (tr *AuthBackendRole) GetID() string

GetID returns ID of underlying Terraform resource of this AuthBackendRole

func (*AuthBackendRole) GetInitParameters added in v0.2.0 

func (tr *AuthBackendRole) GetInitParameters() (map[string]any, error)

GetInitParameters of this AuthBackendRole

func (*AuthBackendRole) GetManagementPolicies added in v0.2.0 

func (mg *AuthBackendRole) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this AuthBackendRole.

func (*AuthBackendRole) GetObservation 

func (tr *AuthBackendRole) GetObservation() (map[string]any, error)

GetObservation of this AuthBackendRole

func (*AuthBackendRole) GetParameters 

func (tr *AuthBackendRole) GetParameters() (map[string]any, error)

GetParameters of this AuthBackendRole

func (*AuthBackendRole) GetProviderConfigReference 

func (mg *AuthBackendRole) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this AuthBackendRole.

func (*AuthBackendRole) GetProviderReference 

func (mg *AuthBackendRole) GetProviderReference() *xpv1.Reference

GetProviderReference of this AuthBackendRole. Deprecated: Use GetProviderConfigReference.

func (*AuthBackendRole) GetPublishConnectionDetailsTo 

func (mg *AuthBackendRole) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this AuthBackendRole.

func (*AuthBackendRole) GetTerraformResourceType 

func (mg *AuthBackendRole) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this AuthBackendRole

func (*AuthBackendRole) GetTerraformSchemaVersion 

func (tr *AuthBackendRole) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*AuthBackendRole) GetWriteConnectionSecretToReference 

func (mg *AuthBackendRole) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this AuthBackendRole.

func (*AuthBackendRole) LateInitialize 

func (tr *AuthBackendRole) LateInitialize(attrs []byte) (bool, error)

LateInitialize this AuthBackendRole using its observed tfState. returns True if there are any spec changes for the resource.

func (*AuthBackendRole) SetConditions 

func (mg *AuthBackendRole) SetConditions(c ...xpv1.Condition)

SetConditions of this AuthBackendRole.

func (*AuthBackendRole) SetDeletionPolicy 

func (mg *AuthBackendRole) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this AuthBackendRole.

func (*AuthBackendRole) SetManagementPolicies added in v0.2.0 

func (mg *AuthBackendRole) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this AuthBackendRole.

func (*AuthBackendRole) SetObservation 

func (tr *AuthBackendRole) SetObservation(obs map[string]any) error

SetObservation for this AuthBackendRole

func (*AuthBackendRole) SetParameters 

func (tr *AuthBackendRole) SetParameters(params map[string]any) error

SetParameters for this AuthBackendRole

func (*AuthBackendRole) SetProviderConfigReference 

func (mg *AuthBackendRole) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this AuthBackendRole.

func (*AuthBackendRole) SetProviderReference 

func (mg *AuthBackendRole) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this AuthBackendRole. Deprecated: Use SetProviderConfigReference.

func (*AuthBackendRole) SetPublishConnectionDetailsTo 

func (mg *AuthBackendRole) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this AuthBackendRole.

func (*AuthBackendRole) SetWriteConnectionSecretToReference 

func (mg *AuthBackendRole) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this AuthBackendRole.

type AuthBackendRoleInitParameters added in v0.2.0 

type AuthBackendRoleInitParameters struct {

	// If set to true, allows migration of
	// the underlying instance where the client resides.
	// When true, allows migration of the underlying instance where the client resides. Use with caution.
	AllowInstanceMigration *bool `json:"allowInstanceMigration,omitempty" tf:"allow_instance_migration,omitempty"`

	// The auth type permitted for this role. Valid choices
	// are ec2 and iam. Defaults to iam.
	// The auth type permitted for this role.
	AuthType *string `json:"authType,omitempty" tf:"auth_type,omitempty"`

	// Path to the mounted aws auth backend.
	// Unique name of the auth backend to configure.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// If set, defines a constraint on the EC2 instances
	// that can perform the login operation that they should be using the AMI ID
	// specified by this field. auth_type must be set to ec2 or
	// inferred_entity_type must be set to ec2_instance to use this constraint.
	// Only EC2 instances using this AMI ID will be permitted to log in.
	BoundAMIIds []*string `json:"boundAmiIds,omitempty" tf:"bound_ami_ids,omitempty"`

	// If set, defines a constraint on the EC2
	// instances that can perform the login operation that they should be using the
	// account ID specified by this field. auth_type must be set to ec2 or
	// inferred_entity_type must be set to ec2_instance to use this constraint.
	// Only EC2 instances with this account ID in their identity document will be permitted to log in.
	BoundAccountIds []*string `json:"boundAccountIds,omitempty" tf:"bound_account_ids,omitempty"`

	// Only EC2 instances that match this instance ID will be permitted to log in.
	BoundEC2InstanceIds []*string `json:"boundEc2InstanceIds,omitempty" tf:"bound_ec2_instance_ids,omitempty"`

	// If set, defines a constraint on
	// the EC2 instances that can perform the login operation that they must be
	// associated with an IAM instance profile ARN which has a prefix that matches
	// the value specified by this field. The value is prefix-matched as though it
	// were a glob ending in *. auth_type must be set to ec2 or
	// inferred_entity_type must be set to ec2_instance to use this constraint.
	// Only EC2 instances associated with an IAM instance profile ARN that matches this value will be permitted to log in.
	BoundIAMInstanceProfileArns []*string `json:"boundIamInstanceProfileArns,omitempty" tf:"bound_iam_instance_profile_arns,omitempty"`

	// If set, defines the IAM principal that
	// must be authenticated when auth_type is set to iam. Wildcards are
	// supported at the end of the ARN.
	// The IAM principal that must be authenticated using the iam auth method.
	BoundIAMPrincipalArns []*string `json:"boundIamPrincipalArns,omitempty" tf:"bound_iam_principal_arns,omitempty"`

	// If set, defines a constraint on the EC2
	// instances that can perform the login operation that they must match the IAM
	// role ARN specified by this field. auth_type must be set to ec2 or
	// inferred_entity_type must be set to ec2_instance to use this constraint.
	// Only EC2 instances that match this IAM role ARN will be permitted to log in.
	BoundIAMRoleArns []*string `json:"boundIamRoleArns,omitempty" tf:"bound_iam_role_arns,omitempty"`

	// If set, defines a constraint on the EC2 instances
	// that can perform the login operation that the region in their identity
	// document must match the one specified by this field. auth_type must be set
	// to ec2 or inferred_entity_type must be set to ec2_instance to use this
	// constraint.
	// Only EC2 instances in this region will be permitted to log in.
	BoundRegions []*string `json:"boundRegions,omitempty" tf:"bound_regions,omitempty"`

	// If set, defines a constraint on the EC2
	// instances that can perform the login operation that they be associated with
	// the subnet ID that matches the value specified by this field. auth_type
	// must be set to ec2 or inferred_entity_type must be set to ec2_instance
	// to use this constraint.
	// Only EC2 instances associated with this subnet ID will be permitted to log in.
	BoundSubnetIds []*string `json:"boundSubnetIds,omitempty" tf:"bound_subnet_ids,omitempty"`

	// If set, defines a constraint on the EC2 instances
	// that can perform the login operation that they be associated with the VPC ID
	// that matches the value specified by this field. auth_type must be set to
	// ec2 or inferred_entity_type must be set to ec2_instance to use this
	// constraint.
	// Only EC2 instances associated with this VPC ID will be permitted to log in.
	BoundVPCIds []*string `json:"boundVpcIds,omitempty" tf:"bound_vpc_ids,omitempty"`

	// IF set to true, only allows a
	// single token to be granted per instance ID. This can only be set when
	// auth_type is set to ec2.
	// When true, only allows a single token to be granted per instance ID.
	DisallowReauthentication *bool `json:"disallowReauthentication,omitempty" tf:"disallow_reauthentication,omitempty"`

	// When inferred_entity_type is set, this
	// is the region to search for the inferred entities. Required if
	// inferred_entity_type is set. This only applies when auth_type is set to
	// iam.
	// The region to search for the inferred entities in.
	InferredAwsRegion *string `json:"inferredAwsRegion,omitempty" tf:"inferred_aws_region,omitempty"`

	// If set, instructs Vault to turn on
	// inferencing. The only valid value is ec2_instance, which instructs Vault to
	// infer that the role comes from an EC2 instance in an IAM instance profile.
	// This only applies when auth_type is set to iam.
	// The type of inferencing Vault should do.
	InferredEntityType *string `json:"inferredEntityType,omitempty" tf:"inferred_entity_type,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// Only valid when
	// auth_type is iam. If set to true, the bound_iam_principal_arns are
	// resolved to AWS Unique
	// IDs
	// for the bound principal ARN. This field is ignored when a
	// bound_iam_principal_arn ends in a wildcard. Resolving to unique IDs more
	// closely mimics the behavior of AWS services in that if an IAM user or role is
	// deleted and a new one is recreated with the same name, those new users or
	// roles won't get access to roles in Vault that were permissioned to the prior
	// principals of the same name. Defaults to true.
	// Once set to true, this cannot be changed to false without recreating the role.
	// Whether or not Vault should resolve the bound_iam_principal_arn to an AWS Unique ID. When true, deleting a principal and recreating it with the same name won't automatically grant the new principal the same roles in Vault that the old principal had.
	ResolveAwsUniqueIds *bool `json:"resolveAwsUniqueIds,omitempty" tf:"resolve_aws_unique_ids,omitempty"`

	// The name of the role.
	// Name of the role.
	Role *string `json:"role,omitempty" tf:"role,omitempty"`

	// If set, enable role tags for this role. The value set
	// for this field should be the key of the tag on the EC2 instance. auth_type
	// must be set to ec2 or inferred_entity_type must be set to ec2_instance
	// to use this constraint.
	// The key of the tag on EC2 instance to use for role tags.
	RoleTag *string `json:"roleTag,omitempty" tf:"role_tag,omitempty"`

	// List of CIDR blocks; if set, specifies blocks of IP
	// addresses which can authenticate successfully, and ties the resulting token to these blocks
	// as well.
	// Specifies the blocks of IP addresses which are allowed to use the generated token
	TokenBoundCidrs []*string `json:"tokenBoundCidrs,omitempty" tf:"token_bound_cidrs,omitempty"`

	// If set, will encode an
	// explicit max TTL
	// onto the token in number of seconds. This is a hard cap even if token_ttl and
	// token_max_ttl would otherwise allow a renewal.
	// Generated Token's Explicit Maximum TTL in seconds
	TokenExplicitMaxTTL *float64 `json:"tokenExplicitMaxTtl,omitempty" tf:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	// The maximum lifetime of the generated token
	TokenMaxTTL *float64 `json:"tokenMaxTtl,omitempty" tf:"token_max_ttl,omitempty"`

	// If set, the default policy will not be set on
	// generated tokens; otherwise it will be added to the policies set in token_policies.
	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy *bool `json:"tokenNoDefaultPolicy,omitempty" tf:"token_no_default_policy,omitempty"`

	// The maximum number
	// of times a generated token may be used (within its lifetime); 0 means unlimited.
	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses *float64 `json:"tokenNumUses,omitempty" tf:"token_num_uses,omitempty"`

	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	// Generated Token's Period
	TokenPeriod *float64 `json:"tokenPeriod,omitempty" tf:"token_period,omitempty"`

	// List of policies to encode onto generated tokens. Depending
	// on the auth method, this list may be supplemented by user/group/other values.
	// Generated Token's Policies
	TokenPolicies []*string `json:"tokenPolicies,omitempty" tf:"token_policies,omitempty"`

	// The incremental lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	// The initial ttl of the token to generate in seconds
	TokenTTL *float64 `json:"tokenTtl,omitempty" tf:"token_ttl,omitempty"`

	// The type of token that should be generated. Can be service,
	// batch, or default to use the mount's tuned default (which unless changed will be
	// service tokens). For token store roles, there are two additional possibilities:
	// default-service and default-batch which specify the type to return unless the client
	// requests a different type at generation time.
	// The type of token to generate, service or batch
	TokenType *string `json:"tokenType,omitempty" tf:"token_type,omitempty"`
}

func (*AuthBackendRoleInitParameters) DeepCopy added in v0.2.0 

func (in *AuthBackendRoleInitParameters) DeepCopy() *AuthBackendRoleInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleInitParameters.

func (*AuthBackendRoleInitParameters) DeepCopyInto added in v0.2.0 

func (in *AuthBackendRoleInitParameters) DeepCopyInto(out *AuthBackendRoleInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoleList 

type AuthBackendRoleList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AuthBackendRole `json:"items"`
}

AuthBackendRoleList contains a list of AuthBackendRoles

func (*AuthBackendRoleList) DeepCopy 

func (in *AuthBackendRoleList) DeepCopy() *AuthBackendRoleList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleList.

func (*AuthBackendRoleList) DeepCopyInto 

func (in *AuthBackendRoleList) DeepCopyInto(out *AuthBackendRoleList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendRoleList) DeepCopyObject 

func (in *AuthBackendRoleList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendRoleList) GetItems 

func (l *AuthBackendRoleList) GetItems() []resource.Managed

GetItems of this AuthBackendRoleList.

type AuthBackendRoleObservation 

type AuthBackendRoleObservation struct {

	// If set to true, allows migration of
	// the underlying instance where the client resides.
	// When true, allows migration of the underlying instance where the client resides. Use with caution.
	AllowInstanceMigration *bool `json:"allowInstanceMigration,omitempty" tf:"allow_instance_migration,omitempty"`

	// The auth type permitted for this role. Valid choices
	// are ec2 and iam. Defaults to iam.
	// The auth type permitted for this role.
	AuthType *string `json:"authType,omitempty" tf:"auth_type,omitempty"`

	// Path to the mounted aws auth backend.
	// Unique name of the auth backend to configure.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// If set, defines a constraint on the EC2 instances
	// that can perform the login operation that they should be using the AMI ID
	// specified by this field. auth_type must be set to ec2 or
	// inferred_entity_type must be set to ec2_instance to use this constraint.
	// Only EC2 instances using this AMI ID will be permitted to log in.
	BoundAMIIds []*string `json:"boundAmiIds,omitempty" tf:"bound_ami_ids,omitempty"`

	// If set, defines a constraint on the EC2
	// instances that can perform the login operation that they should be using the
	// account ID specified by this field. auth_type must be set to ec2 or
	// inferred_entity_type must be set to ec2_instance to use this constraint.
	// Only EC2 instances with this account ID in their identity document will be permitted to log in.
	BoundAccountIds []*string `json:"boundAccountIds,omitempty" tf:"bound_account_ids,omitempty"`

	// Only EC2 instances that match this instance ID will be permitted to log in.
	BoundEC2InstanceIds []*string `json:"boundEc2InstanceIds,omitempty" tf:"bound_ec2_instance_ids,omitempty"`

	// If set, defines a constraint on
	// the EC2 instances that can perform the login operation that they must be
	// associated with an IAM instance profile ARN which has a prefix that matches
	// the value specified by this field. The value is prefix-matched as though it
	// were a glob ending in *. auth_type must be set to ec2 or
	// inferred_entity_type must be set to ec2_instance to use this constraint.
	// Only EC2 instances associated with an IAM instance profile ARN that matches this value will be permitted to log in.
	BoundIAMInstanceProfileArns []*string `json:"boundIamInstanceProfileArns,omitempty" tf:"bound_iam_instance_profile_arns,omitempty"`

	// If set, defines the IAM principal that
	// must be authenticated when auth_type is set to iam. Wildcards are
	// supported at the end of the ARN.
	// The IAM principal that must be authenticated using the iam auth method.
	BoundIAMPrincipalArns []*string `json:"boundIamPrincipalArns,omitempty" tf:"bound_iam_principal_arns,omitempty"`

	// If set, defines a constraint on the EC2
	// instances that can perform the login operation that they must match the IAM
	// role ARN specified by this field. auth_type must be set to ec2 or
	// inferred_entity_type must be set to ec2_instance to use this constraint.
	// Only EC2 instances that match this IAM role ARN will be permitted to log in.
	BoundIAMRoleArns []*string `json:"boundIamRoleArns,omitempty" tf:"bound_iam_role_arns,omitempty"`

	// If set, defines a constraint on the EC2 instances
	// that can perform the login operation that the region in their identity
	// document must match the one specified by this field. auth_type must be set
	// to ec2 or inferred_entity_type must be set to ec2_instance to use this
	// constraint.
	// Only EC2 instances in this region will be permitted to log in.
	BoundRegions []*string `json:"boundRegions,omitempty" tf:"bound_regions,omitempty"`

	// If set, defines a constraint on the EC2
	// instances that can perform the login operation that they be associated with
	// the subnet ID that matches the value specified by this field. auth_type
	// must be set to ec2 or inferred_entity_type must be set to ec2_instance
	// to use this constraint.
	// Only EC2 instances associated with this subnet ID will be permitted to log in.
	BoundSubnetIds []*string `json:"boundSubnetIds,omitempty" tf:"bound_subnet_ids,omitempty"`

	// If set, defines a constraint on the EC2 instances
	// that can perform the login operation that they be associated with the VPC ID
	// that matches the value specified by this field. auth_type must be set to
	// ec2 or inferred_entity_type must be set to ec2_instance to use this
	// constraint.
	// Only EC2 instances associated with this VPC ID will be permitted to log in.
	BoundVPCIds []*string `json:"boundVpcIds,omitempty" tf:"bound_vpc_ids,omitempty"`

	// IF set to true, only allows a
	// single token to be granted per instance ID. This can only be set when
	// auth_type is set to ec2.
	// When true, only allows a single token to be granted per instance ID.
	DisallowReauthentication *bool `json:"disallowReauthentication,omitempty" tf:"disallow_reauthentication,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// When inferred_entity_type is set, this
	// is the region to search for the inferred entities. Required if
	// inferred_entity_type is set. This only applies when auth_type is set to
	// iam.
	// The region to search for the inferred entities in.
	InferredAwsRegion *string `json:"inferredAwsRegion,omitempty" tf:"inferred_aws_region,omitempty"`

	// If set, instructs Vault to turn on
	// inferencing. The only valid value is ec2_instance, which instructs Vault to
	// infer that the role comes from an EC2 instance in an IAM instance profile.
	// This only applies when auth_type is set to iam.
	// The type of inferencing Vault should do.
	InferredEntityType *string `json:"inferredEntityType,omitempty" tf:"inferred_entity_type,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// Only valid when
	// auth_type is iam. If set to true, the bound_iam_principal_arns are
	// resolved to AWS Unique
	// IDs
	// for the bound principal ARN. This field is ignored when a
	// bound_iam_principal_arn ends in a wildcard. Resolving to unique IDs more
	// closely mimics the behavior of AWS services in that if an IAM user or role is
	// deleted and a new one is recreated with the same name, those new users or
	// roles won't get access to roles in Vault that were permissioned to the prior
	// principals of the same name. Defaults to true.
	// Once set to true, this cannot be changed to false without recreating the role.
	// Whether or not Vault should resolve the bound_iam_principal_arn to an AWS Unique ID. When true, deleting a principal and recreating it with the same name won't automatically grant the new principal the same roles in Vault that the old principal had.
	ResolveAwsUniqueIds *bool `json:"resolveAwsUniqueIds,omitempty" tf:"resolve_aws_unique_ids,omitempty"`

	// The name of the role.
	// Name of the role.
	Role *string `json:"role,omitempty" tf:"role,omitempty"`

	// The Vault generated role ID.
	// The Vault generated role ID.
	RoleID *string `json:"roleId,omitempty" tf:"role_id,omitempty"`

	// If set, enable role tags for this role. The value set
	// for this field should be the key of the tag on the EC2 instance. auth_type
	// must be set to ec2 or inferred_entity_type must be set to ec2_instance
	// to use this constraint.
	// The key of the tag on EC2 instance to use for role tags.
	RoleTag *string `json:"roleTag,omitempty" tf:"role_tag,omitempty"`

	// List of CIDR blocks; if set, specifies blocks of IP
	// addresses which can authenticate successfully, and ties the resulting token to these blocks
	// as well.
	// Specifies the blocks of IP addresses which are allowed to use the generated token
	TokenBoundCidrs []*string `json:"tokenBoundCidrs,omitempty" tf:"token_bound_cidrs,omitempty"`

	// If set, will encode an
	// explicit max TTL
	// onto the token in number of seconds. This is a hard cap even if token_ttl and
	// token_max_ttl would otherwise allow a renewal.
	// Generated Token's Explicit Maximum TTL in seconds
	TokenExplicitMaxTTL *float64 `json:"tokenExplicitMaxTtl,omitempty" tf:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	// The maximum lifetime of the generated token
	TokenMaxTTL *float64 `json:"tokenMaxTtl,omitempty" tf:"token_max_ttl,omitempty"`

	// If set, the default policy will not be set on
	// generated tokens; otherwise it will be added to the policies set in token_policies.
	// If true, the 'default' policy will not automatically be added to generated tokens
	TokenNoDefaultPolicy *bool `json:"tokenNoDefaultPolicy,omitempty" tf:"token_no_default_policy,omitempty"`

	// The maximum number
	// of times a generated token may be used (within its lifetime); 0 means unlimited.
	// The maximum number of times a token may be used, a value of zero means unlimited
	TokenNumUses *float64 `json:"tokenNumUses,omitempty" tf:"token_num_uses,omitempty"`

	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	// Generated Token's Period
	TokenPeriod *float64 `json:"tokenPeriod,omitempty" tf:"token_period,omitempty"`

	// List of policies to encode onto generated tokens. Depending
	// on the auth method, this list may be supplemented by user/group/other values.
	// Generated Token's Policies
	TokenPolicies []*string `json:"tokenPolicies,omitempty" tf:"token_policies,omitempty"`

	// The incremental lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	// The initial ttl of the token to generate in seconds
	TokenTTL *float64 `json:"tokenTtl,omitempty" tf:"token_ttl,omitempty"`

	// The type of token that should be generated. Can be service,
	// batch, or default to use the mount's tuned default (which unless changed will be
	// service tokens). For token store roles, there are two additional possibilities:
	// default-service and default-batch which specify the type to return unless the client
	// requests a different type at generation time.
	// The type of token to generate, service or batch
	TokenType *string `json:"tokenType,omitempty" tf:"token_type,omitempty"`
}

func (*AuthBackendRoleObservation) DeepCopy 

func (in *AuthBackendRoleObservation) DeepCopy() *AuthBackendRoleObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleObservation.

func (*AuthBackendRoleObservation) DeepCopyInto 

func (in *AuthBackendRoleObservation) DeepCopyInto(out *AuthBackendRoleObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoleParameters 

type AuthBackendRoleParameters struct {

	// If set to true, allows migration of
	// the underlying instance where the client resides.
	// When true, allows migration of the underlying instance where the client resides. Use with caution.
	// +kubebuilder:validation:Optional
	AllowInstanceMigration *bool `json:"allowInstanceMigration,omitempty" tf:"allow_instance_migration,omitempty"`

	// The auth type permitted for this role. Valid choices
	// are ec2 and iam. Defaults to iam.
	// The auth type permitted for this role.
	// +kubebuilder:validation:Optional
	AuthType *string `json:"authType,omitempty" tf:"auth_type,omitempty"`

	// Path to the mounted aws auth backend.
	// Unique name of the auth backend to configure.
	// +kubebuilder:validation:Optional
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// If set, defines a constraint on the EC2 instances
	// that can perform the login operation that they should be using the AMI ID
	// specified by this field. auth_type must be set to ec2 or
	// inferred_entity_type must be set to ec2_instance to use this constraint.
	// Only EC2 instances using this AMI ID will be permitted to log in.
	// +kubebuilder:validation:Optional
	BoundAMIIds []*string `json:"boundAmiIds,omitempty" tf:"bound_ami_ids,omitempty"`

	// If set, defines a constraint on the EC2
	// instances that can perform the login operation that they should be using the
	// account ID specified by this field. auth_type must be set to ec2 or
	// inferred_entity_type must be set to ec2_instance to use this constraint.
	// Only EC2 instances with this account ID in their identity document will be permitted to log in.
	// +kubebuilder:validation:Optional
	BoundAccountIds []*string `json:"boundAccountIds,omitempty" tf:"bound_account_ids,omitempty"`

	// Only EC2 instances that match this instance ID will be permitted to log in.
	// +kubebuilder:validation:Optional
	BoundEC2InstanceIds []*string `json:"boundEc2InstanceIds,omitempty" tf:"bound_ec2_instance_ids,omitempty"`

	// If set, defines a constraint on
	// the EC2 instances that can perform the login operation that they must be
	// associated with an IAM instance profile ARN which has a prefix that matches
	// the value specified by this field. The value is prefix-matched as though it
	// were a glob ending in *. auth_type must be set to ec2 or
	// inferred_entity_type must be set to ec2_instance to use this constraint.
	// Only EC2 instances associated with an IAM instance profile ARN that matches this value will be permitted to log in.
	// +kubebuilder:validation:Optional
	BoundIAMInstanceProfileArns []*string `json:"boundIamInstanceProfileArns,omitempty" tf:"bound_iam_instance_profile_arns,omitempty"`

	// If set, defines the IAM principal that
	// must be authenticated when auth_type is set to iam. Wildcards are
	// supported at the end of the ARN.
	// The IAM principal that must be authenticated using the iam auth method.
	// +kubebuilder:validation:Optional
	BoundIAMPrincipalArns []*string `json:"boundIamPrincipalArns,omitempty" tf:"bound_iam_principal_arns,omitempty"`

	// If set, defines a constraint on the EC2
	// instances that can perform the login operation that they must match the IAM
	// role ARN specified by this field. auth_type must be set to ec2 or
	// inferred_entity_type must be set to ec2_instance to use this constraint.
	// Only EC2 instances that match this IAM role ARN will be permitted to log in.
	// +kubebuilder:validation:Optional
	BoundIAMRoleArns []*string `json:"boundIamRoleArns,omitempty" tf:"bound_iam_role_arns,omitempty"`

	// If set, defines a constraint on the EC2 instances
	// that can perform the login operation that the region in their identity
	// document must match the one specified by this field. auth_type must be set
	// to ec2 or inferred_entity_type must be set to ec2_instance to use this
	// constraint.
	// Only EC2 instances in this region will be permitted to log in.
	// +kubebuilder:validation:Optional
	BoundRegions []*string `json:"boundRegions,omitempty" tf:"bound_regions,omitempty"`

	// If set, defines a constraint on the EC2
	// instances that can perform the login operation that they be associated with
	// the subnet ID that matches the value specified by this field. auth_type
	// must be set to ec2 or inferred_entity_type must be set to ec2_instance
	// to use this constraint.
	// Only EC2 instances associated with this subnet ID will be permitted to log in.
	// +kubebuilder:validation:Optional
	BoundSubnetIds []*string `json:"boundSubnetIds,omitempty" tf:"bound_subnet_ids,omitempty"`

	// If set, defines a constraint on the EC2 instances
	// that can perform the login operation that they be associated with the VPC ID
	// that matches the value specified by this field. auth_type must be set to
	// ec2 or inferred_entity_type must be set to ec2_instance to use this
	// constraint.
	// Only EC2 instances associated with this VPC ID will be permitted to log in.
	// +kubebuilder:validation:Optional
	BoundVPCIds []*string `json:"boundVpcIds,omitempty" tf:"bound_vpc_ids,omitempty"`

	// IF set to true, only allows a
	// single token to be granted per instance ID. This can only be set when
	// auth_type is set to ec2.
	// When true, only allows a single token to be granted per instance ID.
	// +kubebuilder:validation:Optional
	DisallowReauthentication *bool `json:"disallowReauthentication,omitempty" tf:"disallow_reauthentication,omitempty"`

	// When inferred_entity_type is set, this
	// is the region to search for the inferred entities. Required if
	// inferred_entity_type is set. This only applies when auth_type is set to
	// iam.
	// The region to search for the inferred entities in.
	// +kubebuilder:validation:Optional
	InferredAwsRegion *string `json:"inferredAwsRegion,omitempty" tf:"inferred_aws_region,omitempty"`

	// If set, instructs Vault to turn on
	// inferencing. The only valid value is ec2_instance, which instructs Vault to
	// infer that the role comes from an EC2 instance in an IAM instance profile.
	// This only applies when auth_type is set to iam.
	// The type of inferencing Vault should do.
	// +kubebuilder:validation:Optional
	InferredEntityType *string `json:"inferredEntityType,omitempty" tf:"inferred_entity_type,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	// +kubebuilder:validation:Optional
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// Only valid when
	// auth_type is iam. If set to true, the bound_iam_principal_arns are
	// resolved to AWS Unique
	// IDs
	// for the bound principal ARN. This field is ignored when a
	// bound_iam_principal_arn ends in a wildcard. Resolving to unique IDs more
	// closely mimics the behavior of AWS services in that if an IAM user or role is
	// deleted and a new one is recreated with the same name, those new users or
	// roles won't get access to roles in Vault that were permissioned to the prior
	// principals of the same name. Defaults to true.
	// Once set to true, this cannot be changed to false without recreating the role.
	// Whether or not Vault should resolve the bound_iam_principal_arn to an AWS Unique ID. When true, deleting a principal and recreating it with the same name won't automatically grant the new principal the same roles in Vault that the old principal had.
	// +kubebuilder:validation:Optional
	ResolveAwsUniqueIds *bool `json:"resolveAwsUniqueIds,omitempty" tf:"resolve_aws_unique_ids,omitempty"`

	// The name of the role.
	// Name of the role.
	// +kubebuilder:validation:Optional
	Role *string `json:"role,omitempty" tf:"role,omitempty"`

	// If set, enable role tags for this role. The value set
	// for this field should be the key of the tag on the EC2 instance. auth_type
	// must be set to ec2 or inferred_entity_type must be set to ec2_instance
	// to use this constraint.
	// The key of the tag on EC2 instance to use for role tags.
	// +kubebuilder:validation:Optional
	RoleTag *string `json:"roleTag,omitempty" tf:"role_tag,omitempty"`

	// List of CIDR blocks; if set, specifies blocks of IP
	// addresses which can authenticate successfully, and ties the resulting token to these blocks
	// as well.
	// Specifies the blocks of IP addresses which are allowed to use the generated token
	// +kubebuilder:validation:Optional
	TokenBoundCidrs []*string `json:"tokenBoundCidrs,omitempty" tf:"token_bound_cidrs,omitempty"`

	// If set, will encode an
	// explicit max TTL
	// onto the token in number of seconds. This is a hard cap even if token_ttl and
	// token_max_ttl would otherwise allow a renewal.
	// Generated Token's Explicit Maximum TTL in seconds
	// +kubebuilder:validation:Optional
	TokenExplicitMaxTTL *float64 `json:"tokenExplicitMaxTtl,omitempty" tf:"token_explicit_max_ttl,omitempty"`

	// The maximum lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	// The maximum lifetime of the generated token
	// +kubebuilder:validation:Optional
	TokenMaxTTL *float64 `json:"tokenMaxTtl,omitempty" tf:"token_max_ttl,omitempty"`

	// If set, the default policy will not be set on
	// generated tokens; otherwise it will be added to the policies set in token_policies.
	// If true, the 'default' policy will not automatically be added to generated tokens
	// +kubebuilder:validation:Optional
	TokenNoDefaultPolicy *bool `json:"tokenNoDefaultPolicy,omitempty" tf:"token_no_default_policy,omitempty"`

	// The maximum number
	// of times a generated token may be used (within its lifetime); 0 means unlimited.
	// The maximum number of times a token may be used, a value of zero means unlimited
	// +kubebuilder:validation:Optional
	TokenNumUses *float64 `json:"tokenNumUses,omitempty" tf:"token_num_uses,omitempty"`

	// If set, indicates that the
	// token generated using this role should never expire. The token should be renewed within the
	// duration specified by this value. At each renewal, the token's TTL will be set to the
	// value of this field. Specified in seconds.
	// Generated Token's Period
	// +kubebuilder:validation:Optional
	TokenPeriod *float64 `json:"tokenPeriod,omitempty" tf:"token_period,omitempty"`

	// List of policies to encode onto generated tokens. Depending
	// on the auth method, this list may be supplemented by user/group/other values.
	// Generated Token's Policies
	// +kubebuilder:validation:Optional
	TokenPolicies []*string `json:"tokenPolicies,omitempty" tf:"token_policies,omitempty"`

	// The incremental lifetime for generated tokens in number of seconds.
	// Its current value will be referenced at renewal time.
	// The initial ttl of the token to generate in seconds
	// +kubebuilder:validation:Optional
	TokenTTL *float64 `json:"tokenTtl,omitempty" tf:"token_ttl,omitempty"`

	// The type of token that should be generated. Can be service,
	// batch, or default to use the mount's tuned default (which unless changed will be
	// service tokens). For token store roles, there are two additional possibilities:
	// default-service and default-batch which specify the type to return unless the client
	// requests a different type at generation time.
	// The type of token to generate, service or batch
	// +kubebuilder:validation:Optional
	TokenType *string `json:"tokenType,omitempty" tf:"token_type,omitempty"`
}

func (*AuthBackendRoleParameters) DeepCopy 

func (in *AuthBackendRoleParameters) DeepCopy() *AuthBackendRoleParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleParameters.

func (*AuthBackendRoleParameters) DeepCopyInto 

func (in *AuthBackendRoleParameters) DeepCopyInto(out *AuthBackendRoleParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoleSpec 

type AuthBackendRoleSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     AuthBackendRoleParameters `json:"forProvider"`
	// THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored
	// unless the relevant Crossplane feature flag is enabled, and may be
	// changed or removed without notice.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider AuthBackendRoleInitParameters `json:"initProvider,omitempty"`
}

AuthBackendRoleSpec defines the desired state of AuthBackendRole

func (*AuthBackendRoleSpec) DeepCopy 

func (in *AuthBackendRoleSpec) DeepCopy() *AuthBackendRoleSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleSpec.

func (*AuthBackendRoleSpec) DeepCopyInto 

func (in *AuthBackendRoleSpec) DeepCopyInto(out *AuthBackendRoleSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoleStatus 

type AuthBackendRoleStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        AuthBackendRoleObservation `json:"atProvider,omitempty"`
}

AuthBackendRoleStatus defines the observed state of AuthBackendRole.

func (*AuthBackendRoleStatus) DeepCopy 

func (in *AuthBackendRoleStatus) DeepCopy() *AuthBackendRoleStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleStatus.

func (*AuthBackendRoleStatus) DeepCopyInto 

func (in *AuthBackendRoleStatus) DeepCopyInto(out *AuthBackendRoleStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoleTag 

type AuthBackendRoleTag struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.role) || has(self.initProvider.role)",message="role is a required parameter"
	Spec   AuthBackendRoleTagSpec   `json:"spec"`
	Status AuthBackendRoleTagStatus `json:"status,omitempty"`
}

AuthBackendRoleTag is the Schema for the AuthBackendRoleTags API. Reads role tags from a Vault AWS auth backend. +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,vault}

func (*AuthBackendRoleTag) DeepCopy 

func (in *AuthBackendRoleTag) DeepCopy() *AuthBackendRoleTag

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleTag.

func (*AuthBackendRoleTag) DeepCopyInto 

func (in *AuthBackendRoleTag) DeepCopyInto(out *AuthBackendRoleTag)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendRoleTag) DeepCopyObject 

func (in *AuthBackendRoleTag) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendRoleTag) GetCondition 

func (mg *AuthBackendRoleTag) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this AuthBackendRoleTag.

func (*AuthBackendRoleTag) GetConnectionDetailsMapping 

func (tr *AuthBackendRoleTag) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this AuthBackendRoleTag

func (*AuthBackendRoleTag) GetDeletionPolicy 

func (mg *AuthBackendRoleTag) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this AuthBackendRoleTag.

func (*AuthBackendRoleTag) GetID 

func (tr *AuthBackendRoleTag) GetID() string

GetID returns ID of underlying Terraform resource of this AuthBackendRoleTag

func (*AuthBackendRoleTag) GetInitParameters added in v0.2.0 

func (tr *AuthBackendRoleTag) GetInitParameters() (map[string]any, error)

GetInitParameters of this AuthBackendRoleTag

func (*AuthBackendRoleTag) GetManagementPolicies added in v0.2.0 

func (mg *AuthBackendRoleTag) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this AuthBackendRoleTag.

func (*AuthBackendRoleTag) GetObservation 

func (tr *AuthBackendRoleTag) GetObservation() (map[string]any, error)

GetObservation of this AuthBackendRoleTag

func (*AuthBackendRoleTag) GetParameters 

func (tr *AuthBackendRoleTag) GetParameters() (map[string]any, error)

GetParameters of this AuthBackendRoleTag

func (*AuthBackendRoleTag) GetProviderConfigReference 

func (mg *AuthBackendRoleTag) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this AuthBackendRoleTag.

func (*AuthBackendRoleTag) GetProviderReference 

func (mg *AuthBackendRoleTag) GetProviderReference() *xpv1.Reference

GetProviderReference of this AuthBackendRoleTag. Deprecated: Use GetProviderConfigReference.

func (*AuthBackendRoleTag) GetPublishConnectionDetailsTo 

func (mg *AuthBackendRoleTag) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this AuthBackendRoleTag.

func (*AuthBackendRoleTag) GetTerraformResourceType 

func (mg *AuthBackendRoleTag) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this AuthBackendRoleTag

func (*AuthBackendRoleTag) GetTerraformSchemaVersion 

func (tr *AuthBackendRoleTag) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*AuthBackendRoleTag) GetWriteConnectionSecretToReference 

func (mg *AuthBackendRoleTag) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this AuthBackendRoleTag.

func (*AuthBackendRoleTag) LateInitialize 

func (tr *AuthBackendRoleTag) LateInitialize(attrs []byte) (bool, error)

LateInitialize this AuthBackendRoleTag using its observed tfState. returns True if there are any spec changes for the resource.

func (*AuthBackendRoleTag) SetConditions 

func (mg *AuthBackendRoleTag) SetConditions(c ...xpv1.Condition)

SetConditions of this AuthBackendRoleTag.

func (*AuthBackendRoleTag) SetDeletionPolicy 

func (mg *AuthBackendRoleTag) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this AuthBackendRoleTag.

func (*AuthBackendRoleTag) SetManagementPolicies added in v0.2.0 

func (mg *AuthBackendRoleTag) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this AuthBackendRoleTag.

func (*AuthBackendRoleTag) SetObservation 

func (tr *AuthBackendRoleTag) SetObservation(obs map[string]any) error

SetObservation for this AuthBackendRoleTag

func (*AuthBackendRoleTag) SetParameters 

func (tr *AuthBackendRoleTag) SetParameters(params map[string]any) error

SetParameters for this AuthBackendRoleTag

func (*AuthBackendRoleTag) SetProviderConfigReference 

func (mg *AuthBackendRoleTag) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this AuthBackendRoleTag.

func (*AuthBackendRoleTag) SetProviderReference 

func (mg *AuthBackendRoleTag) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this AuthBackendRoleTag. Deprecated: Use SetProviderConfigReference.

func (*AuthBackendRoleTag) SetPublishConnectionDetailsTo 

func (mg *AuthBackendRoleTag) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this AuthBackendRoleTag.

func (*AuthBackendRoleTag) SetWriteConnectionSecretToReference 

func (mg *AuthBackendRoleTag) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this AuthBackendRoleTag.

type AuthBackendRoleTagInitParameters added in v0.2.0 

type AuthBackendRoleTagInitParameters struct {

	// If set, allows migration of the underlying instances where the client resides. Use with caution.
	// Allows migration of the underlying instance where the client resides.
	AllowInstanceMigration *bool `json:"allowInstanceMigration,omitempty" tf:"allow_instance_migration,omitempty"`

	// The path to the AWS auth backend to
	// read role tags from, with no leading or trailing /s. Defaults to "aws".
	// AWS auth backend to read tags from.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// If set, only allows a single token to be granted per instance ID.
	// Only allow a single token to be granted per instance ID.
	DisallowReauthentication *bool `json:"disallowReauthentication,omitempty" tf:"disallow_reauthentication,omitempty"`

	// Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID.
	// Instance ID for which this tag is intended. The created tag can only be used by the instance with the given ID.
	InstanceID *string `json:"instanceId,omitempty" tf:"instance_id,omitempty"`

	// The maximum TTL of the tokens issued using this role.
	// The maximum allowed lifetime of tokens issued using this role.
	MaxTTL *string `json:"maxTtl,omitempty" tf:"max_ttl,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The policies to be associated with the tag. Must be a subset of the policies associated with the role.
	// Policies to be associated with the tag.
	Policies []*string `json:"policies,omitempty" tf:"policies,omitempty"`

	// The name of the AWS auth backend role to read
	// role tags from, with no leading or trailing /s.
	// Name of the role.
	Role *string `json:"role,omitempty" tf:"role,omitempty"`
}

func (*AuthBackendRoleTagInitParameters) DeepCopy added in v0.2.0 

func (in *AuthBackendRoleTagInitParameters) DeepCopy() *AuthBackendRoleTagInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleTagInitParameters.

func (*AuthBackendRoleTagInitParameters) DeepCopyInto added in v0.2.0 

func (in *AuthBackendRoleTagInitParameters) DeepCopyInto(out *AuthBackendRoleTagInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoleTagList 

type AuthBackendRoleTagList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AuthBackendRoleTag `json:"items"`
}

AuthBackendRoleTagList contains a list of AuthBackendRoleTags

func (*AuthBackendRoleTagList) DeepCopy 

func (in *AuthBackendRoleTagList) DeepCopy() *AuthBackendRoleTagList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleTagList.

func (*AuthBackendRoleTagList) DeepCopyInto 

func (in *AuthBackendRoleTagList) DeepCopyInto(out *AuthBackendRoleTagList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendRoleTagList) DeepCopyObject 

func (in *AuthBackendRoleTagList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendRoleTagList) GetItems 

func (l *AuthBackendRoleTagList) GetItems() []resource.Managed

GetItems of this AuthBackendRoleTagList.

type AuthBackendRoleTagObservation 

type AuthBackendRoleTagObservation struct {

	// If set, allows migration of the underlying instances where the client resides. Use with caution.
	// Allows migration of the underlying instance where the client resides.
	AllowInstanceMigration *bool `json:"allowInstanceMigration,omitempty" tf:"allow_instance_migration,omitempty"`

	// The path to the AWS auth backend to
	// read role tags from, with no leading or trailing /s. Defaults to "aws".
	// AWS auth backend to read tags from.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// If set, only allows a single token to be granted per instance ID.
	// Only allow a single token to be granted per instance ID.
	DisallowReauthentication *bool `json:"disallowReauthentication,omitempty" tf:"disallow_reauthentication,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID.
	// Instance ID for which this tag is intended. The created tag can only be used by the instance with the given ID.
	InstanceID *string `json:"instanceId,omitempty" tf:"instance_id,omitempty"`

	// The maximum TTL of the tokens issued using this role.
	// The maximum allowed lifetime of tokens issued using this role.
	MaxTTL *string `json:"maxTtl,omitempty" tf:"max_ttl,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The policies to be associated with the tag. Must be a subset of the policies associated with the role.
	// Policies to be associated with the tag.
	Policies []*string `json:"policies,omitempty" tf:"policies,omitempty"`

	// The name of the AWS auth backend role to read
	// role tags from, with no leading or trailing /s.
	// Name of the role.
	Role *string `json:"role,omitempty" tf:"role,omitempty"`

	// The key of the role tag.
	TagKey *string `json:"tagKey,omitempty" tf:"tag_key,omitempty"`

	// The value to set the role key.
	TagValue *string `json:"tagValue,omitempty" tf:"tag_value,omitempty"`
}

func (*AuthBackendRoleTagObservation) DeepCopy 

func (in *AuthBackendRoleTagObservation) DeepCopy() *AuthBackendRoleTagObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleTagObservation.

func (*AuthBackendRoleTagObservation) DeepCopyInto 

func (in *AuthBackendRoleTagObservation) DeepCopyInto(out *AuthBackendRoleTagObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoleTagParameters 

type AuthBackendRoleTagParameters struct {

	// If set, allows migration of the underlying instances where the client resides. Use with caution.
	// Allows migration of the underlying instance where the client resides.
	// +kubebuilder:validation:Optional
	AllowInstanceMigration *bool `json:"allowInstanceMigration,omitempty" tf:"allow_instance_migration,omitempty"`

	// The path to the AWS auth backend to
	// read role tags from, with no leading or trailing /s. Defaults to "aws".
	// AWS auth backend to read tags from.
	// +kubebuilder:validation:Optional
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// If set, only allows a single token to be granted per instance ID.
	// Only allow a single token to be granted per instance ID.
	// +kubebuilder:validation:Optional
	DisallowReauthentication *bool `json:"disallowReauthentication,omitempty" tf:"disallow_reauthentication,omitempty"`

	// Instance ID for which this tag is intended for. If set, the created tag can only be used by the instance with the given ID.
	// Instance ID for which this tag is intended. The created tag can only be used by the instance with the given ID.
	// +kubebuilder:validation:Optional
	InstanceID *string `json:"instanceId,omitempty" tf:"instance_id,omitempty"`

	// The maximum TTL of the tokens issued using this role.
	// The maximum allowed lifetime of tokens issued using this role.
	// +kubebuilder:validation:Optional
	MaxTTL *string `json:"maxTtl,omitempty" tf:"max_ttl,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	// +kubebuilder:validation:Optional
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The policies to be associated with the tag. Must be a subset of the policies associated with the role.
	// Policies to be associated with the tag.
	// +kubebuilder:validation:Optional
	Policies []*string `json:"policies,omitempty" tf:"policies,omitempty"`

	// The name of the AWS auth backend role to read
	// role tags from, with no leading or trailing /s.
	// Name of the role.
	// +kubebuilder:validation:Optional
	Role *string `json:"role,omitempty" tf:"role,omitempty"`
}

func (*AuthBackendRoleTagParameters) DeepCopy 

func (in *AuthBackendRoleTagParameters) DeepCopy() *AuthBackendRoleTagParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleTagParameters.

func (*AuthBackendRoleTagParameters) DeepCopyInto 

func (in *AuthBackendRoleTagParameters) DeepCopyInto(out *AuthBackendRoleTagParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoleTagSpec 

type AuthBackendRoleTagSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     AuthBackendRoleTagParameters `json:"forProvider"`
	// THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored
	// unless the relevant Crossplane feature flag is enabled, and may be
	// changed or removed without notice.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider AuthBackendRoleTagInitParameters `json:"initProvider,omitempty"`
}

AuthBackendRoleTagSpec defines the desired state of AuthBackendRoleTag

func (*AuthBackendRoleTagSpec) DeepCopy 

func (in *AuthBackendRoleTagSpec) DeepCopy() *AuthBackendRoleTagSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleTagSpec.

func (*AuthBackendRoleTagSpec) DeepCopyInto 

func (in *AuthBackendRoleTagSpec) DeepCopyInto(out *AuthBackendRoleTagSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoleTagStatus 

type AuthBackendRoleTagStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        AuthBackendRoleTagObservation `json:"atProvider,omitempty"`
}

AuthBackendRoleTagStatus defines the observed state of AuthBackendRoleTag.

func (*AuthBackendRoleTagStatus) DeepCopy 

func (in *AuthBackendRoleTagStatus) DeepCopy() *AuthBackendRoleTagStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoleTagStatus.

func (*AuthBackendRoleTagStatus) DeepCopyInto 

func (in *AuthBackendRoleTagStatus) DeepCopyInto(out *AuthBackendRoleTagStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoletagBlacklist 

type AuthBackendRoletagBlacklist struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.backend) || has(self.initProvider.backend)",message="backend is a required parameter"
	Spec   AuthBackendRoletagBlacklistSpec   `json:"spec"`
	Status AuthBackendRoletagBlacklistStatus `json:"status,omitempty"`
}

AuthBackendRoletagBlacklist is the Schema for the AuthBackendRoletagBlacklists API. Configures the periodic tidying operation of the blacklisted role tag entries. +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,vault}

func (*AuthBackendRoletagBlacklist) DeepCopy 

func (in *AuthBackendRoletagBlacklist) DeepCopy() *AuthBackendRoletagBlacklist

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoletagBlacklist.

func (*AuthBackendRoletagBlacklist) DeepCopyInto 

func (in *AuthBackendRoletagBlacklist) DeepCopyInto(out *AuthBackendRoletagBlacklist)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendRoletagBlacklist) DeepCopyObject 

func (in *AuthBackendRoletagBlacklist) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendRoletagBlacklist) GetCondition 

func (mg *AuthBackendRoletagBlacklist) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this AuthBackendRoletagBlacklist.

func (*AuthBackendRoletagBlacklist) GetConnectionDetailsMapping 

func (tr *AuthBackendRoletagBlacklist) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this AuthBackendRoletagBlacklist

func (*AuthBackendRoletagBlacklist) GetDeletionPolicy 

func (mg *AuthBackendRoletagBlacklist) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this AuthBackendRoletagBlacklist.

func (*AuthBackendRoletagBlacklist) GetID 

func (tr *AuthBackendRoletagBlacklist) GetID() string

GetID returns ID of underlying Terraform resource of this AuthBackendRoletagBlacklist

func (*AuthBackendRoletagBlacklist) GetInitParameters added in v0.2.0 

func (tr *AuthBackendRoletagBlacklist) GetInitParameters() (map[string]any, error)

GetInitParameters of this AuthBackendRoletagBlacklist

func (*AuthBackendRoletagBlacklist) GetManagementPolicies added in v0.2.0 

func (mg *AuthBackendRoletagBlacklist) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this AuthBackendRoletagBlacklist.

func (*AuthBackendRoletagBlacklist) GetObservation 

func (tr *AuthBackendRoletagBlacklist) GetObservation() (map[string]any, error)

GetObservation of this AuthBackendRoletagBlacklist

func (*AuthBackendRoletagBlacklist) GetParameters 

func (tr *AuthBackendRoletagBlacklist) GetParameters() (map[string]any, error)

GetParameters of this AuthBackendRoletagBlacklist

func (*AuthBackendRoletagBlacklist) GetProviderConfigReference 

func (mg *AuthBackendRoletagBlacklist) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this AuthBackendRoletagBlacklist.

func (*AuthBackendRoletagBlacklist) GetProviderReference 

func (mg *AuthBackendRoletagBlacklist) GetProviderReference() *xpv1.Reference

GetProviderReference of this AuthBackendRoletagBlacklist. Deprecated: Use GetProviderConfigReference.

func (*AuthBackendRoletagBlacklist) GetPublishConnectionDetailsTo 

func (mg *AuthBackendRoletagBlacklist) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this AuthBackendRoletagBlacklist.

func (*AuthBackendRoletagBlacklist) GetTerraformResourceType 

func (mg *AuthBackendRoletagBlacklist) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this AuthBackendRoletagBlacklist

func (*AuthBackendRoletagBlacklist) GetTerraformSchemaVersion 

func (tr *AuthBackendRoletagBlacklist) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*AuthBackendRoletagBlacklist) GetWriteConnectionSecretToReference 

func (mg *AuthBackendRoletagBlacklist) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this AuthBackendRoletagBlacklist.

func (*AuthBackendRoletagBlacklist) LateInitialize 

func (tr *AuthBackendRoletagBlacklist) LateInitialize(attrs []byte) (bool, error)

LateInitialize this AuthBackendRoletagBlacklist using its observed tfState. returns True if there are any spec changes for the resource.

func (*AuthBackendRoletagBlacklist) SetConditions 

func (mg *AuthBackendRoletagBlacklist) SetConditions(c ...xpv1.Condition)

SetConditions of this AuthBackendRoletagBlacklist.

func (*AuthBackendRoletagBlacklist) SetDeletionPolicy 

func (mg *AuthBackendRoletagBlacklist) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this AuthBackendRoletagBlacklist.

func (*AuthBackendRoletagBlacklist) SetManagementPolicies added in v0.2.0 

func (mg *AuthBackendRoletagBlacklist) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this AuthBackendRoletagBlacklist.

func (*AuthBackendRoletagBlacklist) SetObservation 

func (tr *AuthBackendRoletagBlacklist) SetObservation(obs map[string]any) error

SetObservation for this AuthBackendRoletagBlacklist

func (*AuthBackendRoletagBlacklist) SetParameters 

func (tr *AuthBackendRoletagBlacklist) SetParameters(params map[string]any) error

SetParameters for this AuthBackendRoletagBlacklist

func (*AuthBackendRoletagBlacklist) SetProviderConfigReference 

func (mg *AuthBackendRoletagBlacklist) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this AuthBackendRoletagBlacklist.

func (*AuthBackendRoletagBlacklist) SetProviderReference 

func (mg *AuthBackendRoletagBlacklist) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this AuthBackendRoletagBlacklist. Deprecated: Use SetProviderConfigReference.

func (*AuthBackendRoletagBlacklist) SetPublishConnectionDetailsTo 

func (mg *AuthBackendRoletagBlacklist) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this AuthBackendRoletagBlacklist.

func (*AuthBackendRoletagBlacklist) SetWriteConnectionSecretToReference 

func (mg *AuthBackendRoletagBlacklist) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this AuthBackendRoletagBlacklist.

type AuthBackendRoletagBlacklistInitParameters added in v0.2.0 

type AuthBackendRoletagBlacklistInitParameters struct {

	// The path the AWS auth backend being configured was
	// mounted at.
	// Unique name of the auth backend to configure.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// If set to true, disables the periodic
	// tidying of the roletag blacklist entries. Defaults to false.
	// If true, disables the periodic tidying of the roletag blacklist entries.
	DisablePeriodicTidy *bool `json:"disablePeriodicTidy,omitempty" tf:"disable_periodic_tidy,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The amount of extra time that must have passed
	// beyond the roletag expiration, before it is removed from the backend storage.
	// Defaults to 259,200 seconds, or 72 hours.
	// The amount of extra time that must have passed beyond the roletag expiration, before it's removed from backend storage.
	SafetyBuffer *float64 `json:"safetyBuffer,omitempty" tf:"safety_buffer,omitempty"`
}

func (*AuthBackendRoletagBlacklistInitParameters) DeepCopy added in v0.2.0 

func (in *AuthBackendRoletagBlacklistInitParameters) DeepCopy() *AuthBackendRoletagBlacklistInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoletagBlacklistInitParameters.

func (*AuthBackendRoletagBlacklistInitParameters) DeepCopyInto added in v0.2.0 

func (in *AuthBackendRoletagBlacklistInitParameters) DeepCopyInto(out *AuthBackendRoletagBlacklistInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoletagBlacklistList 

type AuthBackendRoletagBlacklistList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AuthBackendRoletagBlacklist `json:"items"`
}

AuthBackendRoletagBlacklistList contains a list of AuthBackendRoletagBlacklists

func (*AuthBackendRoletagBlacklistList) DeepCopy 

func (in *AuthBackendRoletagBlacklistList) DeepCopy() *AuthBackendRoletagBlacklistList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoletagBlacklistList.

func (*AuthBackendRoletagBlacklistList) DeepCopyInto 

func (in *AuthBackendRoletagBlacklistList) DeepCopyInto(out *AuthBackendRoletagBlacklistList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendRoletagBlacklistList) DeepCopyObject 

func (in *AuthBackendRoletagBlacklistList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendRoletagBlacklistList) GetItems 

func (l *AuthBackendRoletagBlacklistList) GetItems() []resource.Managed

GetItems of this AuthBackendRoletagBlacklistList.

type AuthBackendRoletagBlacklistObservation 

type AuthBackendRoletagBlacklistObservation struct {

	// The path the AWS auth backend being configured was
	// mounted at.
	// Unique name of the auth backend to configure.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// If set to true, disables the periodic
	// tidying of the roletag blacklist entries. Defaults to false.
	// If true, disables the periodic tidying of the roletag blacklist entries.
	DisablePeriodicTidy *bool `json:"disablePeriodicTidy,omitempty" tf:"disable_periodic_tidy,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The amount of extra time that must have passed
	// beyond the roletag expiration, before it is removed from the backend storage.
	// Defaults to 259,200 seconds, or 72 hours.
	// The amount of extra time that must have passed beyond the roletag expiration, before it's removed from backend storage.
	SafetyBuffer *float64 `json:"safetyBuffer,omitempty" tf:"safety_buffer,omitempty"`
}

func (*AuthBackendRoletagBlacklistObservation) DeepCopy 

func (in *AuthBackendRoletagBlacklistObservation) DeepCopy() *AuthBackendRoletagBlacklistObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoletagBlacklistObservation.

func (*AuthBackendRoletagBlacklistObservation) DeepCopyInto 

func (in *AuthBackendRoletagBlacklistObservation) DeepCopyInto(out *AuthBackendRoletagBlacklistObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoletagBlacklistParameters 

type AuthBackendRoletagBlacklistParameters struct {

	// The path the AWS auth backend being configured was
	// mounted at.
	// Unique name of the auth backend to configure.
	// +kubebuilder:validation:Optional
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// If set to true, disables the periodic
	// tidying of the roletag blacklist entries. Defaults to false.
	// If true, disables the periodic tidying of the roletag blacklist entries.
	// +kubebuilder:validation:Optional
	DisablePeriodicTidy *bool `json:"disablePeriodicTidy,omitempty" tf:"disable_periodic_tidy,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	// +kubebuilder:validation:Optional
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The amount of extra time that must have passed
	// beyond the roletag expiration, before it is removed from the backend storage.
	// Defaults to 259,200 seconds, or 72 hours.
	// The amount of extra time that must have passed beyond the roletag expiration, before it's removed from backend storage.
	// +kubebuilder:validation:Optional
	SafetyBuffer *float64 `json:"safetyBuffer,omitempty" tf:"safety_buffer,omitempty"`
}

func (*AuthBackendRoletagBlacklistParameters) DeepCopy 

func (in *AuthBackendRoletagBlacklistParameters) DeepCopy() *AuthBackendRoletagBlacklistParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoletagBlacklistParameters.

func (*AuthBackendRoletagBlacklistParameters) DeepCopyInto 

func (in *AuthBackendRoletagBlacklistParameters) DeepCopyInto(out *AuthBackendRoletagBlacklistParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoletagBlacklistSpec 

type AuthBackendRoletagBlacklistSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     AuthBackendRoletagBlacklistParameters `json:"forProvider"`
	// THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored
	// unless the relevant Crossplane feature flag is enabled, and may be
	// changed or removed without notice.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider AuthBackendRoletagBlacklistInitParameters `json:"initProvider,omitempty"`
}

AuthBackendRoletagBlacklistSpec defines the desired state of AuthBackendRoletagBlacklist

func (*AuthBackendRoletagBlacklistSpec) DeepCopy 

func (in *AuthBackendRoletagBlacklistSpec) DeepCopy() *AuthBackendRoletagBlacklistSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoletagBlacklistSpec.

func (*AuthBackendRoletagBlacklistSpec) DeepCopyInto 

func (in *AuthBackendRoletagBlacklistSpec) DeepCopyInto(out *AuthBackendRoletagBlacklistSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendRoletagBlacklistStatus 

type AuthBackendRoletagBlacklistStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        AuthBackendRoletagBlacklistObservation `json:"atProvider,omitempty"`
}

AuthBackendRoletagBlacklistStatus defines the observed state of AuthBackendRoletagBlacklist.

func (*AuthBackendRoletagBlacklistStatus) DeepCopy 

func (in *AuthBackendRoletagBlacklistStatus) DeepCopy() *AuthBackendRoletagBlacklistStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendRoletagBlacklistStatus.

func (*AuthBackendRoletagBlacklistStatus) DeepCopyInto 

func (in *AuthBackendRoletagBlacklistStatus) DeepCopyInto(out *AuthBackendRoletagBlacklistStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendStsRole 

type AuthBackendStsRole struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.accountId) || has(self.initProvider.accountId)",message="accountId is a required parameter"
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.stsRole) || has(self.initProvider.stsRole)",message="stsRole is a required parameter"
	Spec   AuthBackendStsRoleSpec   `json:"spec"`
	Status AuthBackendStsRoleStatus `json:"status,omitempty"`
}

AuthBackendStsRole is the Schema for the AuthBackendStsRoles API. Configures an STS role in the Vault AWS Auth backend. +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,vault}

func (*AuthBackendStsRole) DeepCopy 

func (in *AuthBackendStsRole) DeepCopy() *AuthBackendStsRole

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendStsRole.

func (*AuthBackendStsRole) DeepCopyInto 

func (in *AuthBackendStsRole) DeepCopyInto(out *AuthBackendStsRole)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendStsRole) DeepCopyObject 

func (in *AuthBackendStsRole) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendStsRole) GetCondition 

func (mg *AuthBackendStsRole) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this AuthBackendStsRole.

func (*AuthBackendStsRole) GetConnectionDetailsMapping 

func (tr *AuthBackendStsRole) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this AuthBackendStsRole

func (*AuthBackendStsRole) GetDeletionPolicy 

func (mg *AuthBackendStsRole) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this AuthBackendStsRole.

func (*AuthBackendStsRole) GetID 

func (tr *AuthBackendStsRole) GetID() string

GetID returns ID of underlying Terraform resource of this AuthBackendStsRole

func (*AuthBackendStsRole) GetInitParameters added in v0.2.0 

func (tr *AuthBackendStsRole) GetInitParameters() (map[string]any, error)

GetInitParameters of this AuthBackendStsRole

func (*AuthBackendStsRole) GetManagementPolicies added in v0.2.0 

func (mg *AuthBackendStsRole) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this AuthBackendStsRole.

func (*AuthBackendStsRole) GetObservation 

func (tr *AuthBackendStsRole) GetObservation() (map[string]any, error)

GetObservation of this AuthBackendStsRole

func (*AuthBackendStsRole) GetParameters 

func (tr *AuthBackendStsRole) GetParameters() (map[string]any, error)

GetParameters of this AuthBackendStsRole

func (*AuthBackendStsRole) GetProviderConfigReference 

func (mg *AuthBackendStsRole) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this AuthBackendStsRole.

func (*AuthBackendStsRole) GetProviderReference 

func (mg *AuthBackendStsRole) GetProviderReference() *xpv1.Reference

GetProviderReference of this AuthBackendStsRole. Deprecated: Use GetProviderConfigReference.

func (*AuthBackendStsRole) GetPublishConnectionDetailsTo 

func (mg *AuthBackendStsRole) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this AuthBackendStsRole.

func (*AuthBackendStsRole) GetTerraformResourceType 

func (mg *AuthBackendStsRole) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this AuthBackendStsRole

func (*AuthBackendStsRole) GetTerraformSchemaVersion 

func (tr *AuthBackendStsRole) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*AuthBackendStsRole) GetWriteConnectionSecretToReference 

func (mg *AuthBackendStsRole) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this AuthBackendStsRole.

func (*AuthBackendStsRole) LateInitialize 

func (tr *AuthBackendStsRole) LateInitialize(attrs []byte) (bool, error)

LateInitialize this AuthBackendStsRole using its observed tfState. returns True if there are any spec changes for the resource.

func (*AuthBackendStsRole) SetConditions 

func (mg *AuthBackendStsRole) SetConditions(c ...xpv1.Condition)

SetConditions of this AuthBackendStsRole.

func (*AuthBackendStsRole) SetDeletionPolicy 

func (mg *AuthBackendStsRole) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this AuthBackendStsRole.

func (*AuthBackendStsRole) SetManagementPolicies added in v0.2.0 

func (mg *AuthBackendStsRole) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this AuthBackendStsRole.

func (*AuthBackendStsRole) SetObservation 

func (tr *AuthBackendStsRole) SetObservation(obs map[string]any) error

SetObservation for this AuthBackendStsRole

func (*AuthBackendStsRole) SetParameters 

func (tr *AuthBackendStsRole) SetParameters(params map[string]any) error

SetParameters for this AuthBackendStsRole

func (*AuthBackendStsRole) SetProviderConfigReference 

func (mg *AuthBackendStsRole) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this AuthBackendStsRole.

func (*AuthBackendStsRole) SetProviderReference 

func (mg *AuthBackendStsRole) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this AuthBackendStsRole. Deprecated: Use SetProviderConfigReference.

func (*AuthBackendStsRole) SetPublishConnectionDetailsTo 

func (mg *AuthBackendStsRole) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this AuthBackendStsRole.

func (*AuthBackendStsRole) SetWriteConnectionSecretToReference 

func (mg *AuthBackendStsRole) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this AuthBackendStsRole.

type AuthBackendStsRoleInitParameters added in v0.2.0 

type AuthBackendStsRoleInitParameters struct {

	// The AWS account ID to configure the STS role for.
	// AWS account ID to be associated with STS role.
	AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"`

	// The path the AWS auth backend being configured was
	// mounted at.  Defaults to aws.
	// Unique name of the auth backend to configure.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The STS role to assume when verifying requests made
	// by EC2 instances in the account specified by account_id.
	// AWS ARN for STS role to be assumed when interacting with the account specified.
	StsRole *string `json:"stsRole,omitempty" tf:"sts_role,omitempty"`
}

func (*AuthBackendStsRoleInitParameters) DeepCopy added in v0.2.0 

func (in *AuthBackendStsRoleInitParameters) DeepCopy() *AuthBackendStsRoleInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendStsRoleInitParameters.

func (*AuthBackendStsRoleInitParameters) DeepCopyInto added in v0.2.0 

func (in *AuthBackendStsRoleInitParameters) DeepCopyInto(out *AuthBackendStsRoleInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendStsRoleList 

type AuthBackendStsRoleList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AuthBackendStsRole `json:"items"`
}

AuthBackendStsRoleList contains a list of AuthBackendStsRoles

func (*AuthBackendStsRoleList) DeepCopy 

func (in *AuthBackendStsRoleList) DeepCopy() *AuthBackendStsRoleList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendStsRoleList.

func (*AuthBackendStsRoleList) DeepCopyInto 

func (in *AuthBackendStsRoleList) DeepCopyInto(out *AuthBackendStsRoleList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AuthBackendStsRoleList) DeepCopyObject 

func (in *AuthBackendStsRoleList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AuthBackendStsRoleList) GetItems 

func (l *AuthBackendStsRoleList) GetItems() []resource.Managed

GetItems of this AuthBackendStsRoleList.

type AuthBackendStsRoleObservation 

type AuthBackendStsRoleObservation struct {

	// The AWS account ID to configure the STS role for.
	// AWS account ID to be associated with STS role.
	AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"`

	// The path the AWS auth backend being configured was
	// mounted at.  Defaults to aws.
	// Unique name of the auth backend to configure.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The STS role to assume when verifying requests made
	// by EC2 instances in the account specified by account_id.
	// AWS ARN for STS role to be assumed when interacting with the account specified.
	StsRole *string `json:"stsRole,omitempty" tf:"sts_role,omitempty"`
}

func (*AuthBackendStsRoleObservation) DeepCopy 

func (in *AuthBackendStsRoleObservation) DeepCopy() *AuthBackendStsRoleObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendStsRoleObservation.

func (*AuthBackendStsRoleObservation) DeepCopyInto 

func (in *AuthBackendStsRoleObservation) DeepCopyInto(out *AuthBackendStsRoleObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendStsRoleParameters 

type AuthBackendStsRoleParameters struct {

	// The AWS account ID to configure the STS role for.
	// AWS account ID to be associated with STS role.
	// +kubebuilder:validation:Optional
	AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"`

	// The path the AWS auth backend being configured was
	// mounted at.  Defaults to aws.
	// Unique name of the auth backend to configure.
	// +kubebuilder:validation:Optional
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	// +kubebuilder:validation:Optional
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The STS role to assume when verifying requests made
	// by EC2 instances in the account specified by account_id.
	// AWS ARN for STS role to be assumed when interacting with the account specified.
	// +kubebuilder:validation:Optional
	StsRole *string `json:"stsRole,omitempty" tf:"sts_role,omitempty"`
}

func (*AuthBackendStsRoleParameters) DeepCopy 

func (in *AuthBackendStsRoleParameters) DeepCopy() *AuthBackendStsRoleParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendStsRoleParameters.

func (*AuthBackendStsRoleParameters) DeepCopyInto 

func (in *AuthBackendStsRoleParameters) DeepCopyInto(out *AuthBackendStsRoleParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendStsRoleSpec 

type AuthBackendStsRoleSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     AuthBackendStsRoleParameters `json:"forProvider"`
	// THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored
	// unless the relevant Crossplane feature flag is enabled, and may be
	// changed or removed without notice.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider AuthBackendStsRoleInitParameters `json:"initProvider,omitempty"`
}

AuthBackendStsRoleSpec defines the desired state of AuthBackendStsRole

func (*AuthBackendStsRoleSpec) DeepCopy 

func (in *AuthBackendStsRoleSpec) DeepCopy() *AuthBackendStsRoleSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendStsRoleSpec.

func (*AuthBackendStsRoleSpec) DeepCopyInto 

func (in *AuthBackendStsRoleSpec) DeepCopyInto(out *AuthBackendStsRoleSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AuthBackendStsRoleStatus 

type AuthBackendStsRoleStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        AuthBackendStsRoleObservation `json:"atProvider,omitempty"`
}

AuthBackendStsRoleStatus defines the observed state of AuthBackendStsRole.

func (*AuthBackendStsRoleStatus) DeepCopy 

func (in *AuthBackendStsRoleStatus) DeepCopy() *AuthBackendStsRoleStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AuthBackendStsRoleStatus.

func (*AuthBackendStsRoleStatus) DeepCopyInto 

func (in *AuthBackendStsRoleStatus) DeepCopyInto(out *AuthBackendStsRoleStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretBackend 

type SecretBackend struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	Spec              SecretBackendSpec   `json:"spec"`
	Status            SecretBackendStatus `json:"status,omitempty"`
}

SecretBackend is the Schema for the SecretBackends API. Creates an AWS secret backend for Vault. +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,vault}

func (*SecretBackend) DeepCopy 

func (in *SecretBackend) DeepCopy() *SecretBackend

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretBackend.

func (*SecretBackend) DeepCopyInto 

func (in *SecretBackend) DeepCopyInto(out *SecretBackend)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*SecretBackend) DeepCopyObject 

func (in *SecretBackend) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*SecretBackend) GetCondition 

func (mg *SecretBackend) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this SecretBackend.

func (*SecretBackend) GetConnectionDetailsMapping 

func (tr *SecretBackend) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this SecretBackend

func (*SecretBackend) GetDeletionPolicy 

func (mg *SecretBackend) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this SecretBackend.

func (*SecretBackend) GetID 

func (tr *SecretBackend) GetID() string

GetID returns ID of underlying Terraform resource of this SecretBackend

func (*SecretBackend) GetInitParameters added in v0.2.0 

func (tr *SecretBackend) GetInitParameters() (map[string]any, error)

GetInitParameters of this SecretBackend

func (*SecretBackend) GetManagementPolicies added in v0.2.0 

func (mg *SecretBackend) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this SecretBackend.

func (*SecretBackend) GetObservation 

func (tr *SecretBackend) GetObservation() (map[string]any, error)

GetObservation of this SecretBackend

func (*SecretBackend) GetParameters 

func (tr *SecretBackend) GetParameters() (map[string]any, error)

GetParameters of this SecretBackend

func (*SecretBackend) GetProviderConfigReference 

func (mg *SecretBackend) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this SecretBackend.

func (*SecretBackend) GetProviderReference 

func (mg *SecretBackend) GetProviderReference() *xpv1.Reference

GetProviderReference of this SecretBackend. Deprecated: Use GetProviderConfigReference.

func (*SecretBackend) GetPublishConnectionDetailsTo 

func (mg *SecretBackend) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this SecretBackend.

func (*SecretBackend) GetTerraformResourceType 

func (mg *SecretBackend) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this SecretBackend

func (*SecretBackend) GetTerraformSchemaVersion 

func (tr *SecretBackend) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*SecretBackend) GetWriteConnectionSecretToReference 

func (mg *SecretBackend) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this SecretBackend.

func (*SecretBackend) LateInitialize 

func (tr *SecretBackend) LateInitialize(attrs []byte) (bool, error)

LateInitialize this SecretBackend using its observed tfState. returns True if there are any spec changes for the resource.

func (*SecretBackend) SetConditions 

func (mg *SecretBackend) SetConditions(c ...xpv1.Condition)

SetConditions of this SecretBackend.

func (*SecretBackend) SetDeletionPolicy 

func (mg *SecretBackend) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this SecretBackend.

func (*SecretBackend) SetManagementPolicies added in v0.2.0 

func (mg *SecretBackend) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this SecretBackend.

func (*SecretBackend) SetObservation 

func (tr *SecretBackend) SetObservation(obs map[string]any) error

SetObservation for this SecretBackend

func (*SecretBackend) SetParameters 

func (tr *SecretBackend) SetParameters(params map[string]any) error

SetParameters for this SecretBackend

func (*SecretBackend) SetProviderConfigReference 

func (mg *SecretBackend) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this SecretBackend.

func (*SecretBackend) SetProviderReference 

func (mg *SecretBackend) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this SecretBackend. Deprecated: Use SetProviderConfigReference.

func (*SecretBackend) SetPublishConnectionDetailsTo 

func (mg *SecretBackend) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this SecretBackend.

func (*SecretBackend) SetWriteConnectionSecretToReference 

func (mg *SecretBackend) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this SecretBackend.

type SecretBackendInitParameters added in v0.2.0 

type SecretBackendInitParameters struct {

	// The default TTL for credentials
	// issued by this backend.
	// Default lease duration for secrets in seconds
	DefaultLeaseTTLSeconds *float64 `json:"defaultLeaseTtlSeconds,omitempty" tf:"default_lease_ttl_seconds,omitempty"`

	// A human-friendly description for this backend.
	// Human-friendly description of the mount for the backend.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// If set, opts out of mount migration on path updates.
	// See here for more info on Mount Migration
	// If set, opts out of mount migration on path updates.
	DisableRemount *bool `json:"disableRemount,omitempty" tf:"disable_remount,omitempty"`

	// Specifies a custom HTTP IAM endpoint to use.
	// Specifies a custom HTTP IAM endpoint to use.
	IAMEndpoint *string `json:"iamEndpoint,omitempty" tf:"iam_endpoint,omitempty"`

	// The audience claim value. Requires Vault 1.16+.
	// The audience claim value.
	IdentityTokenAudience *string `json:"identityTokenAudience,omitempty" tf:"identity_token_audience,omitempty"`

	// The key to use for signing identity tokens. Requires Vault 1.16+.
	// The key to use for signing identity tokens.
	IdentityTokenKey *string `json:"identityTokenKey,omitempty" tf:"identity_token_key,omitempty"`

	// The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
	// The TTL of generated identity tokens in seconds.
	IdentityTokenTTL *float64 `json:"identityTokenTtl,omitempty" tf:"identity_token_ttl,omitempty"`

	// Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
	// Specifies if the secret backend is local only
	Local *bool `json:"local,omitempty" tf:"local,omitempty"`

	// The maximum TTL that can be requested
	// for credentials issued by this backend.
	// Maximum possible lease duration for secrets in seconds
	MaxLeaseTTLSeconds *float64 `json:"maxLeaseTtlSeconds,omitempty" tf:"max_lease_ttl_seconds,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The unique path this backend should be mounted at. Must
	// not begin or end with a /. Defaults to aws.
	// Path to mount the backend at.
	Path *string `json:"path,omitempty" tf:"path,omitempty"`

	// The AWS region for API calls. Defaults to us-east-1.
	// The AWS region to make API calls against. Defaults to us-east-1.
	Region *string `json:"region,omitempty" tf:"region,omitempty"`

	// Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
	// Role ARN to assume for plugin identity token federation.
	RoleArn *string `json:"roleArn,omitempty" tf:"role_arn,omitempty"`

	// Specifies a custom HTTP STS endpoint to use.
	// Specifies a custom HTTP STS endpoint to use.
	StsEndpoint *string `json:"stsEndpoint,omitempty" tf:"sts_endpoint,omitempty"`

	// Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
	// Template describing how dynamic usernames are generated.
	UsernameTemplate *string `json:"usernameTemplate,omitempty" tf:"username_template,omitempty"`
}

func (*SecretBackendInitParameters) DeepCopy added in v0.2.0 

func (in *SecretBackendInitParameters) DeepCopy() *SecretBackendInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretBackendInitParameters.

func (*SecretBackendInitParameters) DeepCopyInto added in v0.2.0 

func (in *SecretBackendInitParameters) DeepCopyInto(out *SecretBackendInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretBackendList 

type SecretBackendList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []SecretBackend `json:"items"`
}

SecretBackendList contains a list of SecretBackends

func (*SecretBackendList) DeepCopy 

func (in *SecretBackendList) DeepCopy() *SecretBackendList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretBackendList.

func (*SecretBackendList) DeepCopyInto 

func (in *SecretBackendList) DeepCopyInto(out *SecretBackendList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*SecretBackendList) DeepCopyObject 

func (in *SecretBackendList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*SecretBackendList) GetItems 

func (l *SecretBackendList) GetItems() []resource.Managed

GetItems of this SecretBackendList.

type SecretBackendObservation 

type SecretBackendObservation struct {

	// The default TTL for credentials
	// issued by this backend.
	// Default lease duration for secrets in seconds
	DefaultLeaseTTLSeconds *float64 `json:"defaultLeaseTtlSeconds,omitempty" tf:"default_lease_ttl_seconds,omitempty"`

	// A human-friendly description for this backend.
	// Human-friendly description of the mount for the backend.
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// If set, opts out of mount migration on path updates.
	// See here for more info on Mount Migration
	// If set, opts out of mount migration on path updates.
	DisableRemount *bool `json:"disableRemount,omitempty" tf:"disable_remount,omitempty"`

	// Specifies a custom HTTP IAM endpoint to use.
	// Specifies a custom HTTP IAM endpoint to use.
	IAMEndpoint *string `json:"iamEndpoint,omitempty" tf:"iam_endpoint,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The audience claim value. Requires Vault 1.16+.
	// The audience claim value.
	IdentityTokenAudience *string `json:"identityTokenAudience,omitempty" tf:"identity_token_audience,omitempty"`

	// The key to use for signing identity tokens. Requires Vault 1.16+.
	// The key to use for signing identity tokens.
	IdentityTokenKey *string `json:"identityTokenKey,omitempty" tf:"identity_token_key,omitempty"`

	// The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
	// The TTL of generated identity tokens in seconds.
	IdentityTokenTTL *float64 `json:"identityTokenTtl,omitempty" tf:"identity_token_ttl,omitempty"`

	// Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
	// Specifies if the secret backend is local only
	Local *bool `json:"local,omitempty" tf:"local,omitempty"`

	// The maximum TTL that can be requested
	// for credentials issued by this backend.
	// Maximum possible lease duration for secrets in seconds
	MaxLeaseTTLSeconds *float64 `json:"maxLeaseTtlSeconds,omitempty" tf:"max_lease_ttl_seconds,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The unique path this backend should be mounted at. Must
	// not begin or end with a /. Defaults to aws.
	// Path to mount the backend at.
	Path *string `json:"path,omitempty" tf:"path,omitempty"`

	// The AWS region for API calls. Defaults to us-east-1.
	// The AWS region to make API calls against. Defaults to us-east-1.
	Region *string `json:"region,omitempty" tf:"region,omitempty"`

	// Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
	// Role ARN to assume for plugin identity token federation.
	RoleArn *string `json:"roleArn,omitempty" tf:"role_arn,omitempty"`

	// Specifies a custom HTTP STS endpoint to use.
	// Specifies a custom HTTP STS endpoint to use.
	StsEndpoint *string `json:"stsEndpoint,omitempty" tf:"sts_endpoint,omitempty"`

	// Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
	// Template describing how dynamic usernames are generated.
	UsernameTemplate *string `json:"usernameTemplate,omitempty" tf:"username_template,omitempty"`
}

func (*SecretBackendObservation) DeepCopy 

func (in *SecretBackendObservation) DeepCopy() *SecretBackendObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretBackendObservation.

func (*SecretBackendObservation) DeepCopyInto 

func (in *SecretBackendObservation) DeepCopyInto(out *SecretBackendObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretBackendParameters 

type SecretBackendParameters struct {

	// The AWS Access Key ID this backend should use to
	// issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
	// The AWS Access Key ID to use when generating new credentials.
	// +kubebuilder:validation:Optional
	AccessKeySecretRef *v1.SecretKeySelector `json:"accessKeySecretRef,omitempty" tf:"-"`

	// The default TTL for credentials
	// issued by this backend.
	// Default lease duration for secrets in seconds
	// +kubebuilder:validation:Optional
	DefaultLeaseTTLSeconds *float64 `json:"defaultLeaseTtlSeconds,omitempty" tf:"default_lease_ttl_seconds,omitempty"`

	// A human-friendly description for this backend.
	// Human-friendly description of the mount for the backend.
	// +kubebuilder:validation:Optional
	Description *string `json:"description,omitempty" tf:"description,omitempty"`

	// If set, opts out of mount migration on path updates.
	// See here for more info on Mount Migration
	// If set, opts out of mount migration on path updates.
	// +kubebuilder:validation:Optional
	DisableRemount *bool `json:"disableRemount,omitempty" tf:"disable_remount,omitempty"`

	// Specifies a custom HTTP IAM endpoint to use.
	// Specifies a custom HTTP IAM endpoint to use.
	// +kubebuilder:validation:Optional
	IAMEndpoint *string `json:"iamEndpoint,omitempty" tf:"iam_endpoint,omitempty"`

	// The audience claim value. Requires Vault 1.16+.
	// The audience claim value.
	// +kubebuilder:validation:Optional
	IdentityTokenAudience *string `json:"identityTokenAudience,omitempty" tf:"identity_token_audience,omitempty"`

	// The key to use for signing identity tokens. Requires Vault 1.16+.
	// The key to use for signing identity tokens.
	// +kubebuilder:validation:Optional
	IdentityTokenKey *string `json:"identityTokenKey,omitempty" tf:"identity_token_key,omitempty"`

	// The TTL of generated identity tokens in seconds. Requires Vault 1.16+.
	// The TTL of generated identity tokens in seconds.
	// +kubebuilder:validation:Optional
	IdentityTokenTTL *float64 `json:"identityTokenTtl,omitempty" tf:"identity_token_ttl,omitempty"`

	// Specifies whether the secrets mount will be marked as local. Local mounts are not replicated to performance replicas.
	// Specifies if the secret backend is local only
	// +kubebuilder:validation:Optional
	Local *bool `json:"local,omitempty" tf:"local,omitempty"`

	// The maximum TTL that can be requested
	// for credentials issued by this backend.
	// Maximum possible lease duration for secrets in seconds
	// +kubebuilder:validation:Optional
	MaxLeaseTTLSeconds *float64 `json:"maxLeaseTtlSeconds,omitempty" tf:"max_lease_ttl_seconds,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	// +kubebuilder:validation:Optional
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The unique path this backend should be mounted at. Must
	// not begin or end with a /. Defaults to aws.
	// Path to mount the backend at.
	// +kubebuilder:validation:Optional
	Path *string `json:"path,omitempty" tf:"path,omitempty"`

	// The AWS region for API calls. Defaults to us-east-1.
	// The AWS region to make API calls against. Defaults to us-east-1.
	// +kubebuilder:validation:Optional
	Region *string `json:"region,omitempty" tf:"region,omitempty"`

	// Role ARN to assume for plugin identity token federation. Requires Vault 1.16+.
	// Role ARN to assume for plugin identity token federation.
	// +kubebuilder:validation:Optional
	RoleArn *string `json:"roleArn,omitempty" tf:"role_arn,omitempty"`

	// The AWS Secret Key this backend should use to
	// issue new credentials. Vault uses the official AWS SDK to authenticate, and thus can also use standard AWS environment credentials, shared file credentials or IAM role/ECS task credentials.
	// The AWS Secret Access Key to use when generating new credentials.
	// +kubebuilder:validation:Optional
	SecretKeySecretRef *v1.SecretKeySelector `json:"secretKeySecretRef,omitempty" tf:"-"`

	// Specifies a custom HTTP STS endpoint to use.
	// Specifies a custom HTTP STS endpoint to use.
	// +kubebuilder:validation:Optional
	StsEndpoint *string `json:"stsEndpoint,omitempty" tf:"sts_endpoint,omitempty"`

	// Template describing how dynamic usernames are generated. The username template is used to generate both IAM usernames (capped at 64 characters) and STS usernames (capped at 32 characters). If no template is provided the field defaults to the template:
	// Template describing how dynamic usernames are generated.
	// +kubebuilder:validation:Optional
	UsernameTemplate *string `json:"usernameTemplate,omitempty" tf:"username_template,omitempty"`
}

func (*SecretBackendParameters) DeepCopy 

func (in *SecretBackendParameters) DeepCopy() *SecretBackendParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretBackendParameters.

func (*SecretBackendParameters) DeepCopyInto 

func (in *SecretBackendParameters) DeepCopyInto(out *SecretBackendParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretBackendRole 

type SecretBackendRole struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.backend) || has(self.initProvider.backend)",message="backend is a required parameter"
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.credentialType) || has(self.initProvider.credentialType)",message="credentialType is a required parameter"
	// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || has(self.initProvider.name)",message="name is a required parameter"
	Spec   SecretBackendRoleSpec   `json:"spec"`
	Status SecretBackendRoleStatus `json:"status,omitempty"`
}

SecretBackendRole is the Schema for the SecretBackendRoles API. Creates a role on an AWS Secret Backend for Vault. +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +kubebuilder:subresource:status +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,vault}

func (*SecretBackendRole) DeepCopy 

func (in *SecretBackendRole) DeepCopy() *SecretBackendRole

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretBackendRole.

func (*SecretBackendRole) DeepCopyInto 

func (in *SecretBackendRole) DeepCopyInto(out *SecretBackendRole)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*SecretBackendRole) DeepCopyObject 

func (in *SecretBackendRole) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*SecretBackendRole) GetCondition 

func (mg *SecretBackendRole) GetCondition(ct xpv1.ConditionType) xpv1.Condition

GetCondition of this SecretBackendRole.

func (*SecretBackendRole) GetConnectionDetailsMapping 

func (tr *SecretBackendRole) GetConnectionDetailsMapping() map[string]string

GetConnectionDetailsMapping for this SecretBackendRole

func (*SecretBackendRole) GetDeletionPolicy 

func (mg *SecretBackendRole) GetDeletionPolicy() xpv1.DeletionPolicy

GetDeletionPolicy of this SecretBackendRole.

func (*SecretBackendRole) GetID 

func (tr *SecretBackendRole) GetID() string

GetID returns ID of underlying Terraform resource of this SecretBackendRole

func (*SecretBackendRole) GetInitParameters added in v0.2.0 

func (tr *SecretBackendRole) GetInitParameters() (map[string]any, error)

GetInitParameters of this SecretBackendRole

func (*SecretBackendRole) GetManagementPolicies added in v0.2.0 

func (mg *SecretBackendRole) GetManagementPolicies() xpv1.ManagementPolicies

GetManagementPolicies of this SecretBackendRole.

func (*SecretBackendRole) GetObservation 

func (tr *SecretBackendRole) GetObservation() (map[string]any, error)

GetObservation of this SecretBackendRole

func (*SecretBackendRole) GetParameters 

func (tr *SecretBackendRole) GetParameters() (map[string]any, error)

GetParameters of this SecretBackendRole

func (*SecretBackendRole) GetProviderConfigReference 

func (mg *SecretBackendRole) GetProviderConfigReference() *xpv1.Reference

GetProviderConfigReference of this SecretBackendRole.

func (*SecretBackendRole) GetProviderReference 

func (mg *SecretBackendRole) GetProviderReference() *xpv1.Reference

GetProviderReference of this SecretBackendRole. Deprecated: Use GetProviderConfigReference.

func (*SecretBackendRole) GetPublishConnectionDetailsTo 

func (mg *SecretBackendRole) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo

GetPublishConnectionDetailsTo of this SecretBackendRole.

func (*SecretBackendRole) GetTerraformResourceType 

func (mg *SecretBackendRole) GetTerraformResourceType() string

GetTerraformResourceType returns Terraform resource type for this SecretBackendRole

func (*SecretBackendRole) GetTerraformSchemaVersion 

func (tr *SecretBackendRole) GetTerraformSchemaVersion() int

GetTerraformSchemaVersion returns the associated Terraform schema version

func (*SecretBackendRole) GetWriteConnectionSecretToReference 

func (mg *SecretBackendRole) GetWriteConnectionSecretToReference() *xpv1.SecretReference

GetWriteConnectionSecretToReference of this SecretBackendRole.

func (*SecretBackendRole) LateInitialize 

func (tr *SecretBackendRole) LateInitialize(attrs []byte) (bool, error)

LateInitialize this SecretBackendRole using its observed tfState. returns True if there are any spec changes for the resource.

func (*SecretBackendRole) SetConditions 

func (mg *SecretBackendRole) SetConditions(c ...xpv1.Condition)

SetConditions of this SecretBackendRole.

func (*SecretBackendRole) SetDeletionPolicy 

func (mg *SecretBackendRole) SetDeletionPolicy(r xpv1.DeletionPolicy)

SetDeletionPolicy of this SecretBackendRole.

func (*SecretBackendRole) SetManagementPolicies added in v0.2.0 

func (mg *SecretBackendRole) SetManagementPolicies(r xpv1.ManagementPolicies)

SetManagementPolicies of this SecretBackendRole.

func (*SecretBackendRole) SetObservation 

func (tr *SecretBackendRole) SetObservation(obs map[string]any) error

SetObservation for this SecretBackendRole

func (*SecretBackendRole) SetParameters 

func (tr *SecretBackendRole) SetParameters(params map[string]any) error

SetParameters for this SecretBackendRole

func (*SecretBackendRole) SetProviderConfigReference 

func (mg *SecretBackendRole) SetProviderConfigReference(r *xpv1.Reference)

SetProviderConfigReference of this SecretBackendRole.

func (*SecretBackendRole) SetProviderReference 

func (mg *SecretBackendRole) SetProviderReference(r *xpv1.Reference)

SetProviderReference of this SecretBackendRole. Deprecated: Use SetProviderConfigReference.

func (*SecretBackendRole) SetPublishConnectionDetailsTo 

func (mg *SecretBackendRole) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo)

SetPublishConnectionDetailsTo of this SecretBackendRole.

func (*SecretBackendRole) SetWriteConnectionSecretToReference 

func (mg *SecretBackendRole) SetWriteConnectionSecretToReference(r *xpv1.SecretReference)

SetWriteConnectionSecretToReference of this SecretBackendRole.

type SecretBackendRoleInitParameters added in v0.2.0 

type SecretBackendRoleInitParameters struct {

	// The path the AWS secret backend is mounted at,
	// with no leading or trailing /s.
	// The path of the AWS Secret Backend the role belongs to.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// Specifies the type of credential to be used when
	// retrieving credentials from the role. Must be one of iam_user, assumed_role, or
	// federation_token.
	// Role credential type.
	CredentialType *string `json:"credentialType,omitempty" tf:"credential_type,omitempty"`

	// The default TTL in seconds for STS credentials.
	// When a TTL is not specified when STS credentials are requested,
	// and a default TTL is specified on the role,
	// then this default TTL will be used. Valid only when credential_type is one of
	// assumed_role or federation_token.
	// The default TTL in seconds for STS credentials. When a TTL is not specified when STS credentials are requested, and a default TTL is specified on the role, then this default TTL will be used. Valid only when credential_type is one of assumed_role or federation_token.
	DefaultStsTTL *float64 `json:"defaultStsTtl,omitempty" tf:"default_sts_ttl,omitempty"`

	// A list of IAM group names. IAM users generated
	// against this vault role will be added to these IAM Groups. For a credential
	// type of assumed_role or federation_token, the policies sent to the
	// corresponding AWS call (sts:AssumeRole or sts:GetFederation) will be the
	// policies from each group in iam_groups combined with the policy_document
	// and policy_arns parameters.
	// A list of IAM group names. IAM users generated against this vault role will be added to these IAM Groups. For a credential type of assumed_role or federation_token, the policies sent to the corresponding AWS call (sts:AssumeRole or sts:GetFederation) will be the policies from each group in iam_groups combined with the policy_document and policy_arns parameters.
	IAMGroups []*string `json:"iamGroups,omitempty" tf:"iam_groups,omitempty"`

	// The max allowed TTL in seconds for STS credentials
	// (credentials TTL are capped to max_sts_ttl). Valid only when credential_type is
	// one of assumed_role or federation_token.
	// The max allowed TTL in seconds for STS credentials (credentials TTL are capped to max_sts_ttl). Valid only when credential_type is one of assumed_role or federation_token.
	MaxStsTTL *float64 `json:"maxStsTtl,omitempty" tf:"max_sts_ttl,omitempty"`

	// The name to identify this role within the backend.
	// Must be unique within the backend.
	// Unique name for the role.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The ARN of the AWS Permissions
	// Boundary to attach to IAM users created in the role. Valid only when
	// credential_type is iam_user. If not specified, then no permissions boundary
	// policy will be attached.
	// The ARN of the AWS Permissions Boundary to attach to IAM users created in the role. Valid only when credential_type is iam_user. If not specified, then no permissions boundary policy will be attached.
	PermissionsBoundaryArn *string `json:"permissionsBoundaryArn,omitempty" tf:"permissions_boundary_arn,omitempty"`

	// Specifies a list of AWS managed policy ARNs. The
	// behavior depends on the credential type. With iam_user, the policies will be
	// attached to IAM users when they are requested. With assumed_role and
	// federation_token, the policy ARNs will act as a filter on what the credentials
	// can do, similar to policy_document. When credential_type is iam_user or
	// federation_token, at least one of policy_document or policy_arns must
	// be specified.
	// ARN for an existing IAM policy the role should use.
	PolicyArns []*string `json:"policyArns,omitempty" tf:"policy_arns,omitempty"`

	// The IAM policy document for the role. The
	// behavior depends on the credential type. With iam_user, the policy document
	// will be attached to the IAM user generated and augment the permissions the IAM
	// user has. With assumed_role and federation_token, the policy document will
	// act as a filter on what the credentials can do, similar to policy_arns.
	// IAM policy the role should use in JSON format.
	PolicyDocument *string `json:"policyDocument,omitempty" tf:"policy_document,omitempty"`

	// Specifies the ARNs of the AWS roles this Vault role
	// is allowed to assume. Required when credential_type is assumed_role and
	// prohibited otherwise.
	// ARNs of AWS roles allowed to be assumed. Only valid when credential_type is 'assumed_role'
	RoleArns []*string `json:"roleArns,omitempty" tf:"role_arns,omitempty"`

	// The path for the user name. Valid only when
	// credential_type is iam_user. Default is /.
	// The path for the user name. Valid only when credential_type is iam_user. Default is /
	UserPath *string `json:"userPath,omitempty" tf:"user_path,omitempty"`
}

func (*SecretBackendRoleInitParameters) DeepCopy added in v0.2.0 

func (in *SecretBackendRoleInitParameters) DeepCopy() *SecretBackendRoleInitParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretBackendRoleInitParameters.

func (*SecretBackendRoleInitParameters) DeepCopyInto added in v0.2.0 

func (in *SecretBackendRoleInitParameters) DeepCopyInto(out *SecretBackendRoleInitParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretBackendRoleList 

type SecretBackendRoleList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []SecretBackendRole `json:"items"`
}

SecretBackendRoleList contains a list of SecretBackendRoles

func (*SecretBackendRoleList) DeepCopy 

func (in *SecretBackendRoleList) DeepCopy() *SecretBackendRoleList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretBackendRoleList.

func (*SecretBackendRoleList) DeepCopyInto 

func (in *SecretBackendRoleList) DeepCopyInto(out *SecretBackendRoleList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*SecretBackendRoleList) DeepCopyObject 

func (in *SecretBackendRoleList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*SecretBackendRoleList) GetItems 

func (l *SecretBackendRoleList) GetItems() []resource.Managed

GetItems of this SecretBackendRoleList.

type SecretBackendRoleObservation 

type SecretBackendRoleObservation struct {

	// The path the AWS secret backend is mounted at,
	// with no leading or trailing /s.
	// The path of the AWS Secret Backend the role belongs to.
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// Specifies the type of credential to be used when
	// retrieving credentials from the role. Must be one of iam_user, assumed_role, or
	// federation_token.
	// Role credential type.
	CredentialType *string `json:"credentialType,omitempty" tf:"credential_type,omitempty"`

	// The default TTL in seconds for STS credentials.
	// When a TTL is not specified when STS credentials are requested,
	// and a default TTL is specified on the role,
	// then this default TTL will be used. Valid only when credential_type is one of
	// assumed_role or federation_token.
	// The default TTL in seconds for STS credentials. When a TTL is not specified when STS credentials are requested, and a default TTL is specified on the role, then this default TTL will be used. Valid only when credential_type is one of assumed_role or federation_token.
	DefaultStsTTL *float64 `json:"defaultStsTtl,omitempty" tf:"default_sts_ttl,omitempty"`

	// A list of IAM group names. IAM users generated
	// against this vault role will be added to these IAM Groups. For a credential
	// type of assumed_role or federation_token, the policies sent to the
	// corresponding AWS call (sts:AssumeRole or sts:GetFederation) will be the
	// policies from each group in iam_groups combined with the policy_document
	// and policy_arns parameters.
	// A list of IAM group names. IAM users generated against this vault role will be added to these IAM Groups. For a credential type of assumed_role or federation_token, the policies sent to the corresponding AWS call (sts:AssumeRole or sts:GetFederation) will be the policies from each group in iam_groups combined with the policy_document and policy_arns parameters.
	IAMGroups []*string `json:"iamGroups,omitempty" tf:"iam_groups,omitempty"`

	ID *string `json:"id,omitempty" tf:"id,omitempty"`

	// The max allowed TTL in seconds for STS credentials
	// (credentials TTL are capped to max_sts_ttl). Valid only when credential_type is
	// one of assumed_role or federation_token.
	// The max allowed TTL in seconds for STS credentials (credentials TTL are capped to max_sts_ttl). Valid only when credential_type is one of assumed_role or federation_token.
	MaxStsTTL *float64 `json:"maxStsTtl,omitempty" tf:"max_sts_ttl,omitempty"`

	// The name to identify this role within the backend.
	// Must be unique within the backend.
	// Unique name for the role.
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The ARN of the AWS Permissions
	// Boundary to attach to IAM users created in the role. Valid only when
	// credential_type is iam_user. If not specified, then no permissions boundary
	// policy will be attached.
	// The ARN of the AWS Permissions Boundary to attach to IAM users created in the role. Valid only when credential_type is iam_user. If not specified, then no permissions boundary policy will be attached.
	PermissionsBoundaryArn *string `json:"permissionsBoundaryArn,omitempty" tf:"permissions_boundary_arn,omitempty"`

	// Specifies a list of AWS managed policy ARNs. The
	// behavior depends on the credential type. With iam_user, the policies will be
	// attached to IAM users when they are requested. With assumed_role and
	// federation_token, the policy ARNs will act as a filter on what the credentials
	// can do, similar to policy_document. When credential_type is iam_user or
	// federation_token, at least one of policy_document or policy_arns must
	// be specified.
	// ARN for an existing IAM policy the role should use.
	PolicyArns []*string `json:"policyArns,omitempty" tf:"policy_arns,omitempty"`

	// The IAM policy document for the role. The
	// behavior depends on the credential type. With iam_user, the policy document
	// will be attached to the IAM user generated and augment the permissions the IAM
	// user has. With assumed_role and federation_token, the policy document will
	// act as a filter on what the credentials can do, similar to policy_arns.
	// IAM policy the role should use in JSON format.
	PolicyDocument *string `json:"policyDocument,omitempty" tf:"policy_document,omitempty"`

	// Specifies the ARNs of the AWS roles this Vault role
	// is allowed to assume. Required when credential_type is assumed_role and
	// prohibited otherwise.
	// ARNs of AWS roles allowed to be assumed. Only valid when credential_type is 'assumed_role'
	RoleArns []*string `json:"roleArns,omitempty" tf:"role_arns,omitempty"`

	// The path for the user name. Valid only when
	// credential_type is iam_user. Default is /.
	// The path for the user name. Valid only when credential_type is iam_user. Default is /
	UserPath *string `json:"userPath,omitempty" tf:"user_path,omitempty"`
}

func (*SecretBackendRoleObservation) DeepCopy 

func (in *SecretBackendRoleObservation) DeepCopy() *SecretBackendRoleObservation

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretBackendRoleObservation.

func (*SecretBackendRoleObservation) DeepCopyInto 

func (in *SecretBackendRoleObservation) DeepCopyInto(out *SecretBackendRoleObservation)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretBackendRoleParameters 

type SecretBackendRoleParameters struct {

	// The path the AWS secret backend is mounted at,
	// with no leading or trailing /s.
	// The path of the AWS Secret Backend the role belongs to.
	// +kubebuilder:validation:Optional
	Backend *string `json:"backend,omitempty" tf:"backend,omitempty"`

	// Specifies the type of credential to be used when
	// retrieving credentials from the role. Must be one of iam_user, assumed_role, or
	// federation_token.
	// Role credential type.
	// +kubebuilder:validation:Optional
	CredentialType *string `json:"credentialType,omitempty" tf:"credential_type,omitempty"`

	// The default TTL in seconds for STS credentials.
	// When a TTL is not specified when STS credentials are requested,
	// and a default TTL is specified on the role,
	// then this default TTL will be used. Valid only when credential_type is one of
	// assumed_role or federation_token.
	// The default TTL in seconds for STS credentials. When a TTL is not specified when STS credentials are requested, and a default TTL is specified on the role, then this default TTL will be used. Valid only when credential_type is one of assumed_role or federation_token.
	// +kubebuilder:validation:Optional
	DefaultStsTTL *float64 `json:"defaultStsTtl,omitempty" tf:"default_sts_ttl,omitempty"`

	// A list of IAM group names. IAM users generated
	// against this vault role will be added to these IAM Groups. For a credential
	// type of assumed_role or federation_token, the policies sent to the
	// corresponding AWS call (sts:AssumeRole or sts:GetFederation) will be the
	// policies from each group in iam_groups combined with the policy_document
	// and policy_arns parameters.
	// A list of IAM group names. IAM users generated against this vault role will be added to these IAM Groups. For a credential type of assumed_role or federation_token, the policies sent to the corresponding AWS call (sts:AssumeRole or sts:GetFederation) will be the policies from each group in iam_groups combined with the policy_document and policy_arns parameters.
	// +kubebuilder:validation:Optional
	IAMGroups []*string `json:"iamGroups,omitempty" tf:"iam_groups,omitempty"`

	// The max allowed TTL in seconds for STS credentials
	// (credentials TTL are capped to max_sts_ttl). Valid only when credential_type is
	// one of assumed_role or federation_token.
	// The max allowed TTL in seconds for STS credentials (credentials TTL are capped to max_sts_ttl). Valid only when credential_type is one of assumed_role or federation_token.
	// +kubebuilder:validation:Optional
	MaxStsTTL *float64 `json:"maxStsTtl,omitempty" tf:"max_sts_ttl,omitempty"`

	// The name to identify this role within the backend.
	// Must be unique within the backend.
	// Unique name for the role.
	// +kubebuilder:validation:Optional
	Name *string `json:"name,omitempty" tf:"name,omitempty"`

	// The namespace to provision the resource in.
	// The value should not contain leading or trailing forward slashes.
	// The namespace is always relative to the provider's configured namespace.
	// Available only for Vault Enterprise.
	// Target namespace. (requires Enterprise)
	// +kubebuilder:validation:Optional
	Namespace *string `json:"namespace,omitempty" tf:"namespace,omitempty"`

	// The ARN of the AWS Permissions
	// Boundary to attach to IAM users created in the role. Valid only when
	// credential_type is iam_user. If not specified, then no permissions boundary
	// policy will be attached.
	// The ARN of the AWS Permissions Boundary to attach to IAM users created in the role. Valid only when credential_type is iam_user. If not specified, then no permissions boundary policy will be attached.
	// +kubebuilder:validation:Optional
	PermissionsBoundaryArn *string `json:"permissionsBoundaryArn,omitempty" tf:"permissions_boundary_arn,omitempty"`

	// Specifies a list of AWS managed policy ARNs. The
	// behavior depends on the credential type. With iam_user, the policies will be
	// attached to IAM users when they are requested. With assumed_role and
	// federation_token, the policy ARNs will act as a filter on what the credentials
	// can do, similar to policy_document. When credential_type is iam_user or
	// federation_token, at least one of policy_document or policy_arns must
	// be specified.
	// ARN for an existing IAM policy the role should use.
	// +kubebuilder:validation:Optional
	PolicyArns []*string `json:"policyArns,omitempty" tf:"policy_arns,omitempty"`

	// The IAM policy document for the role. The
	// behavior depends on the credential type. With iam_user, the policy document
	// will be attached to the IAM user generated and augment the permissions the IAM
	// user has. With assumed_role and federation_token, the policy document will
	// act as a filter on what the credentials can do, similar to policy_arns.
	// IAM policy the role should use in JSON format.
	// +kubebuilder:validation:Optional
	PolicyDocument *string `json:"policyDocument,omitempty" tf:"policy_document,omitempty"`

	// Specifies the ARNs of the AWS roles this Vault role
	// is allowed to assume. Required when credential_type is assumed_role and
	// prohibited otherwise.
	// ARNs of AWS roles allowed to be assumed. Only valid when credential_type is 'assumed_role'
	// +kubebuilder:validation:Optional
	RoleArns []*string `json:"roleArns,omitempty" tf:"role_arns,omitempty"`

	// The path for the user name. Valid only when
	// credential_type is iam_user. Default is /.
	// The path for the user name. Valid only when credential_type is iam_user. Default is /
	// +kubebuilder:validation:Optional
	UserPath *string `json:"userPath,omitempty" tf:"user_path,omitempty"`
}

func (*SecretBackendRoleParameters) DeepCopy 

func (in *SecretBackendRoleParameters) DeepCopy() *SecretBackendRoleParameters

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretBackendRoleParameters.

func (*SecretBackendRoleParameters) DeepCopyInto 

func (in *SecretBackendRoleParameters) DeepCopyInto(out *SecretBackendRoleParameters)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretBackendRoleSpec 

type SecretBackendRoleSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     SecretBackendRoleParameters `json:"forProvider"`
	// THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored
	// unless the relevant Crossplane feature flag is enabled, and may be
	// changed or removed without notice.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider SecretBackendRoleInitParameters `json:"initProvider,omitempty"`
}

SecretBackendRoleSpec defines the desired state of SecretBackendRole

func (*SecretBackendRoleSpec) DeepCopy 

func (in *SecretBackendRoleSpec) DeepCopy() *SecretBackendRoleSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretBackendRoleSpec.

func (*SecretBackendRoleSpec) DeepCopyInto 

func (in *SecretBackendRoleSpec) DeepCopyInto(out *SecretBackendRoleSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretBackendRoleStatus 

type SecretBackendRoleStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        SecretBackendRoleObservation `json:"atProvider,omitempty"`
}

SecretBackendRoleStatus defines the observed state of SecretBackendRole.

func (*SecretBackendRoleStatus) DeepCopy 

func (in *SecretBackendRoleStatus) DeepCopy() *SecretBackendRoleStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretBackendRoleStatus.

func (*SecretBackendRoleStatus) DeepCopyInto 

func (in *SecretBackendRoleStatus) DeepCopyInto(out *SecretBackendRoleStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretBackendSpec 

type SecretBackendSpec struct {
	v1.ResourceSpec `json:",inline"`
	ForProvider     SecretBackendParameters `json:"forProvider"`
	// THIS IS AN ALPHA FIELD. Do not use it in production. It is not honored
	// unless the relevant Crossplane feature flag is enabled, and may be
	// changed or removed without notice.
	// InitProvider holds the same fields as ForProvider, with the exception
	// of Identifier and other resource reference fields. The fields that are
	// in InitProvider are merged into ForProvider when the resource is created.
	// The same fields are also added to the terraform ignore_changes hook, to
	// avoid updating them after creation. This is useful for fields that are
	// required on creation, but we do not desire to update them after creation,
	// for example because of an external controller is managing them, like an
	// autoscaler.
	InitProvider SecretBackendInitParameters `json:"initProvider,omitempty"`
}

SecretBackendSpec defines the desired state of SecretBackend

func (*SecretBackendSpec) DeepCopy 

func (in *SecretBackendSpec) DeepCopy() *SecretBackendSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretBackendSpec.

func (*SecretBackendSpec) DeepCopyInto 

func (in *SecretBackendSpec) DeepCopyInto(out *SecretBackendSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type SecretBackendStatus 

type SecretBackendStatus struct {
	v1.ResourceStatus `json:",inline"`
	AtProvider        SecretBackendObservation `json:"atProvider,omitempty"`
}

SecretBackendStatus defines the observed state of SecretBackend.

func (*SecretBackendStatus) DeepCopy 

func (in *SecretBackendStatus) DeepCopy() *SecretBackendStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SecretBackendStatus.

func (*SecretBackendStatus) DeepCopyInto 

func (in *SecretBackendStatus) DeepCopyInto(out *SecretBackendStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.