Documentation

Overview

    Package v1alpha1 contains API Schema definitions for the bootstrap v1alpha1 API group +kubebuilder:object:generate=true +k8s:deepcopy-gen=package,register +k8s:defaulter-gen=TypeMeta +groupName=bootstrap.aws.infrastructure.cluster.x-k8s.io

    Index

    Constants

    View Source
    const (
    	// DefaultBootstrapUserName is the default bootstrap user name.
    	DefaultBootstrapUserName = "bootstrapper.cluster-api-provider-aws.sigs.k8s.io"
    	// DefaultStackName is the default CloudFormation stack name.
    	DefaultStackName = "cluster-api-provider-aws-sigs-k8s-io"
    )
    View Source
    const GroupName = "bootstrap.aws.infrastructure.cluster.x-k8s.io"

      GroupName is the group name used in this package

      Variables

      View Source
      var (
      	// SchemeGroupVersion is the fully qualified group and version
      	SchemeGroupVersion = schema.GroupVersion{Group: GroupName, Version: "v1alpha1"}
      	// SchemeBuilder is the scheme builder with scheme init functions to run for this API package
      	SchemeBuilder = runtime.NewSchemeBuilder(addKnownTypes)
      
      	// AddToScheme is a global function that registers this API group & version to a scheme
      	AddToScheme = localSchemeBuilder.AddToScheme
      )

      Functions

      func RegisterDefaults

      func RegisterDefaults(scheme *runtime.Scheme) error

        RegisterDefaults adds defaulters functions to the given scheme. Public to allow building arbitrary schemes. All generated defaulters are covering - they call all nested defaulters.

        func SetDefaults_AWSIAMConfiguration

        func SetDefaults_AWSIAMConfiguration(obj *AWSIAMConfiguration)

          SetDefaults_AWSIAMConfiguration is used by defaulter-gen

          func SetDefaults_AWSIAMConfigurationSpec

          func SetDefaults_AWSIAMConfigurationSpec(obj *AWSIAMConfigurationSpec)

            SetDefaults_AWSIAMConfigurationSpec is used by defaulter-gen

            func SetDefaults_BootstrapUser

            func SetDefaults_BootstrapUser(obj *BootstrapUser)

              SetDefaults_BootstrapUser is used by defaulter-gen

              func SetObjectDefaults_AWSIAMConfiguration

              func SetObjectDefaults_AWSIAMConfiguration(in *AWSIAMConfiguration)

              Types

              type AWSIAMConfiguration

              type AWSIAMConfiguration struct {
              	metav1.TypeMeta `json:",inline"`
              
              	Spec AWSIAMConfigurationSpec `json:"spec,omitempty"`
              }

                +kubebuilder:object:root=true +k8s:deepcopy-gen:interfaces=k8s.io/apimachinery/pkg/runtime.Object AWSIAMConfiguration controls the creation of AWS Identity and Access Management (IAM) resources for use by Kubernetes clusters and Kubernetes Cluster API Provider AWS.

                func NewAWSIAMConfiguration

                func NewAWSIAMConfiguration() *AWSIAMConfiguration

                func (*AWSIAMConfiguration) DeepCopy

                func (in *AWSIAMConfiguration) DeepCopy() *AWSIAMConfiguration

                  DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSIAMConfiguration.

                  func (*AWSIAMConfiguration) DeepCopyInto

                  func (in *AWSIAMConfiguration) DeepCopyInto(out *AWSIAMConfiguration)

                    DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

                    func (*AWSIAMConfiguration) DeepCopyObject

                    func (in *AWSIAMConfiguration) DeepCopyObject() runtime.Object

                      DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

                      func (*AWSIAMConfiguration) GetObjectKind

                      func (obj *AWSIAMConfiguration) GetObjectKind() schema.ObjectKind

                      type AWSIAMConfigurationSpec

                      type AWSIAMConfigurationSpec struct {
                      	// NamePrefix will be prepended to every AWS IAM role, user and policy created by clusterawsadm. Defaults to "".
                      	NamePrefix string `json:"namePrefix,omitempty"`
                      
                      	// NameSuffix will be appended to every AWS IAM role, user and policy created by clusterawsadm. Defaults to
                      	// ".cluster-api-provider-aws.sigs.k8s.io".
                      	NameSuffix *string `json:"nameSuffix,omitempty"`
                      
                      	// ControlPlane controls the configuration of the AWS IAM role for a Kubernetes cluster's control plane nodes.
                      	ControlPlane ControlPlane `json:"controlPlane,omitempty"`
                      
                      	// ClusterAPIControllers controls the configuration of an IAM role and policy specifically for Kubernetes Cluster API Provider AWS.
                      	ClusterAPIControllers ClusterAPIControllers `json:"clusterAPIControllers,omitempty"`
                      
                      	// Nodes controls the configuration of the AWS IAM role for all nodes in a Kubernetes cluster.
                      	Nodes Nodes `json:"nodes,omitempty"`
                      
                      	// BootstrapUser contains a list of elements that is specific
                      	// to the configuration and enablement of an IAM user.
                      	BootstrapUser BootstrapUser `json:"bootstrapUser,omitempty"`
                      
                      	// StackName defines the name of the AWS CloudFormation stack.
                      	StackName string `json:"stackName,omitempty"`
                      
                      	// Region controls which region the control-plane is created in if not specified on the command line or
                      	// via environment variables.
                      	Region string `json:"region,omitempty"`
                      
                      	// EKS controls the configuration related to EKS. Settings in here affect the control plane
                      	// and nodes roles
                      	EKS *EKSConfig `json:"eks,omitempty"`
                      
                      	// SecureSecretsBackend, when set to parameter-store will create AWS Systems Manager
                      	// Parameter Storage policies. By default or with the value of secrets-manager,
                      	// will generate AWS Secrets Manager policies instead.
                      	// +kubebuilder:validation:Enum=secrets-manager;ssm-parameter-store
                      	SecureSecretsBackends []infrav1.SecretBackend `json:"secureSecretBackends,omitempty"`
                      }

                        AWSIAMConfigurationSpec defines the specification of the AWSIAMConfiguration.

                        func (*AWSIAMConfigurationSpec) DeepCopy

                          DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSIAMConfigurationSpec.

                          func (*AWSIAMConfigurationSpec) DeepCopyInto

                          func (in *AWSIAMConfigurationSpec) DeepCopyInto(out *AWSIAMConfigurationSpec)

                            DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

                            type AWSIAMRoleSpec

                            type AWSIAMRoleSpec struct {
                            	// Disable if set to true will not create the AWS IAM role. Defaults to false.
                            	Disable bool `json:"disable"` // default: false
                            
                            	// ExtraPolicyAttachments is a list of additional policies to be attached to the IAM role.
                            	ExtraPolicyAttachments []string `json:"extraPolicyAttachments,omitempty"`
                            
                            	// ExtraStatements are additional IAM statements to be included inline for the role.
                            	ExtraStatements []iamv1.StatementEntry `json:"extraStatements,omitempty"`
                            
                            	// TrustStatements is an IAM PolicyDocument defining what principals are allowed to assume this role.
                            	// See "sigs.k8s.io/cluster-api-provider-aws/cmd/clusterawsadm/api/iam/v1alpha1" for more documentation.
                            	TrustStatements []iamv1.StatementEntry `json:"trustStatements,omitempty"`
                            
                            	// Tags is a map of tags to be applied to the AWS IAM role.
                            	Tags infrav1.Tags `json:"tags,omitempty"`
                            }

                              AWSIAMRoleSpec defines common configuration for AWS IAM roles created by Kubernetes Cluster API Provider AWS

                              func (*AWSIAMRoleSpec) DeepCopy

                              func (in *AWSIAMRoleSpec) DeepCopy() *AWSIAMRoleSpec

                                DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSIAMRoleSpec.

                                func (*AWSIAMRoleSpec) DeepCopyInto

                                func (in *AWSIAMRoleSpec) DeepCopyInto(out *AWSIAMRoleSpec)

                                  DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

                                  type BootstrapUser

                                  type BootstrapUser struct {
                                  
                                  	// Enable controls whether or not a bootstrap AWS IAM user will be created.
                                  	// This can be used to scope down the initial credentials used to bootstrap the
                                  	// cluster.
                                  	// Defaults to false.
                                  	Enable bool `json:"enable"`
                                  
                                  	// UserName controls the username of the bootstrap user. Defaults to
                                  	// "bootstrapper.cluster-api-provider-aws.sigs.k8s.io"
                                  	UserName string `json:"userName,omitempty"`
                                  
                                  	// GroupName controls the group the user will belong to. Defaults to
                                  	// "bootstrapper.cluster-api-provider-aws.sigs.k8s.io"
                                  	GroupName string `json:"groupName,omitempty"`
                                  
                                  	// ExtraPolicyAttachments is a list of additional policies to be attached to the IAM user.
                                  	ExtraPolicyAttachments []string `json:"extraPolicyAttachments,omitempty"`
                                  
                                  	// ExtraGroups is a list of groups to add this user to.
                                  	ExtraGroups []string `json:"extraGroups,omitempty"`
                                  
                                  	// ExtraStatements are additional AWS IAM policy document statements to be included inline for the user.
                                  	ExtraStatements []iamv1.StatementEntry `json:"extraStatements,omitempty"`
                                  
                                  	// Tags is a map of tags to be applied to the AWS IAM user.
                                  	Tags infrav1.Tags `json:"tags,omitempty"`
                                  }

                                    BootstrapUser contains a list of elements that is specific to the configuration and enablement of an IAM user.

                                    func (*BootstrapUser) DeepCopy

                                    func (in *BootstrapUser) DeepCopy() *BootstrapUser

                                      DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new BootstrapUser.

                                      func (*BootstrapUser) DeepCopyInto

                                      func (in *BootstrapUser) DeepCopyInto(out *BootstrapUser)

                                        DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

                                        type ClusterAPIControllers

                                        type ClusterAPIControllers struct {
                                        	AWSIAMRoleSpec `json:",inline"`
                                        	// AllowedEC2InstanceProfiles controls which EC2 roles are allowed to be
                                        	// consumed by Cluster API when creating an ec2 instance. Defaults to
                                        	// *.<suffix>, where suffix is defaulted to .cluster-api-provider-aws.sigs.k8s.io
                                        	AllowedEC2InstanceProfiles []string `json:"allowedEC2InstanceProfiles,omitempty"`
                                        }

                                          ClusterAPIControllers controls the configuration of the AWS IAM role for the Kubernetes Cluster API Provider AWS controller.

                                          func (*ClusterAPIControllers) DeepCopy

                                            DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ClusterAPIControllers.

                                            func (*ClusterAPIControllers) DeepCopyInto

                                            func (in *ClusterAPIControllers) DeepCopyInto(out *ClusterAPIControllers)

                                              DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

                                              type ControlPlane

                                              type ControlPlane struct {
                                              	AWSIAMRoleSpec `json:",inline"`
                                              
                                              	// DisableClusterAPIControllerPolicyAttachment, if set to true, will not attach the AWS IAM policy for Cluster
                                              	// API Provider AWS to the control plane role. Defaults to false.
                                              	DisableClusterAPIControllerPolicyAttachment bool `json:"disableClusterAPIControllerPolicyAttachment,omitempty"`
                                              
                                              	// DisableCloudProviderPolicy if set to true, will not generate and attach the AWS IAM policy for the AWS Cloud Provider.
                                              	DisableCloudProviderPolicy bool `json:"disableCloudProviderPolicy"`
                                              
                                              	// EnableCSIPolicy if set to true, will generate and attach the AWS IAM policy for the EBS CSI Driver.
                                              	EnableCSIPolicy bool `json:"enableCSIPolicy"`
                                              }

                                                ControlPlane controls the configuration of the AWS IAM role for the control plane of provisioned Kubernetes clusters.

                                                func (*ControlPlane) DeepCopy

                                                func (in *ControlPlane) DeepCopy() *ControlPlane

                                                  DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControlPlane.

                                                  func (*ControlPlane) DeepCopyInto

                                                  func (in *ControlPlane) DeepCopyInto(out *ControlPlane)

                                                    DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

                                                    type EKSConfig

                                                    type EKSConfig struct {
                                                    	// Enable controls whether EKS-related permissions are granted
                                                    	Enable bool `json:"enable"`
                                                    	// AllowIAMRoleCreation controls whether the EKS controllers have permissions for creating IAM
                                                    	// roles per cluster
                                                    	AllowIAMRoleCreation bool `json:"iamRoleCreation,omitempty"`
                                                    	// DefaultControlPlaneRole controls the configuration of the AWS IAM role for
                                                    	// the EKS control plane. This is the default role that will be used if
                                                    	// no role is included in the spec and automatic creation of the role
                                                    	// isn't enabled
                                                    	DefaultControlPlaneRole AWSIAMRoleSpec `json:"defaultControlPlaneRole,omitempty"`
                                                    	// ManagedMachinePool controls the configuration of the AWS IAM role for
                                                    	// used by EKS managed machine pools.
                                                    	ManagedMachinePool *AWSIAMRoleSpec `json:"managedMachinePool,omitempty"`
                                                    }

                                                      EKSConfig represents the EKS related configuration config

                                                      func (*EKSConfig) DeepCopy

                                                      func (in *EKSConfig) DeepCopy() *EKSConfig

                                                        DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EKSConfig.

                                                        func (*EKSConfig) DeepCopyInto

                                                        func (in *EKSConfig) DeepCopyInto(out *EKSConfig)

                                                          DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

                                                          type Nodes

                                                          type Nodes struct {
                                                          	AWSIAMRoleSpec `json:",inline"`
                                                          
                                                          	// DisableCloudProviderPolicy if set to true, will not generate and attach the policy for the AWS Cloud Provider.
                                                          	// Defaults to false.
                                                          	DisableCloudProviderPolicy bool `json:"disableCloudProviderPolicy"`
                                                          
                                                          	// EC2ContainerRegistryReadOnly controls whether the node has read-only access to the
                                                          	// EC2 container registry
                                                          	EC2ContainerRegistryReadOnly bool `json:"ec2ContainerRegistryReadOnly"`
                                                          }

                                                            Nodes controls the configuration of the AWS IAM role for worker nodes in a cluster created by Kubernetes Cluster API Provider AWS.

                                                            func (*Nodes) DeepCopy

                                                            func (in *Nodes) DeepCopy() *Nodes

                                                              DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Nodes.

                                                              func (*Nodes) DeepCopyInto

                                                              func (in *Nodes) DeepCopyInto(out *Nodes)

                                                                DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

                                                                Directories

                                                                Path Synopsis