v1alpha4

package
v1.5.5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Apr 5, 2023 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Overview

Package v1alpha4 contains API Schema definitions for the controlplane v1alpha4 API group +kubebuilder:object:generate=true +groupName=controlplane.cluster.x-k8s.io

Index

Constants

View Source 
const (
	// EKSControlPlaneReadyCondition condition reports on the successful reconciliation of eks control plane.
	EKSControlPlaneReadyCondition clusterv1alpha4.ConditionType = "EKSControlPlaneReady"
	// EKSControlPlaneCreatingCondition condition reports on whether the eks
	// control plane is creating.
	EKSControlPlaneCreatingCondition clusterv1alpha4.ConditionType = "EKSControlPlaneCreating"
	// EKSControlPlaneUpdatingCondition condition reports on whether the eks
	// control plane is updating.
	EKSControlPlaneUpdatingCondition clusterv1alpha4.ConditionType = "EKSControlPlaneUpdating"
	// EKSControlPlaneReconciliationFailedReason used to report failures while reconciling EKS control plane.
	EKSControlPlaneReconciliationFailedReason = "EKSControlPlaneReconciliationFailed"
)
View Source 
const (
	// IAMControlPlaneRolesReadyCondition condition reports on the successful reconciliation of eks control plane iam roles.
	IAMControlPlaneRolesReadyCondition clusterv1alpha4.ConditionType = "IAMControlPlaneRolesReady"
	// IAMControlPlaneRolesReconciliationFailedReason used to report failures while reconciling EKS control plane iam roles.
	IAMControlPlaneRolesReconciliationFailedReason = "IAMControlPlaneRolesReconciliationFailed"
)
View Source 
const (
	// IAMAuthenticatorConfiguredCondition condition reports on the successful reconciliation of aws-iam-authenticator config.
	IAMAuthenticatorConfiguredCondition clusterv1alpha4.ConditionType = "IAMAuthenticatorConfigured"
	// IAMAuthenticatorConfigurationFailedReason used to report failures while reconciling the aws-iam-authenticator config.
	IAMAuthenticatorConfigurationFailedReason = "IAMAuthenticatorConfigurationFailed"
)
View Source 
const (
	// EKSAddonsConfiguredCondition condition reports on the successful reconciliation of EKS addons.
	EKSAddonsConfiguredCondition clusterv1alpha4.ConditionType = "EKSAddonsConfigured"
	// EKSAddonsConfiguredFailedReason used to report failures while reconciling the EKS addons.
	EKSAddonsConfiguredFailedReason = "EKSAddonsConfiguredFailed"
)
View Source 
const (
	// EKSIdentityProviderConfiguredCondition condition reports on the successful association of identity provider config.
	EKSIdentityProviderConfiguredCondition clusterv1alpha4.ConditionType = "EKSIdentityProviderConfigured"
	// EKSIdentityProviderConfiguredFailedReason used to report failures while reconciling the identity provider config association.
	EKSIdentityProviderConfiguredFailedReason = "EKSIdentityProviderConfiguredFailed"
)
View Source 
const (
	// ManagedControlPlaneFinalizer allows the controller to clean up resources on delete.
	ManagedControlPlaneFinalizer = "awsmanagedcontrolplane.controlplane.cluster.x-k8s.io"
)
View Source 
const (
	// SecurityGroupCluster is the security group for communication between EKS
	// control plane and managed node groups.
	SecurityGroupCluster = infrav1alpha4.SecurityGroupRole("cluster")
)

Variables

View Source 
var (
	// GroupVersion is group version used to register these objects.
	GroupVersion = schema.GroupVersion{Group: "controlplane.cluster.x-k8s.io", Version: "v1alpha4"}

	// SchemeBuilder is used to add go types to the GroupVersionKind scheme.
	SchemeBuilder = &scheme.Builder{GroupVersion: GroupVersion}

	// AddToScheme adds the types in this group-version to the given scheme.
	AddToScheme = SchemeBuilder.AddToScheme
)
View Source 
var (
	// EKSTokenMethodIAMAuthenticator indicates that IAM autenticator will be used to get a token.
	EKSTokenMethodIAMAuthenticator = EKSTokenMethod("iam-authenticator")

	// EKSTokenMethodAWSCli indicates that the AWS CLI will be used to get a token
	// Version 1.16.156 or greater is required of the AWS CLI.
	EKSTokenMethodAWSCli = EKSTokenMethod("aws-cli")
)
View Source 
var (
	// AddonResolutionOverwrite indicates that if there are parameter conflicts then
	// resolution will be accomplished via overwriting.
	AddonResolutionOverwrite = AddonResolution("overwrite")

	// AddonResolutionNone indicates that if there are parameter conflicts then
	// resolution will not be done and an error will be reported.
	AddonResolutionNone = AddonResolution("none")
)
View Source 
var (
	// AddonStatusCreating is a status to indicate the addon is creating.
	AddonStatusCreating = "creating"

	// AddonStatusActive is a status to indicate the addon is active.
	AddonStatusActive = "active"

	// AddonStatusCreateFailed is a status to indicate the addon failed creation.
	AddonStatusCreateFailed = "create_failed"

	// AddonStatusUpdating is a status to indicate the addon is updating.
	AddonStatusUpdating = "updating"

	// AddonStatusDeleting is a status to indicate the addon is deleting.
	AddonStatusDeleting = "deleting"

	// AddonStatusDeleteFailed is a status to indicate the addon failed deletion.
	AddonStatusDeleteFailed = "delete_failed"

	// AddonStatusDegraded is a status to indicate the addon is in a degraded state.
	AddonStatusDegraded = "degraded"
)
View Source 
var (
	ErrRoleARNRequired  = errors.New("rolearn is required")
	ErrUserARNRequired  = errors.New("userarn is required")
	ErrUserNameRequired = errors.New("username is required")
	ErrGroupsRequired   = errors.New("groups are required")
	ErrIsNotARN         = errors.New("supplied value is not a ARN")
	ErrIsNotRoleARN     = errors.New("supplied ARN is not a role ARN")
	ErrIsNotUserARN     = errors.New("supplied ARN is not a user ARN")
)

Errors for validation of Amazon EKS nodes that are registered with the control plane.

View Source 
var (
	// DefaultEKSControlPlaneRole is the name of the default IAM role to use for the EKS control plane
	// if no other role is supplied in the spec and if iam role creation is not enabled. The default
	// can be created using clusterawsadm or created manually.
	DefaultEKSControlPlaneRole = fmt.Sprintf("eks-controlplane%s", iamv1.DefaultNameSuffix)
)

Functions

func Convert_v1alpha4_APIEndpoint_To_v1beta1_APIEndpoint added in v1.0.0 

func Convert_v1alpha4_APIEndpoint_To_v1beta1_APIEndpoint(in *clusterv1alpha4.APIEndpoint, out *clusterv1.APIEndpoint, s apiconversion.Scope) error

Convert_v1alpha4_APIEndpoint_To_v1beta1_APIEndpoint is a conversion function.

func Convert_v1alpha4_AWSManagedControlPlaneList_To_v1beta1_AWSManagedControlPlaneList added in v1.0.0 

func Convert_v1alpha4_AWSManagedControlPlaneList_To_v1beta1_AWSManagedControlPlaneList(in *AWSManagedControlPlaneList, out *v1beta1.AWSManagedControlPlaneList, s conversion.Scope) error

Convert_v1alpha4_AWSManagedControlPlaneList_To_v1beta1_AWSManagedControlPlaneList is an autogenerated conversion function.

func Convert_v1alpha4_AWSManagedControlPlaneSpec_To_v1beta1_AWSManagedControlPlaneSpec added in v1.0.0 

func Convert_v1alpha4_AWSManagedControlPlaneSpec_To_v1beta1_AWSManagedControlPlaneSpec(in *AWSManagedControlPlaneSpec, out *v1beta1.AWSManagedControlPlaneSpec, s conversion.Scope) error

Convert_v1alpha4_AWSManagedControlPlaneSpec_To_v1beta1_AWSManagedControlPlaneSpec is an autogenerated conversion function.

func Convert_v1alpha4_AWSManagedControlPlaneStatus_To_v1beta1_AWSManagedControlPlaneStatus added in v1.0.0 

func Convert_v1alpha4_AWSManagedControlPlaneStatus_To_v1beta1_AWSManagedControlPlaneStatus(in *AWSManagedControlPlaneStatus, out *v1beta1.AWSManagedControlPlaneStatus, s conversion.Scope) error

Convert_v1alpha4_AWSManagedControlPlaneStatus_To_v1beta1_AWSManagedControlPlaneStatus is an autogenerated conversion function.

func Convert_v1alpha4_AWSManagedControlPlane_To_v1beta1_AWSManagedControlPlane added in v1.0.0 

func Convert_v1alpha4_AWSManagedControlPlane_To_v1beta1_AWSManagedControlPlane(in *AWSManagedControlPlane, out *v1beta1.AWSManagedControlPlane, s conversion.Scope) error

Convert_v1alpha4_AWSManagedControlPlane_To_v1beta1_AWSManagedControlPlane is an autogenerated conversion function.

func Convert_v1alpha4_AddonIssue_To_v1beta1_AddonIssue added in v1.0.0 

func Convert_v1alpha4_AddonIssue_To_v1beta1_AddonIssue(in *AddonIssue, out *v1beta1.AddonIssue, s conversion.Scope) error

Convert_v1alpha4_AddonIssue_To_v1beta1_AddonIssue is an autogenerated conversion function.

func Convert_v1alpha4_AddonState_To_v1beta1_AddonState added in v1.0.0 

func Convert_v1alpha4_AddonState_To_v1beta1_AddonState(in *AddonState, out *v1beta1.AddonState, s conversion.Scope) error

Convert_v1alpha4_AddonState_To_v1beta1_AddonState is an autogenerated conversion function.

func Convert_v1alpha4_Addon_To_v1beta1_Addon added in v1.0.0 

func Convert_v1alpha4_Addon_To_v1beta1_Addon(in *Addon, out *v1beta1.Addon, s conversion.Scope) error

Convert_v1alpha4_Addon_To_v1beta1_Addon is an autogenerated conversion function.

func Convert_v1alpha4_Bastion_To_v1beta1_Bastion added in v1.0.0 

func Convert_v1alpha4_Bastion_To_v1beta1_Bastion(in *infrav1alpha4.Bastion, out *infrav1beta1.Bastion, s apiconversion.Scope) error

Convert_v1alpha4_Bastion_To_v1beta1_Bastion is a generated conversion function.

func Convert_v1alpha4_ControlPlaneLoggingSpec_To_v1beta1_ControlPlaneLoggingSpec added in v1.0.0 

func Convert_v1alpha4_ControlPlaneLoggingSpec_To_v1beta1_ControlPlaneLoggingSpec(in *ControlPlaneLoggingSpec, out *v1beta1.ControlPlaneLoggingSpec, s conversion.Scope) error

Convert_v1alpha4_ControlPlaneLoggingSpec_To_v1beta1_ControlPlaneLoggingSpec is an autogenerated conversion function.

func Convert_v1alpha4_EncryptionConfig_To_v1beta1_EncryptionConfig added in v1.0.0 

func Convert_v1alpha4_EncryptionConfig_To_v1beta1_EncryptionConfig(in *EncryptionConfig, out *v1beta1.EncryptionConfig, s conversion.Scope) error

Convert_v1alpha4_EncryptionConfig_To_v1beta1_EncryptionConfig is an autogenerated conversion function.

func Convert_v1alpha4_EndpointAccess_To_v1beta1_EndpointAccess added in v1.0.0 

func Convert_v1alpha4_EndpointAccess_To_v1beta1_EndpointAccess(in *EndpointAccess, out *v1beta1.EndpointAccess, s conversion.Scope) error

Convert_v1alpha4_EndpointAccess_To_v1beta1_EndpointAccess is an autogenerated conversion function.

func Convert_v1alpha4_IAMAuthenticatorConfig_To_v1beta1_IAMAuthenticatorConfig added in v1.0.0 

func Convert_v1alpha4_IAMAuthenticatorConfig_To_v1beta1_IAMAuthenticatorConfig(in *IAMAuthenticatorConfig, out *v1beta1.IAMAuthenticatorConfig, s conversion.Scope) error

Convert_v1alpha4_IAMAuthenticatorConfig_To_v1beta1_IAMAuthenticatorConfig is an autogenerated conversion function.

func Convert_v1alpha4_IdentityProviderStatus_To_v1beta1_IdentityProviderStatus added in v1.0.0 

func Convert_v1alpha4_IdentityProviderStatus_To_v1beta1_IdentityProviderStatus(in *IdentityProviderStatus, out *v1beta1.IdentityProviderStatus, s conversion.Scope) error

Convert_v1alpha4_IdentityProviderStatus_To_v1beta1_IdentityProviderStatus is an autogenerated conversion function.

func Convert_v1alpha4_Instance_To_v1beta1_Instance added in v1.0.0 

func Convert_v1alpha4_Instance_To_v1beta1_Instance(in *infrav1alpha4.Instance, out *infrav1beta1.Instance, s apiconversion.Scope) error

Convert_v1alpha4_Instance_To_v1beta1_Instance is a conversion function.

func Convert_v1alpha4_KubernetesMapping_To_v1beta1_KubernetesMapping added in v1.0.0 

func Convert_v1alpha4_KubernetesMapping_To_v1beta1_KubernetesMapping(in *KubernetesMapping, out *v1beta1.KubernetesMapping, s conversion.Scope) error

Convert_v1alpha4_KubernetesMapping_To_v1beta1_KubernetesMapping is an autogenerated conversion function.

func Convert_v1alpha4_NetworkSpec_To_v1beta1_NetworkSpec added in v1.0.0 

func Convert_v1alpha4_NetworkSpec_To_v1beta1_NetworkSpec(in *infrav1alpha4.NetworkSpec, out *infrav1beta1.NetworkSpec, s apiconversion.Scope) error

Convert_v1alpha4_NetworkSpec_To_v1beta1_NetworkSpec is a conversion function.

func Convert_v1alpha4_NetworkStatus_To_v1beta1_NetworkStatus added in v1.0.0 

func Convert_v1alpha4_NetworkStatus_To_v1beta1_NetworkStatus(in *infrav1alpha4.NetworkStatus, out *infrav1beta1.NetworkStatus, s apiconversion.Scope) error

Convert_v1alpha4_NetworkStatus_To_v1beta1_NetworkStatus is a conversion function.

func Convert_v1alpha4_OIDCIdentityProviderConfig_To_v1beta1_OIDCIdentityProviderConfig added in v1.0.0 

func Convert_v1alpha4_OIDCIdentityProviderConfig_To_v1beta1_OIDCIdentityProviderConfig(in *OIDCIdentityProviderConfig, out *v1beta1.OIDCIdentityProviderConfig, s conversion.Scope) error

Convert_v1alpha4_OIDCIdentityProviderConfig_To_v1beta1_OIDCIdentityProviderConfig is an autogenerated conversion function.

func Convert_v1alpha4_OIDCProviderStatus_To_v1beta1_OIDCProviderStatus added in v1.0.0 

func Convert_v1alpha4_OIDCProviderStatus_To_v1beta1_OIDCProviderStatus(in *OIDCProviderStatus, out *v1beta1.OIDCProviderStatus, s conversion.Scope) error

Convert_v1alpha4_OIDCProviderStatus_To_v1beta1_OIDCProviderStatus is an autogenerated conversion function.

func Convert_v1alpha4_RoleMapping_To_v1beta1_RoleMapping added in v1.0.0 

func Convert_v1alpha4_RoleMapping_To_v1beta1_RoleMapping(in *RoleMapping, out *v1beta1.RoleMapping, s conversion.Scope) error

Convert_v1alpha4_RoleMapping_To_v1beta1_RoleMapping is an autogenerated conversion function.

func Convert_v1alpha4_UserMapping_To_v1beta1_UserMapping added in v1.0.0 

func Convert_v1alpha4_UserMapping_To_v1beta1_UserMapping(in *UserMapping, out *v1beta1.UserMapping, s conversion.Scope) error

Convert_v1alpha4_UserMapping_To_v1beta1_UserMapping is an autogenerated conversion function.

func Convert_v1beta1_APIEndpoint_To_v1alpha4_APIEndpoint added in v1.0.0 

func Convert_v1beta1_APIEndpoint_To_v1alpha4_APIEndpoint(in *clusterv1.APIEndpoint, out *clusterv1alpha4.APIEndpoint, s apiconversion.Scope) error

Convert_v1beta1_APIEndpoint_To_v1alpha4_APIEndpoint is a conversion function.

func Convert_v1beta1_AWSManagedControlPlaneList_To_v1alpha4_AWSManagedControlPlaneList added in v1.0.0 

func Convert_v1beta1_AWSManagedControlPlaneList_To_v1alpha4_AWSManagedControlPlaneList(in *v1beta1.AWSManagedControlPlaneList, out *AWSManagedControlPlaneList, s conversion.Scope) error

Convert_v1beta1_AWSManagedControlPlaneList_To_v1alpha4_AWSManagedControlPlaneList is an autogenerated conversion function.

func Convert_v1beta1_AWSManagedControlPlaneSpec_To_v1alpha4_AWSManagedControlPlaneSpec added in v1.0.0 

func Convert_v1beta1_AWSManagedControlPlaneSpec_To_v1alpha4_AWSManagedControlPlaneSpec(in *v1beta1.AWSManagedControlPlaneSpec, out *AWSManagedControlPlaneSpec, scope apiconversion.Scope) error

func Convert_v1beta1_AWSManagedControlPlaneStatus_To_v1alpha4_AWSManagedControlPlaneStatus added in v1.0.0 

func Convert_v1beta1_AWSManagedControlPlaneStatus_To_v1alpha4_AWSManagedControlPlaneStatus(in *v1beta1.AWSManagedControlPlaneStatus, out *AWSManagedControlPlaneStatus, s conversion.Scope) error

Convert_v1beta1_AWSManagedControlPlaneStatus_To_v1alpha4_AWSManagedControlPlaneStatus is an autogenerated conversion function.

func Convert_v1beta1_AWSManagedControlPlane_To_v1alpha4_AWSManagedControlPlane added in v1.0.0 

func Convert_v1beta1_AWSManagedControlPlane_To_v1alpha4_AWSManagedControlPlane(in *v1beta1.AWSManagedControlPlane, out *AWSManagedControlPlane, s conversion.Scope) error

Convert_v1beta1_AWSManagedControlPlane_To_v1alpha4_AWSManagedControlPlane is an autogenerated conversion function.

func Convert_v1beta1_AddonIssue_To_v1alpha4_AddonIssue added in v1.0.0 

func Convert_v1beta1_AddonIssue_To_v1alpha4_AddonIssue(in *v1beta1.AddonIssue, out *AddonIssue, s conversion.Scope) error

Convert_v1beta1_AddonIssue_To_v1alpha4_AddonIssue is an autogenerated conversion function.

func Convert_v1beta1_AddonState_To_v1alpha4_AddonState added in v1.0.0 

func Convert_v1beta1_AddonState_To_v1alpha4_AddonState(in *v1beta1.AddonState, out *AddonState, s conversion.Scope) error

Convert_v1beta1_AddonState_To_v1alpha4_AddonState is an autogenerated conversion function.

func Convert_v1beta1_Addon_To_v1alpha4_Addon added in v1.0.0 

func Convert_v1beta1_Addon_To_v1alpha4_Addon(in *v1beta1.Addon, out *Addon, s conversion.Scope) error

Convert_v1beta1_Addon_To_v1alpha4_Addon is an autogenerated conversion function.

func Convert_v1beta1_Bastion_To_v1alpha4_Bastion added in v1.0.0 

func Convert_v1beta1_Bastion_To_v1alpha4_Bastion(in *infrav1beta1.Bastion, out *infrav1alpha4.Bastion, s apiconversion.Scope) error

Convert_v1beta1_Bastion_To_v1alpha4_Bastion is a generated conversion function.

func Convert_v1beta1_ControlPlaneLoggingSpec_To_v1alpha4_ControlPlaneLoggingSpec added in v1.0.0 

func Convert_v1beta1_ControlPlaneLoggingSpec_To_v1alpha4_ControlPlaneLoggingSpec(in *v1beta1.ControlPlaneLoggingSpec, out *ControlPlaneLoggingSpec, s conversion.Scope) error

Convert_v1beta1_ControlPlaneLoggingSpec_To_v1alpha4_ControlPlaneLoggingSpec is an autogenerated conversion function.

func Convert_v1beta1_EncryptionConfig_To_v1alpha4_EncryptionConfig added in v1.0.0 

func Convert_v1beta1_EncryptionConfig_To_v1alpha4_EncryptionConfig(in *v1beta1.EncryptionConfig, out *EncryptionConfig, s conversion.Scope) error

Convert_v1beta1_EncryptionConfig_To_v1alpha4_EncryptionConfig is an autogenerated conversion function.

func Convert_v1beta1_EndpointAccess_To_v1alpha4_EndpointAccess added in v1.0.0 

func Convert_v1beta1_EndpointAccess_To_v1alpha4_EndpointAccess(in *v1beta1.EndpointAccess, out *EndpointAccess, s conversion.Scope) error

Convert_v1beta1_EndpointAccess_To_v1alpha4_EndpointAccess is an autogenerated conversion function.

func Convert_v1beta1_IAMAuthenticatorConfig_To_v1alpha4_IAMAuthenticatorConfig added in v1.0.0 

func Convert_v1beta1_IAMAuthenticatorConfig_To_v1alpha4_IAMAuthenticatorConfig(in *v1beta1.IAMAuthenticatorConfig, out *IAMAuthenticatorConfig, s conversion.Scope) error

Convert_v1beta1_IAMAuthenticatorConfig_To_v1alpha4_IAMAuthenticatorConfig is an autogenerated conversion function.

func Convert_v1beta1_IdentityProviderStatus_To_v1alpha4_IdentityProviderStatus added in v1.0.0 

func Convert_v1beta1_IdentityProviderStatus_To_v1alpha4_IdentityProviderStatus(in *v1beta1.IdentityProviderStatus, out *IdentityProviderStatus, s conversion.Scope) error

Convert_v1beta1_IdentityProviderStatus_To_v1alpha4_IdentityProviderStatus is an autogenerated conversion function.

func Convert_v1beta1_Instance_To_v1alpha4_Instance added in v1.0.0 

func Convert_v1beta1_Instance_To_v1alpha4_Instance(in *infrav1beta1.Instance, out *infrav1alpha4.Instance, s apiconversion.Scope) error

Convert_v1beta1_Instance_To_v1alpha4_Instance is a conversion function.

func Convert_v1beta1_KubernetesMapping_To_v1alpha4_KubernetesMapping added in v1.0.0 

func Convert_v1beta1_KubernetesMapping_To_v1alpha4_KubernetesMapping(in *v1beta1.KubernetesMapping, out *KubernetesMapping, s conversion.Scope) error

Convert_v1beta1_KubernetesMapping_To_v1alpha4_KubernetesMapping is an autogenerated conversion function.

func Convert_v1beta1_NetworkSpec_To_v1alpha4_NetworkSpec added in v1.0.0 

func Convert_v1beta1_NetworkSpec_To_v1alpha4_NetworkSpec(in *infrav1beta1.NetworkSpec, out *infrav1alpha4.NetworkSpec, s apiconversion.Scope) error

Convert_v1beta1_NetworkSpec_To_v1alpha4_NetworkSpec is a generated conversion function.

func Convert_v1beta1_NetworkStatus_To_v1alpha4_NetworkStatus added in v1.0.0 

func Convert_v1beta1_NetworkStatus_To_v1alpha4_NetworkStatus(in *infrav1beta1.NetworkStatus, out *infrav1alpha4.NetworkStatus, s apiconversion.Scope) error

Convert_v1beta1_NetworkStatus_To_v1alpha4_NetworkStatus is a conversion function.

func Convert_v1beta1_OIDCIdentityProviderConfig_To_v1alpha4_OIDCIdentityProviderConfig added in v1.0.0 

func Convert_v1beta1_OIDCIdentityProviderConfig_To_v1alpha4_OIDCIdentityProviderConfig(in *v1beta1.OIDCIdentityProviderConfig, out *OIDCIdentityProviderConfig, s conversion.Scope) error

Convert_v1beta1_OIDCIdentityProviderConfig_To_v1alpha4_OIDCIdentityProviderConfig is an autogenerated conversion function.

func Convert_v1beta1_OIDCProviderStatus_To_v1alpha4_OIDCProviderStatus added in v1.0.0 

func Convert_v1beta1_OIDCProviderStatus_To_v1alpha4_OIDCProviderStatus(in *v1beta1.OIDCProviderStatus, out *OIDCProviderStatus, s conversion.Scope) error

Convert_v1beta1_OIDCProviderStatus_To_v1alpha4_OIDCProviderStatus is an autogenerated conversion function.

func Convert_v1beta1_RoleMapping_To_v1alpha4_RoleMapping added in v1.0.0 

func Convert_v1beta1_RoleMapping_To_v1alpha4_RoleMapping(in *v1beta1.RoleMapping, out *RoleMapping, s conversion.Scope) error

Convert_v1beta1_RoleMapping_To_v1alpha4_RoleMapping is an autogenerated conversion function.

func Convert_v1beta1_UserMapping_To_v1alpha4_UserMapping added in v1.0.0 

func Convert_v1beta1_UserMapping_To_v1alpha4_UserMapping(in *v1beta1.UserMapping, out *UserMapping, s conversion.Scope) error

Convert_v1beta1_UserMapping_To_v1alpha4_UserMapping is an autogenerated conversion function.

func RegisterConversions added in v1.0.0 

func RegisterConversions(s *runtime.Scheme) error

RegisterConversions adds conversion functions to the given scheme. Public to allow building arbitrary schemes.

Types

type AWSManagedControlPlane 

type AWSManagedControlPlane struct {
	metav1.TypeMeta   `json:",inline"`
	metav1.ObjectMeta `json:"metadata,omitempty"`

	Spec   AWSManagedControlPlaneSpec   `json:"spec,omitempty"`
	Status AWSManagedControlPlaneStatus `json:"status,omitempty"`
}

AWSManagedControlPlane is the Schema for the awsmanagedcontrolplanes API

func (*AWSManagedControlPlane) ConvertFrom added in v1.0.0 

func (r *AWSManagedControlPlane) ConvertFrom(srcRaw conversion.Hub) error

ConvertFrom converts the v1beta1 AWSManagedControlPlane receiver to a v1alpha4 AWSManagedControlPlane.

func (*AWSManagedControlPlane) ConvertTo added in v1.0.0 

func (r *AWSManagedControlPlane) ConvertTo(dstRaw conversion.Hub) error

ConvertTo converts the v1alpha4 AWSManagedControlPlane receiver to a v1beta1 AWSManagedControlPlane.

func (*AWSManagedControlPlane) DeepCopy 

func (in *AWSManagedControlPlane) DeepCopy() *AWSManagedControlPlane

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSManagedControlPlane.

func (*AWSManagedControlPlane) DeepCopyInto 

func (in *AWSManagedControlPlane) DeepCopyInto(out *AWSManagedControlPlane)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AWSManagedControlPlane) DeepCopyObject 

func (in *AWSManagedControlPlane) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

func (*AWSManagedControlPlane) GetConditions 

func (r *AWSManagedControlPlane) GetConditions() clusterv1alpha4.Conditions

GetConditions returns the control planes conditions.

func (*AWSManagedControlPlane) SetConditions 

func (r *AWSManagedControlPlane) SetConditions(conditions clusterv1alpha4.Conditions)

SetConditions sets the status conditions for the AWSManagedControlPlane.

type AWSManagedControlPlaneList 

type AWSManagedControlPlaneList struct {
	metav1.TypeMeta `json:",inline"`
	metav1.ListMeta `json:"metadata,omitempty"`
	Items           []AWSManagedControlPlane `json:"items"`
}

AWSManagedControlPlaneList contains a list of AWSManagedControlPlane.

func (*AWSManagedControlPlaneList) ConvertFrom added in v1.0.0 

func (r *AWSManagedControlPlaneList) ConvertFrom(srcRaw conversion.Hub) error

ConvertFrom converts the v1beta1 AWSManagedControlPlaneList receiver to a v1alpha4 AWSManagedControlPlaneList.

func (*AWSManagedControlPlaneList) ConvertTo added in v1.0.0 

func (r *AWSManagedControlPlaneList) ConvertTo(dstRaw conversion.Hub) error

ConvertTo converts the v1alpha4 AWSManagedControlPlaneList receiver to a v1beta1 AWSManagedControlPlaneList.

func (*AWSManagedControlPlaneList) DeepCopy 

func (in *AWSManagedControlPlaneList) DeepCopy() *AWSManagedControlPlaneList

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSManagedControlPlaneList.

func (*AWSManagedControlPlaneList) DeepCopyInto 

func (in *AWSManagedControlPlaneList) DeepCopyInto(out *AWSManagedControlPlaneList)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*AWSManagedControlPlaneList) DeepCopyObject 

func (in *AWSManagedControlPlaneList) DeepCopyObject() runtime.Object

DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object.

type AWSManagedControlPlaneSpec 

type AWSManagedControlPlaneSpec struct {
	// EKSClusterName allows you to specify the name of the EKS cluster in
	// AWS. If you don't specify a name then a default name will be created
	// based on the namespace and name of the managed control plane.
	// +optional
	EKSClusterName string `json:"eksClusterName,omitempty"`

	// IdentityRef is a reference to a identity to be used when reconciling the managed control plane.
	// +optional
	IdentityRef *infrav1alpha4.AWSIdentityReference `json:"identityRef,omitempty"`

	// NetworkSpec encapsulates all things related to AWS network.
	NetworkSpec infrav1alpha4.NetworkSpec `json:"network,omitempty"`

	// SecondaryCidrBlock is the additional CIDR range to use for pod IPs.
	// Must be within the 100.64.0.0/10 or 198.19.0.0/16 range.
	// +optional
	SecondaryCidrBlock *string `json:"secondaryCidrBlock,omitempty"`

	// The AWS Region the cluster lives in.
	Region string `json:"region,omitempty"`

	// SSHKeyName is the name of the ssh key to attach to the bastion host. Valid values are empty string (do not use SSH keys), a valid SSH key name, or omitted (use the default SSH key name)
	// +optional
	SSHKeyName *string `json:"sshKeyName,omitempty"`

	// Version defines the desired Kubernetes version. If no version number
	// is supplied then the latest version of Kubernetes that EKS supports
	// will be used.
	// +kubebuilder:validation:MinLength:=2
	// +kubebuilder:validation:Pattern:=^v(0|[1-9][0-9]*)\.(0|[1-9][0-9]*)\.?$
	// +optional
	Version *string `json:"version,omitempty"`

	// RoleName specifies the name of IAM role that gives EKS
	// permission to make API calls. If the role is pre-existing
	// we will treat it as unmanaged and not delete it on
	// deletion. If the EKSEnableIAM feature flag is true
	// and no name is supplied then a role is created.
	// +kubebuilder:validation:MinLength:=2
	// +optional
	RoleName *string `json:"roleName,omitempty"`

	// RoleAdditionalPolicies allows you to attach additional polices to
	// the control plane role. You must enable the EKSAllowAddRoles
	// feature flag to incorporate these into the created role.
	// +optional
	RoleAdditionalPolicies *[]string `json:"roleAdditionalPolicies,omitempty"`

	// Logging specifies which EKS Cluster logs should be enabled. Entries for
	// each of the enabled logs will be sent to CloudWatch
	// +optional
	Logging *ControlPlaneLoggingSpec `json:"logging,omitempty"`

	// EncryptionConfig specifies the encryption configuration for the cluster
	// +optional
	EncryptionConfig *EncryptionConfig `json:"encryptionConfig,omitempty"`

	// AdditionalTags is an optional set of tags to add to AWS resources managed by the AWS provider, in addition to the
	// ones added by default.
	// +optional
	AdditionalTags infrav1alpha4.Tags `json:"additionalTags,omitempty"`

	// IAMAuthenticatorConfig allows the specification of any additional user or role mappings
	// for use when generating the aws-iam-authenticator configuration. If this is nil the
	// default configuration is still generated for the cluster.
	// +optional
	IAMAuthenticatorConfig *IAMAuthenticatorConfig `json:"iamAuthenticatorConfig,omitempty"`

	// Endpoints specifies access to this cluster's control plane endpoints
	// +optional
	EndpointAccess EndpointAccess `json:"endpointAccess,omitempty"`

	// ControlPlaneEndpoint represents the endpoint used to communicate with the control plane.
	// +optional
	ControlPlaneEndpoint clusterv1alpha4.APIEndpoint `json:"controlPlaneEndpoint"`

	// ImageLookupFormat is the AMI naming format to look up machine images when
	// a machine does not specify an AMI. When set, this will be used for all
	// cluster machines unless a machine specifies a different ImageLookupOrg.
	// Supports substitutions for {{.BaseOS}} and {{.K8sVersion}} with the base
	// OS and kubernetes version, respectively. The BaseOS will be the value in
	// ImageLookupBaseOS or ubuntu (the default), and the kubernetes version as
	// defined by the packages produced by kubernetes/release without v as a
	// prefix: 1.13.0, 1.12.5-mybuild.1, or 1.17.3. For example, the default
	// image format of capa-ami-{{.BaseOS}}-?{{.K8sVersion}}-* will end up
	// searching for AMIs that match the pattern capa-ami-ubuntu-?1.18.0-* for a
	// Machine that is targeting kubernetes v1.18.0 and the ubuntu base OS. See
	// also: https://golang.org/pkg/text/template/
	// +optional
	ImageLookupFormat string `json:"imageLookupFormat,omitempty"`

	// ImageLookupOrg is the AWS Organization ID to look up machine images when a
	// machine does not specify an AMI. When set, this will be used for all
	// cluster machines unless a machine specifies a different ImageLookupOrg.
	// +optional
	ImageLookupOrg string `json:"imageLookupOrg,omitempty"`

	// ImageLookupBaseOS is the name of the base operating system used to look
	// up machine images when a machine does not specify an AMI. When set, this
	// will be used for all cluster machines unless a machine specifies a
	// different ImageLookupBaseOS.
	ImageLookupBaseOS string `json:"imageLookupBaseOS,omitempty"`

	// Bastion contains options to configure the bastion host.
	// +optional
	Bastion infrav1alpha4.Bastion `json:"bastion"`

	// TokenMethod is used to specify the method for obtaining a client token for communicating with EKS
	// iam-authenticator - obtains a client token using iam-authentictor
	// aws-cli - obtains a client token using the AWS CLI
	// Defaults to iam-authenticator
	// +kubebuilder:default=iam-authenticator
	// +kubebuilder:validation:Enum=iam-authenticator;aws-cli
	TokenMethod *EKSTokenMethod `json:"tokenMethod,omitempty"`

	// AssociateOIDCProvider can be enabled to automatically create an identity
	// provider for the controller for use with IAM roles for service accounts
	// +kubebuilder:default=false
	AssociateOIDCProvider bool `json:"associateOIDCProvider,omitempty"`

	// Addons defines the EKS addons to enable with the EKS cluster.
	// +optional
	Addons *[]Addon `json:"addons,omitempty"`

	// IdentityProviderconfig is used to specify the oidc provider config
	// to be attached with this eks cluster
	// +optional
	OIDCIdentityProviderConfig *OIDCIdentityProviderConfig `json:"oidcIdentityProviderConfig,omitempty"`

	// DisableVPCCNI indicates that the Amazon VPC CNI should be disabled. With EKS clusters the
	// Amazon VPC CNI is automatically installed into the cluster. For clusters where you want
	// to use an alternate CNI this option provides a way to specify that the Amazon VPC CNI
	// should be deleted. You cannot set this to true if you are using the
	// Amazon VPC CNI addon.
	// +kubebuilder:default=false
	DisableVPCCNI bool `json:"disableVPCCNI,omitempty"`
}

AWSManagedControlPlaneSpec defines the desired state of AWSManagedControlPlane

func (*AWSManagedControlPlaneSpec) DeepCopy 

func (in *AWSManagedControlPlaneSpec) DeepCopy() *AWSManagedControlPlaneSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSManagedControlPlaneSpec.

func (*AWSManagedControlPlaneSpec) DeepCopyInto 

func (in *AWSManagedControlPlaneSpec) DeepCopyInto(out *AWSManagedControlPlaneSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AWSManagedControlPlaneStatus 

type AWSManagedControlPlaneStatus struct {
	// Networks holds details about the AWS networking resources used by the control plane
	// +optional
	Network infrav1alpha4.NetworkStatus `json:"networkStatus,omitempty"`
	// FailureDomains specifies a list fo available availability zones that can be used
	// +optional
	FailureDomains clusterv1alpha4.FailureDomains `json:"failureDomains,omitempty"`
	// Bastion holds details of the instance that is used as a bastion jump box
	// +optional
	Bastion *infrav1alpha4.Instance `json:"bastion,omitempty"`
	// OIDCProvider holds the status of the identity provider for this cluster
	// +optional
	OIDCProvider OIDCProviderStatus `json:"oidcProvider,omitempty"`
	// ExternalManagedControlPlane indicates to cluster-api that the control plane
	// is managed by an external service such as AKS, EKS, GKE, etc.
	// +kubebuilder:default=true
	ExternalManagedControlPlane *bool `json:"externalManagedControlPlane,omitempty"`
	// Initialized denotes whether or not the control plane has the
	// uploaded kubernetes config-map.
	// +optional
	Initialized bool `json:"initialized"`
	// Ready denotes that the AWSManagedControlPlane API Server is ready to
	// receive requests and that the VPC infra is ready.
	// +kubebuilder:default=false
	Ready bool `json:"ready"`
	// ErrorMessage indicates that there is a terminal problem reconciling the
	// state, and will be set to a descriptive error message.
	// +optional
	FailureMessage *string `json:"failureMessage,omitempty"`
	// Conditions specifies the cpnditions for the managed control plane
	Conditions clusterv1alpha4.Conditions `json:"conditions,omitempty"`
	// Addons holds the current status of the EKS addons
	// +optional
	Addons []AddonState `json:"addons,omitempty"`
	// IdentityProviderStatus holds the status for
	// associated identity provider
	// +optional
	IdentityProviderStatus IdentityProviderStatus `json:"identityProviderStatus,omitempty"`
}

AWSManagedControlPlaneStatus defines the observed state of AWSManagedControlPlane

func (*AWSManagedControlPlaneStatus) DeepCopy 

func (in *AWSManagedControlPlaneStatus) DeepCopy() *AWSManagedControlPlaneStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AWSManagedControlPlaneStatus.

func (*AWSManagedControlPlaneStatus) DeepCopyInto 

func (in *AWSManagedControlPlaneStatus) DeepCopyInto(out *AWSManagedControlPlaneStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type Addon 

type Addon struct {
	// Name is the name of the addon
	// +kubebuilder:validation:MinLength:=2
	// +kubebuilder:validation:Required
	Name string `json:"name"`
	// Version is the version of the addon to use
	Version string `json:"version"`
	// ConflictResolution is used to declare what should happen if there
	// are parameter conflicts. Defaults to none
	// +kubebuilder:default=none
	// +kubebuilder:validation:Enum=overwrite;none
	ConflictResolution *AddonResolution `json:"conflictResolution,omitempty"`
	// ServiceAccountRoleArn is the ARN of an IAM role to bind to the addons service account
	// +optional
	ServiceAccountRoleArn *string `json:"serviceAccountRoleARN,omitempty"`
}

Addon represents a EKS addon

func (*Addon) DeepCopy 

func (in *Addon) DeepCopy() *Addon

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new Addon.

func (*Addon) DeepCopyInto 

func (in *Addon) DeepCopyInto(out *Addon)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AddonIssue 

type AddonIssue struct {
	// Code is the issue code
	Code *string `json:"code,omitempty"`
	// Message is the textual description of the issue
	Message *string `json:"message,omitempty"`
	// ResourceIDs is a list of resource ids for the issue
	ResourceIDs []string `json:"resourceIds,omitempty"`
}

AddonIssue represents an issue with an addon

func (*AddonIssue) DeepCopy 

func (in *AddonIssue) DeepCopy() *AddonIssue

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AddonIssue.

func (*AddonIssue) DeepCopyInto 

func (in *AddonIssue) DeepCopyInto(out *AddonIssue)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AddonResolution 

type AddonResolution string

AddonResolution defines the method for resolving parameter conflicts.

type AddonState 

type AddonState struct {
	// Name is the name of the addon
	Name string `json:"name"`
	// Version is the version of the addon to use
	Version string `json:"version"`
	// ARN is the AWS ARN of the addon
	ARN string `json:"arn"`
	// ServiceAccountRoleArn is the ARN of the IAM role used for the service account
	ServiceAccountRoleArn *string `json:"serviceAccountRoleARN,omitempty"`
	// CreatedAt is the date and time the addon was created at
	CreatedAt metav1.Time `json:"createdAt,omitempty"`
	// ModifiedAt is the date and time the addon was last modified
	ModifiedAt metav1.Time `json:"modifiedAt,omitempty"`
	// Status is the status of the addon
	Status *string `json:"status,omitempty"`
	// Issues is a list of issue associated with the addon
	Issues []AddonIssue `json:"issues,omitempty"`
}

AddonState represents the state of an addon

func (*AddonState) DeepCopy 

func (in *AddonState) DeepCopy() *AddonState

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new AddonState.

func (*AddonState) DeepCopyInto 

func (in *AddonState) DeepCopyInto(out *AddonState)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type AddonStatus 

type AddonStatus string

AddonStatus defines the status for an addon.

type ControlPlaneLoggingSpec 

type ControlPlaneLoggingSpec struct {
	// APIServer indicates if the Kubernetes API Server log (kube-apiserver) shoulkd be enabled
	// +kubebuilder:default=false
	APIServer bool `json:"apiServer"`
	// Audit indicates if the Kubernetes API audit log should be enabled
	// +kubebuilder:default=false
	Audit bool `json:"audit"`
	// Authenticator indicates if the iam authenticator log should be enabled
	// +kubebuilder:default=false
	Authenticator bool `json:"authenticator"`
	// ControllerManager indicates if the controller manager (kube-controller-manager) log should be enabled
	// +kubebuilder:default=false
	ControllerManager bool `json:"controllerManager"`
	// Scheduler indicates if the Kubernetes scheduler (kube-scheduler) log should be enabled
	// +kubebuilder:default=false
	Scheduler bool `json:"scheduler"`
}

ControlPlaneLoggingSpec defines what EKS control plane logs that should be enabled.

func (*ControlPlaneLoggingSpec) DeepCopy 

func (in *ControlPlaneLoggingSpec) DeepCopy() *ControlPlaneLoggingSpec

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new ControlPlaneLoggingSpec.

func (*ControlPlaneLoggingSpec) DeepCopyInto 

func (in *ControlPlaneLoggingSpec) DeepCopyInto(out *ControlPlaneLoggingSpec)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*ControlPlaneLoggingSpec) IsLogEnabled 

func (s *ControlPlaneLoggingSpec) IsLogEnabled(logName string) bool

IsLogEnabled returns true if the log is enabled.

type EKSTokenMethod 

type EKSTokenMethod string

EKSTokenMethod defines the method for obtaining a client token to use when connecting to EKS.

type EncryptionConfig 

type EncryptionConfig struct {
	// Provider specifies the ARN or alias of the CMK (in AWS KMS)
	Provider *string `json:"provider,omitempty"`
	// Resources specifies the resources to be encrypted
	Resources []*string `json:"resources,omitempty"`
}

EncryptionConfig specifies the encryption configuration for the EKS clsuter.

func (*EncryptionConfig) DeepCopy 

func (in *EncryptionConfig) DeepCopy() *EncryptionConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EncryptionConfig.

func (*EncryptionConfig) DeepCopyInto 

func (in *EncryptionConfig) DeepCopyInto(out *EncryptionConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type EndpointAccess 

type EndpointAccess struct {
	// Public controls whether control plane endpoints are publicly accessible
	// +optional
	Public *bool `json:"public,omitempty"`
	// PublicCIDRs specifies which blocks can access the public endpoint
	// +optional
	PublicCIDRs []*string `json:"publicCIDRs,omitempty"`
	// Private points VPC-internal control plane access to the private endpoint
	// +optional
	Private *bool `json:"private,omitempty"`
}

EndpointAccess specifies how control plane endpoints are accessible.

func (*EndpointAccess) DeepCopy 

func (in *EndpointAccess) DeepCopy() *EndpointAccess

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new EndpointAccess.

func (*EndpointAccess) DeepCopyInto 

func (in *EndpointAccess) DeepCopyInto(out *EndpointAccess)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IAMAuthenticatorConfig 

type IAMAuthenticatorConfig struct {
	// RoleMappings is a list of role mappings
	// +optional
	RoleMappings []RoleMapping `json:"mapRoles,omitempty"`
	// UserMappings is a list of user mappings
	// +optional
	UserMappings []UserMapping `json:"mapUsers,omitempty"`
}

IAMAuthenticatorConfig represents an aws-iam-authenticator configuration.

func (*IAMAuthenticatorConfig) DeepCopy 

func (in *IAMAuthenticatorConfig) DeepCopy() *IAMAuthenticatorConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IAMAuthenticatorConfig.

func (*IAMAuthenticatorConfig) DeepCopyInto 

func (in *IAMAuthenticatorConfig) DeepCopyInto(out *IAMAuthenticatorConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type IdentityProviderStatus 

type IdentityProviderStatus struct {
	// ARN holds the ARN of associated identity provider
	ARN string `json:"arn,omitempty"`

	// Status holds current status of associated identity provider
	Status string `json:"status,omitempty"`
}

func (*IdentityProviderStatus) DeepCopy 

func (in *IdentityProviderStatus) DeepCopy() *IdentityProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdentityProviderStatus.

func (*IdentityProviderStatus) DeepCopyInto 

func (in *IdentityProviderStatus) DeepCopyInto(out *IdentityProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type KubernetesMapping 

type KubernetesMapping struct {
	// UserName is a kubernetes RBAC user subject
	UserName string `json:"username"`
	// Groups is a list of kubernetes RBAC groups
	Groups []string `json:"groups"`
}

KubernetesMapping represents the kubernetes RBAC mapping.

func (*KubernetesMapping) DeepCopy 

func (in *KubernetesMapping) DeepCopy() *KubernetesMapping

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new KubernetesMapping.

func (*KubernetesMapping) DeepCopyInto 

func (in *KubernetesMapping) DeepCopyInto(out *KubernetesMapping)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OIDCIdentityProviderConfig 

type OIDCIdentityProviderConfig struct {

	// This is also known as audience. The ID for the client application that makes
	// authentication requests to the OpenID identity provider.
	// +kubebuilder:validation:Required
	ClientID string `json:"clientId,omitempty"`

	// The JWT claim that the provider uses to return your groups.
	// +optional
	GroupsClaim *string `json:"groupsClaim,omitempty"`

	// The prefix that is prepended to group claims to prevent clashes with existing
	// names (such as system: groups). For example, the valueoidc: will create group
	// names like oidc:engineering and oidc:infra.
	// +optional
	GroupsPrefix *string `json:"groupsPrefix,omitempty"`

	// The name of the OIDC provider configuration.
	//
	// IdentityProviderConfigName is a required field
	// +kubebuilder:validation:Required
	IdentityProviderConfigName string `json:"identityProviderConfigName,omitempty"`

	// The URL of the OpenID identity provider that allows the API server to discover
	// public signing keys for verifying tokens. The URL must begin with https://
	// and should correspond to the iss claim in the provider's OIDC ID tokens.
	// Per the OIDC standard, path components are allowed but query parameters are
	// not. Typically the URL consists of only a hostname, like https://server.example.org
	// or https://example.com. This URL should point to the level below .well-known/openid-configuration
	// and must be publicly accessible over the internet.
	//
	// +kubebuilder:validation:Required
	IssuerURL string `json:"issuerUrl,omitempty"`

	// The key value pairs that describe required claims in the identity token.
	// If set, each claim is verified to be present in the token with a matching
	// value. For the maximum number of claims that you can require, see Amazon
	// EKS service quotas (https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html)
	// in the Amazon EKS User Guide.
	// +optional
	RequiredClaims map[string]string `json:"requiredClaims,omitempty"`

	// The JSON Web Token (JWT) claim to use as the username. The default is sub,
	// which is expected to be a unique identifier of the end user. You can choose
	// other claims, such as email or name, depending on the OpenID identity provider.
	// Claims other than email are prefixed with the issuer URL to prevent naming
	// clashes with other plug-ins.
	// +optional
	UsernameClaim *string `json:"usernameClaim,omitempty"`

	// The prefix that is prepended to username claims to prevent clashes with existing
	// names. If you do not provide this field, and username is a value other than
	// email, the prefix defaults to issuerurl#. You can use the value - to disable
	// all prefixing.
	// +optional
	UsernamePrefix *string `json:"usernamePrefix,omitempty"`

	// tags to apply to oidc identity provider association
	// +optional
	Tags infrav1alpha4.Tags `json:"tags,omitempty"`
}

func (*OIDCIdentityProviderConfig) DeepCopy 

func (in *OIDCIdentityProviderConfig) DeepCopy() *OIDCIdentityProviderConfig

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCIdentityProviderConfig.

func (*OIDCIdentityProviderConfig) DeepCopyInto 

func (in *OIDCIdentityProviderConfig) DeepCopyInto(out *OIDCIdentityProviderConfig)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type OIDCProviderStatus 

type OIDCProviderStatus struct {
	// ARN holds the ARN of the provider
	ARN string `json:"arn,omitempty"`
	// TrustPolicy contains the boilerplate IAM trust policy to use for IRSA
	TrustPolicy string `json:"trustPolicy,omitempty"`
}

OIDCProviderStatus holds the status of the AWS OIDC identity provider.

func (*OIDCProviderStatus) DeepCopy 

func (in *OIDCProviderStatus) DeepCopy() *OIDCProviderStatus

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new OIDCProviderStatus.

func (*OIDCProviderStatus) DeepCopyInto 

func (in *OIDCProviderStatus) DeepCopyInto(out *OIDCProviderStatus)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

type RoleMapping 

type RoleMapping struct {
	// RoleARN is the AWS ARN for the role to map
	// +kubebuilder:validation:MinLength:=31
	RoleARN string `json:"rolearn"`
	// KubernetesMapping holds the RBAC details for the mapping
	KubernetesMapping `json:",inline"`
}

RoleMapping represents a mapping from a IAM role to Kubernetes users and groups

func (*RoleMapping) DeepCopy 

func (in *RoleMapping) DeepCopy() *RoleMapping

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new RoleMapping.

func (*RoleMapping) DeepCopyInto 

func (in *RoleMapping) DeepCopyInto(out *RoleMapping)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*RoleMapping) Validate 

func (r *RoleMapping) Validate() []error

Validate will return nil is there are no errors with the role mapping.

type UserMapping 

type UserMapping struct {
	// UserARN is the AWS ARN for the user to map
	// +kubebuilder:validation:MinLength:=31
	UserARN string `json:"userarn"`
	// KubernetesMapping holds the RBAC details for the mapping
	KubernetesMapping `json:",inline"`
}

UserMapping represents a mapping from an IAM user to Kubernetes users and groups

func (*UserMapping) DeepCopy 

func (in *UserMapping) DeepCopy() *UserMapping

DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new UserMapping.

func (*UserMapping) DeepCopyInto 

func (in *UserMapping) DeepCopyInto(out *UserMapping)

DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil.

func (*UserMapping) Validate 

func (u *UserMapping) Validate() []error

Validate will return nil is there are no errors with the user mapping.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.