-
Notifications
You must be signed in to change notification settings - Fork 28
/
user.go
148 lines (140 loc) · 6.65 KB
/
user.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License"). You may
// not use this file except in compliance with the License. A copy of the
// License is located at
//
// http://aws.amazon.com/apache2.0/
//
// or in the "license" file accompanying this file. This file is distributed
// on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
// express or implied. See the License for the specific language governing
// permissions and limitations under the License.
// Code generated by ack-generate. DO NOT EDIT.
package v1alpha1
import (
ackv1alpha1 "github.com/aws-controllers-k8s/runtime/apis/core/v1alpha1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
// UserSpec defines the desired state of User.
//
// Contains information about an IAM user entity.
//
// This data type is used as a response element in the following operations:
//
// - CreateUser
//
// - GetUser
//
// - ListUsers
type UserSpec struct {
InlinePolicies map[string]*string `json:"inlinePolicies,omitempty"`
// The name of the user to create.
//
// IAM user, group, role, and policy names must be unique within the account.
// Names are not distinguished by case. For example, you cannot create resources
// named both "MyResource" and "myresource".
// +kubebuilder:validation:Required
Name *string `json:"name"`
// The path for the user name. For more information about paths, see IAM identifiers
// (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
// in the IAM User Guide.
//
// This parameter is optional. If it is not included, it defaults to a slash
// (/).
//
// This parameter allows (through its regex pattern (http://wikipedia.org/wiki/regex))
// a string of characters consisting of either a forward slash (/) by itself
// or a string that must begin and end with forward slashes. In addition, it
// can contain any ASCII character from the ! (\u0021) through the DEL character
// (\u007F), including most punctuation characters, digits, and upper and lowercased
// letters.
Path *string `json:"path,omitempty"`
// The ARN of the managed policy that is used to set the permissions boundary
// for the user.
//
// A permissions boundary policy defines the maximum permissions that identity-based
// policies can grant to an entity, but does not grant permissions. Permissions
// boundaries do not define the maximum permissions that a resource-based policy
// can grant to an entity. To learn more, see Permissions boundaries for IAM
// entities (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies_boundaries.html)
// in the IAM User Guide.
//
// For more information about policy types, see Policy types (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policy-types)
// in the IAM User Guide.
PermissionsBoundary *string `json:"permissionsBoundary,omitempty"`
PermissionsBoundaryRef *ackv1alpha1.AWSResourceReferenceWrapper `json:"permissionsBoundaryRef,omitempty"`
Policies []*string `json:"policies,omitempty"`
PolicyRefs []*ackv1alpha1.AWSResourceReferenceWrapper `json:"policyRefs,omitempty"`
// A list of tags that you want to attach to the new user. Each tag consists
// of a key name and an associated value. For more information about tagging,
// see Tagging IAM resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
// in the IAM User Guide.
//
// If any one of the tags is invalid or if you exceed the allowed maximum number
// of tags, then the entire request fails and the resource is not created.
Tags []*Tag `json:"tags,omitempty"`
}
// UserStatus defines the observed state of User
type UserStatus struct {
// All CRs managed by ACK have a common `Status.ACKResourceMetadata` member
// that is used to contain resource sync state, account ownership,
// constructed ARN for the resource
// +kubebuilder:validation:Optional
ACKResourceMetadata *ackv1alpha1.ResourceMetadata `json:"ackResourceMetadata"`
// All CRS managed by ACK have a common `Status.Conditions` member that
// contains a collection of `ackv1alpha1.Condition` objects that describe
// the various terminal states of the CR and its backend AWS service API
// resource
// +kubebuilder:validation:Optional
Conditions []*ackv1alpha1.Condition `json:"conditions"`
// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
// when the user was created.
// +kubebuilder:validation:Optional
CreateDate *metav1.Time `json:"createDate,omitempty"`
// The date and time, in ISO 8601 date-time format (http://www.iso.org/iso/iso8601),
// when the user's password was last used to sign in to an Amazon Web Services
// website. For a list of Amazon Web Services websites that capture a user's
// last sign-in time, see the Credential reports (https://docs.aws.amazon.com/IAM/latest/UserGuide/credential-reports.html)
// topic in the IAM User Guide. If a password is used more than once in a five-minute
// span, only the first use is returned in this field. If the field is null
// (no value), then it indicates that they never signed in with a password.
// This can be because:
//
// * The user never had a password.
//
// * A password exists but has not been used since IAM started tracking this
// information on October 20, 2014.
//
// A null value does not mean that the user never had a password. Also, if the
// user does not currently have a password but had one in the past, then this
// field contains the date and time the most recent password was used.
//
// This value is returned only in the GetUser and ListUsers operations.
// +kubebuilder:validation:Optional
PasswordLastUsed *metav1.Time `json:"passwordLastUsed,omitempty"`
// The stable and unique string identifying the user. For more information about
// IDs, see IAM identifiers (https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
// in the IAM User Guide.
// +kubebuilder:validation:Optional
UserID *string `json:"userID,omitempty"`
}
// User is the Schema for the Users API
// +kubebuilder:object:root=true
// +kubebuilder:subresource:status
type User struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec UserSpec `json:"spec,omitempty"`
Status UserStatus `json:"status,omitempty"`
}
// UserList contains a list of User
// +kubebuilder:object:root=true
type UserList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []User `json:"items"`
}
func init() {
SchemeBuilder.Register(&User{}, &UserList{})
}