From e23fd98c6b06972d29e91a4c7427ba0e795393e8 Mon Sep 17 00:00:00 2001 From: Anton Date: Mon, 8 Mar 2021 17:41:19 +0000 Subject: [PATCH 01/26] generated scripts/openshift/terraform.tfstate --- scripts/openshift/terraform.tfstate | 4715 +++++++++++++++++++++++++++ 1 file changed, 4715 insertions(+) create mode 100644 scripts/openshift/terraform.tfstate diff --git a/scripts/openshift/terraform.tfstate b/scripts/openshift/terraform.tfstate new file mode 100644 index 0000000000..dbcf99173a --- /dev/null +++ b/scripts/openshift/terraform.tfstate @@ -0,0 +1,4715 @@ +{ + "version": 4, + "terraform_version": "0.12.20", + "serial": 157, + "lineage": "b688f270-dfa3-56c3-2f39-d8aa137483d1", + "outputs": {}, + "resources": [ + { + "module": "module.masters", + "mode": "data", + "type": "aws_ebs_default_kms_key", + "name": "current", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "2021-03-08 15:13:17.592438 +0000 UTC", + "key_arn": "alias/aws/ebs" + } + } + ] + }, + { + "module": "module.masters", + "mode": "data", + "type": "aws_partition", + "name": "current", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 0, + "attributes": { + "dns_suffix": "amazonaws.com", + "id": "2021-03-08 15:13:17.001278 +0000 UTC", + "partition": "aws" + } + } + ] + }, + { + "module": "module.iam", + "mode": "data", + "type": "aws_partition", + "name": "current", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 0, + "attributes": { + "dns_suffix": "amazonaws.com", + "id": "2021-03-08 15:13:17.001053 +0000 UTC", + "partition": "aws" + } + } + ] + }, + { + "module": "module.dns", + "mode": "data", + "type": "aws_route53_zone", + "name": "public", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "caller_reference": "54CBFE23-8745-8B11-AC46-7D1F07C170D5", + "comment": "", + "id": "Z1BNZ7MGFF9M06", + "linked_service_description": null, + "linked_service_principal": null, + "name": "mongokubernetes.com.", + "name_servers": [ + "ns-1799.awsdns-32.co.uk", + "ns-1232.awsdns-26.org", + "ns-845.awsdns-41.net", + "ns-275.awsdns-34.com" + ], + "private_zone": false, + "resource_record_set_count": 33, + "tags": {}, + "vpc_id": null, + "zone_id": "Z1BNZ7MGFF9M06" + } + } + ] + }, + { + "module": "module.vpc", + "mode": "data", + "type": "aws_subnet", + "name": "private", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-04cda98e80626f47c", + "assign_ipv6_address_on_creation": false, + "availability_zone": "eu-west-3a", + "availability_zone_id": "euw3-az1", + "cidr_block": "10.0.128.0/19", + "default_for_az": false, + "filter": null, + "id": "subnet-04cda98e80626f47c", + "ipv6_cidr_block": null, + "ipv6_cidr_block_association_id": null, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "268558157000", + "state": "available", + "tags": { + "Name": "atlas-operator-mwcdx-private-eu-west-3a", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned", + "kubernetes.io/role/internal-elb": "" + }, + "vpc_id": "vpc-01095835b1df30896" + } + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-0b41b011d2aeb60f0", + "assign_ipv6_address_on_creation": false, + "availability_zone": "eu-west-3b", + "availability_zone_id": "euw3-az2", + "cidr_block": "10.0.160.0/19", + "default_for_az": false, + "filter": null, + "id": "subnet-0b41b011d2aeb60f0", + "ipv6_cidr_block": null, + "ipv6_cidr_block_association_id": null, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "268558157000", + "state": "available", + "tags": { + "Name": "atlas-operator-mwcdx-private-eu-west-3b", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned", + "kubernetes.io/role/internal-elb": "" + }, + "vpc_id": "vpc-01095835b1df30896" + } + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-003e0c57e7faae762", + "assign_ipv6_address_on_creation": false, + "availability_zone": "eu-west-3c", + "availability_zone_id": "euw3-az3", + "cidr_block": "10.0.192.0/19", + "default_for_az": false, + "filter": null, + "id": "subnet-003e0c57e7faae762", + "ipv6_cidr_block": null, + "ipv6_cidr_block_association_id": null, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "268558157000", + "state": "available", + "tags": { + "Name": "atlas-operator-mwcdx-private-eu-west-3c", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned", + "kubernetes.io/role/internal-elb": "" + }, + "vpc_id": "vpc-01095835b1df30896" + } + } + ] + }, + { + "module": "module.vpc", + "mode": "data", + "type": "aws_subnet", + "name": "public", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-0cb32a893e5f9f54f", + "assign_ipv6_address_on_creation": false, + "availability_zone": "eu-west-3a", + "availability_zone_id": "euw3-az1", + "cidr_block": "10.0.0.0/19", + "default_for_az": false, + "filter": null, + "id": "subnet-0cb32a893e5f9f54f", + "ipv6_cidr_block": null, + "ipv6_cidr_block_association_id": null, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "268558157000", + "state": "available", + "tags": { + "Name": "atlas-operator-mwcdx-public-eu-west-3a", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "vpc_id": "vpc-01095835b1df30896" + } + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-0d3eaab42501e7b00", + "assign_ipv6_address_on_creation": false, + "availability_zone": "eu-west-3b", + "availability_zone_id": "euw3-az2", + "cidr_block": "10.0.32.0/19", + "default_for_az": false, + "filter": null, + "id": "subnet-0d3eaab42501e7b00", + "ipv6_cidr_block": null, + "ipv6_cidr_block_association_id": null, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "268558157000", + "state": "available", + "tags": { + "Name": "atlas-operator-mwcdx-public-eu-west-3b", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "vpc_id": "vpc-01095835b1df30896" + } + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-00762966c3511d35c", + "assign_ipv6_address_on_creation": false, + "availability_zone": "eu-west-3c", + "availability_zone_id": "euw3-az3", + "cidr_block": "10.0.64.0/19", + "default_for_az": false, + "filter": null, + "id": "subnet-00762966c3511d35c", + "ipv6_cidr_block": null, + "ipv6_cidr_block_association_id": null, + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "268558157000", + "state": "available", + "tags": { + "Name": "atlas-operator-mwcdx-public-eu-west-3c", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "vpc_id": "vpc-01095835b1df30896" + } + } + ] + }, + { + "module": "module.vpc", + "mode": "data", + "type": "aws_vpc", + "name": "cluster_vpc", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:vpc/vpc-01095835b1df30896", + "cidr_block": "10.0.0.0/16", + "cidr_block_associations": [ + { + "association_id": "vpc-cidr-assoc-013ae704c60b1fb8a", + "cidr_block": "10.0.0.0/16", + "state": "associated" + } + ], + "default": false, + "dhcp_options_id": "dopt-0bd620d1288de8565", + "enable_dns_hostnames": true, + "enable_dns_support": true, + "filter": null, + "id": "vpc-01095835b1df30896", + "instance_tenancy": "default", + "ipv6_association_id": null, + "ipv6_cidr_block": null, + "main_route_table_id": "rtb-002994e3126112764", + "owner_id": "268558157000", + "state": "available", + "tags": { + "Name": "atlas-operator-mwcdx-vpc", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + } + } + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_eip", + "name": "nat_eip", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "allocation_id": null, + "associate_with_private_ip": null, + "association_id": "", + "customer_owned_ip": "", + "customer_owned_ipv4_pool": "", + "domain": "vpc", + "id": "eipalloc-08a166d58ffed8d87", + "instance": "", + "network_interface": "", + "private_dns": null, + "private_ip": "", + "public_dns": "ec2-15-237-134-67.eu-west-3.compute.amazonaws.com", + "public_ip": "15.237.134.67", + "public_ipv4_pool": "amazon", + "tags": { + "Name": "atlas-operator-mwcdx-eip-eu-west-3a", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "timeouts": null, + "vpc": true + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjoxODAwMDAwMDAwMDAsInJlYWQiOjkwMDAwMDAwMDAwMCwidXBkYXRlIjozMDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "allocation_id": null, + "associate_with_private_ip": null, + "association_id": "", + "customer_owned_ip": "", + "customer_owned_ipv4_pool": "", + "domain": "vpc", + "id": "eipalloc-0e4507db846fd55c2", + "instance": "", + "network_interface": "", + "private_dns": null, + "private_ip": "", + "public_dns": "ec2-13-36-86-133.eu-west-3.compute.amazonaws.com", + "public_ip": "13.36.86.133", + "public_ipv4_pool": "amazon", + "tags": { + "Name": "atlas-operator-mwcdx-eip-eu-west-3b", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "timeouts": null, + "vpc": true + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjoxODAwMDAwMDAwMDAsInJlYWQiOjkwMDAwMDAwMDAwMCwidXBkYXRlIjozMDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "allocation_id": null, + "associate_with_private_ip": null, + "association_id": "", + "customer_owned_ip": "", + "customer_owned_ipv4_pool": "", + "domain": "vpc", + "id": "eipalloc-0c0f4d213a758e268", + "instance": "", + "network_interface": "", + "private_dns": null, + "private_ip": "", + "public_dns": "ec2-13-36-23-217.eu-west-3.compute.amazonaws.com", + "public_ip": "13.36.23.217", + "public_ipv4_pool": "amazon", + "tags": { + "Name": "atlas-operator-mwcdx-eip-eu-west-3c", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "timeouts": null, + "vpc": true + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjoxODAwMDAwMDAwMDAsInJlYWQiOjkwMDAwMDAwMDAwMCwidXBkYXRlIjozMDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.masters", + "mode": "managed", + "type": "aws_iam_instance_profile", + "name": "master", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::268558157000:instance-profile/atlas-operator-mwcdx-master-profile", + "create_date": "2021-03-08T15:13:28Z", + "id": "atlas-operator-mwcdx-master-profile", + "name": "atlas-operator-mwcdx-master-profile", + "name_prefix": null, + "path": "/", + "role": "atlas-operator-mwcdx-master-role", + "roles": [], + "unique_id": "AIPAT5B2QITEIUMIN3ZJP" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.masters.aws_iam_role.master_role" + ] + } + ] + }, + { + "module": "module.iam", + "mode": "managed", + "type": "aws_iam_instance_profile", + "name": "worker", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::268558157000:instance-profile/atlas-operator-mwcdx-worker-profile", + "create_date": "2021-03-08T15:13:28Z", + "id": "atlas-operator-mwcdx-worker-profile", + "name": "atlas-operator-mwcdx-worker-profile", + "name_prefix": null, + "path": "/", + "role": "atlas-operator-mwcdx-worker-role", + "roles": [], + "unique_id": "AIPAT5B2QITEPGXDH57CB" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.iam.aws_iam_role.worker_role" + ] + } + ] + }, + { + "module": "module.masters", + "mode": "managed", + "type": "aws_iam_role", + "name": "master_role", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::268558157000:role/atlas-operator-mwcdx-master-role", + "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", + "create_date": "2021-03-08T15:13:27Z", + "description": "", + "force_detach_policies": false, + "id": "atlas-operator-mwcdx-master-role", + "max_session_duration": 3600, + "name": "atlas-operator-mwcdx-master-role", + "name_prefix": null, + "path": "/", + "permissions_boundary": null, + "tags": { + "Name": "atlas-operator-mwcdx-master-role", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "unique_id": "AROAT5B2QITENJ32BMONG" + }, + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.iam", + "mode": "managed", + "type": "aws_iam_role", + "name": "worker_role", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:iam::268558157000:role/atlas-operator-mwcdx-worker-role", + "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", + "create_date": "2021-03-08T15:13:27Z", + "description": "", + "force_detach_policies": false, + "id": "atlas-operator-mwcdx-worker-role", + "max_session_duration": 3600, + "name": "atlas-operator-mwcdx-worker-role", + "name_prefix": null, + "path": "/", + "permissions_boundary": null, + "tags": { + "Name": "atlas-operator-mwcdx-worker-role", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "unique_id": "AROAT5B2QITEAKNQGMM45" + }, + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.masters", + "mode": "managed", + "type": "aws_iam_role_policy", + "name": "master_policy", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "atlas-operator-mwcdx-master-role:atlas-operator-mwcdx-master-policy", + "name": "atlas-operator-mwcdx-master-policy", + "name_prefix": null, + "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:AttachVolume\",\n \"ec2:AuthorizeSecurityGroupIngress\",\n \"ec2:CreateSecurityGroup\",\n \"ec2:CreateTags\",\n \"ec2:CreateVolume\",\n \"ec2:DeleteSecurityGroup\",\n \"ec2:DeleteVolume\",\n \"ec2:Describe*\",\n \"ec2:DetachVolume\",\n \"ec2:ModifyInstanceAttribute\",\n \"ec2:ModifyVolume\",\n \"ec2:RevokeSecurityGroupIngress\",\n \"elasticloadbalancing:AddTags\",\n \"elasticloadbalancing:AttachLoadBalancerToSubnets\",\n \"elasticloadbalancing:ApplySecurityGroupsToLoadBalancer\",\n \"elasticloadbalancing:CreateListener\",\n \"elasticloadbalancing:CreateLoadBalancer\",\n \"elasticloadbalancing:CreateLoadBalancerPolicy\",\n \"elasticloadbalancing:CreateLoadBalancerListeners\",\n \"elasticloadbalancing:CreateTargetGroup\",\n \"elasticloadbalancing:ConfigureHealthCheck\",\n \"elasticloadbalancing:DeleteListener\",\n \"elasticloadbalancing:DeleteLoadBalancer\",\n \"elasticloadbalancing:DeleteLoadBalancerListeners\",\n \"elasticloadbalancing:DeleteTargetGroup\",\n \"elasticloadbalancing:DeregisterInstancesFromLoadBalancer\",\n \"elasticloadbalancing:DeregisterTargets\",\n \"elasticloadbalancing:Describe*\",\n \"elasticloadbalancing:DetachLoadBalancerFromSubnets\",\n \"elasticloadbalancing:ModifyListener\",\n \"elasticloadbalancing:ModifyLoadBalancerAttributes\",\n \"elasticloadbalancing:ModifyTargetGroup\",\n \"elasticloadbalancing:ModifyTargetGroupAttributes\",\n \"elasticloadbalancing:RegisterInstancesWithLoadBalancer\",\n \"elasticloadbalancing:RegisterTargets\",\n \"elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer\",\n \"elasticloadbalancing:SetLoadBalancerPoliciesOfListener\",\n \"kms:DescribeKey\"\n ],\n \"Resource\": \"*\",\n \"Effect\": \"Allow\"\n }\n ]\n}\n", + "role": "atlas-operator-mwcdx-master-role" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.masters.aws_iam_role.master_role" + ] + } + ] + }, + { + "module": "module.iam", + "mode": "managed", + "type": "aws_iam_role_policy", + "name": "worker_policy", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 0, + "attributes": { + "id": "atlas-operator-mwcdx-worker-role:atlas-operator-mwcdx-worker-policy", + "name": "atlas-operator-mwcdx-worker-policy", + "name_prefix": null, + "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeInstances\",\n \"ec2:DescribeRegions\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}\n", + "role": "atlas-operator-mwcdx-worker-role" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.iam.aws_iam_role.worker_role" + ] + } + ] + }, + { + "module": "module.masters", + "mode": "managed", + "type": "aws_instance", + "name": "master", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 1, + "attributes": { + "ami": "ami-038f4ce9ea7ac7191", + "arn": "arn:aws:ec2:eu-west-3:268558157000:instance/i-07b646f442403dffb", + "associate_public_ip_address": false, + "availability_zone": "eu-west-3a", + "cpu_core_count": 2, + "cpu_threads_per_core": 2, + "credit_specification": [ + { + "cpu_credits": "unlimited" + } + ], + "disable_api_termination": false, + "ebs_block_device": [], + "ebs_optimized": false, + "ephemeral_block_device": [], + "get_password_data": false, + "hibernation": false, + "host_id": null, + "iam_instance_profile": "atlas-operator-mwcdx-master-profile", + "id": "i-07b646f442403dffb", + "instance_initiated_shutdown_behavior": null, + "instance_state": "running", + "instance_type": "t3.xlarge", + "ipv6_address_count": 0, + "ipv6_addresses": [], + "key_name": "", + "metadata_options": [ + { + "http_endpoint": "enabled", + "http_put_response_hop_limit": 1, + "http_tokens": "optional" + } + ], + "monitoring": false, + "network_interface": [ + { + "delete_on_termination": false, + "device_index": 0, + "network_interface_id": "eni-046261915d5d98f8d" + } + ], + "network_interface_id": null, + "outpost_arn": "", + "password_data": "", + "placement_group": "", + "primary_network_interface_id": "eni-046261915d5d98f8d", + "private_dns": "ip-10-0-131-42.eu-west-3.compute.internal", + "private_ip": "10.0.131.42", + "public_dns": "", + "public_ip": "", + "root_block_device": [ + { + "delete_on_termination": true, + "device_name": "/dev/xvda", + "encrypted": true, + "iops": 360, + "kms_key_id": "arn:aws:kms:eu-west-3:268558157000:key/35b2789f-5f02-412c-bd97-0e9a9a766580", + "volume_id": "vol-0021e98a1d82c5935", + "volume_size": 120, + "volume_type": "gp2" + } + ], + "security_groups": [], + "source_dest_check": true, + "subnet_id": "subnet-04cda98e80626f47c", + "tags": { + "Name": "atlas-operator-mwcdx-master-0", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "tenancy": "default", + "timeouts": null, + "user_data": "62b58cdcf4d5f46d5e29a54d2fa572e817eb13ca", + "user_data_base64": null, + "volume_tags": { + "Name": "atlas-operator-mwcdx-master-0-vol", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "vpc_security_group_ids": [ + "sg-0c8969cd01ba7b06f" + ] + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "aws_ami_copy.imported", + "module.masters.aws_iam_instance_profile.master", + "module.masters.aws_iam_role.master_role", + "module.masters.aws_network_interface.master", + "module.vpc.aws_security_group.master", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 1, + "schema_version": 1, + "attributes": { + "ami": "ami-038f4ce9ea7ac7191", + "arn": "arn:aws:ec2:eu-west-3:268558157000:instance/i-00b7132b849d40be5", + "associate_public_ip_address": false, + "availability_zone": "eu-west-3b", + "cpu_core_count": 2, + "cpu_threads_per_core": 2, + "credit_specification": [ + { + "cpu_credits": "unlimited" + } + ], + "disable_api_termination": false, + "ebs_block_device": [], + "ebs_optimized": false, + "ephemeral_block_device": [], + "get_password_data": false, + "hibernation": false, + "host_id": null, + "iam_instance_profile": "atlas-operator-mwcdx-master-profile", + "id": "i-00b7132b849d40be5", + "instance_initiated_shutdown_behavior": null, + "instance_state": "running", + "instance_type": "t3.xlarge", + "ipv6_address_count": 0, + "ipv6_addresses": [], + "key_name": "", + "metadata_options": [ + { + "http_endpoint": "enabled", + "http_put_response_hop_limit": 1, + "http_tokens": "optional" + } + ], + "monitoring": false, + "network_interface": [ + { + "delete_on_termination": false, + "device_index": 0, + "network_interface_id": "eni-01bea4d31ca0306a4" + } + ], + "network_interface_id": null, + "outpost_arn": "", + "password_data": "", + "placement_group": "", + "primary_network_interface_id": "eni-01bea4d31ca0306a4", + "private_dns": "ip-10-0-179-76.eu-west-3.compute.internal", + "private_ip": "10.0.179.76", + "public_dns": "", + "public_ip": "", + "root_block_device": [ + { + "delete_on_termination": true, + "device_name": "/dev/xvda", + "encrypted": true, + "iops": 360, + "kms_key_id": "arn:aws:kms:eu-west-3:268558157000:key/35b2789f-5f02-412c-bd97-0e9a9a766580", + "volume_id": "vol-0c75feaebad2d5206", + "volume_size": 120, + "volume_type": "gp2" + } + ], + "security_groups": [], + "source_dest_check": true, + "subnet_id": "subnet-0b41b011d2aeb60f0", + "tags": { + "Name": "atlas-operator-mwcdx-master-1", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "tenancy": "default", + "timeouts": null, + "user_data": "62b58cdcf4d5f46d5e29a54d2fa572e817eb13ca", + "user_data_base64": null, + "volume_tags": { + "Name": "atlas-operator-mwcdx-master-1-vol", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "vpc_security_group_ids": [ + "sg-0c8969cd01ba7b06f" + ] + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "aws_ami_copy.imported", + "module.masters.aws_iam_instance_profile.master", + "module.masters.aws_iam_role.master_role", + "module.masters.aws_network_interface.master", + "module.vpc.aws_security_group.master", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 2, + "schema_version": 1, + "attributes": { + "ami": "ami-038f4ce9ea7ac7191", + "arn": "arn:aws:ec2:eu-west-3:268558157000:instance/i-0af060f77553df4b7", + "associate_public_ip_address": false, + "availability_zone": "eu-west-3c", + "cpu_core_count": 2, + "cpu_threads_per_core": 2, + "credit_specification": [ + { + "cpu_credits": "unlimited" + } + ], + "disable_api_termination": false, + "ebs_block_device": [], + "ebs_optimized": false, + "ephemeral_block_device": [], + "get_password_data": false, + "hibernation": false, + "host_id": null, + "iam_instance_profile": "atlas-operator-mwcdx-master-profile", + "id": "i-0af060f77553df4b7", + "instance_initiated_shutdown_behavior": null, + "instance_state": "running", + "instance_type": "t3.xlarge", + "ipv6_address_count": 0, + "ipv6_addresses": [], + "key_name": "", + "metadata_options": [ + { + "http_endpoint": "enabled", + "http_put_response_hop_limit": 1, + "http_tokens": "optional" + } + ], + "monitoring": false, + "network_interface": [ + { + "delete_on_termination": false, + "device_index": 0, + "network_interface_id": "eni-095a6ba422efe298e" + } + ], + "network_interface_id": null, + "outpost_arn": "", + "password_data": "", + "placement_group": "", + "primary_network_interface_id": "eni-095a6ba422efe298e", + "private_dns": "ip-10-0-205-198.eu-west-3.compute.internal", + "private_ip": "10.0.205.198", + "public_dns": "", + "public_ip": "", + "root_block_device": [ + { + "delete_on_termination": true, + "device_name": "/dev/xvda", + "encrypted": true, + "iops": 360, + "kms_key_id": "arn:aws:kms:eu-west-3:268558157000:key/35b2789f-5f02-412c-bd97-0e9a9a766580", + "volume_id": "vol-0dd62f1b14ad096e9", + "volume_size": 120, + "volume_type": "gp2" + } + ], + "security_groups": [], + "source_dest_check": true, + "subnet_id": "subnet-003e0c57e7faae762", + "tags": { + "Name": "atlas-operator-mwcdx-master-2", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "tenancy": "default", + "timeouts": null, + "user_data": "62b58cdcf4d5f46d5e29a54d2fa572e817eb13ca", + "user_data_base64": null, + "volume_tags": { + "Name": "atlas-operator-mwcdx-master-2-vol", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "vpc_security_group_ids": [ + "sg-0c8969cd01ba7b06f" + ] + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", + "dependencies": [ + "aws_ami_copy.imported", + "module.masters.aws_iam_instance_profile.master", + "module.masters.aws_iam_role.master_role", + "module.masters.aws_network_interface.master", + "module.vpc.aws_security_group.master", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_internet_gateway", + "name": "igw", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:internet-gateway/igw-04c74bb98b637a48c", + "id": "igw-04c74bb98b637a48c", + "owner_id": "268558157000", + "tags": { + "Name": "atlas-operator-mwcdx-igw", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_lb", + "name": "api_external", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "access_logs": [ + { + "bucket": "", + "enabled": false, + "prefix": "" + } + ], + "arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:loadbalancer/net/atlas-operator-mwcdx-ext/0f216ba29b6f3dd8", + "arn_suffix": "net/atlas-operator-mwcdx-ext/0f216ba29b6f3dd8", + "dns_name": "atlas-operator-mwcdx-ext-0f216ba29b6f3dd8.elb.eu-west-3.amazonaws.com", + "drop_invalid_header_fields": null, + "enable_cross_zone_load_balancing": true, + "enable_deletion_protection": false, + "enable_http2": null, + "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:loadbalancer/net/atlas-operator-mwcdx-ext/0f216ba29b6f3dd8", + "idle_timeout": null, + "internal": false, + "ip_address_type": "ipv4", + "load_balancer_type": "network", + "name": "atlas-operator-mwcdx-ext", + "name_prefix": null, + "security_groups": [], + "subnet_mapping": [ + { + "allocation_id": "", + "subnet_id": "subnet-00762966c3511d35c" + }, + { + "allocation_id": "", + "subnet_id": "subnet-0cb32a893e5f9f54f" + }, + { + "allocation_id": "", + "subnet_id": "subnet-0d3eaab42501e7b00" + } + ], + "subnets": [ + "subnet-00762966c3511d35c", + "subnet-0cb32a893e5f9f54f", + "subnet-0d3eaab42501e7b00" + ], + "tags": { + "Name": "atlas-operator-mwcdx-ext", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "timeouts": { + "create": "20m", + "delete": null, + "update": null + }, + "vpc_id": "vpc-01095835b1df30896", + "zone_id": "Z1CMS0P5QUZ6D5" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjYwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_subnet.public_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_lb", + "name": "api_internal", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 0, + "attributes": { + "access_logs": [ + { + "bucket": "", + "enabled": false, + "prefix": "" + } + ], + "arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:loadbalancer/net/atlas-operator-mwcdx-int/d3bc22a211002d2e", + "arn_suffix": "net/atlas-operator-mwcdx-int/d3bc22a211002d2e", + "dns_name": "atlas-operator-mwcdx-int-d3bc22a211002d2e.elb.eu-west-3.amazonaws.com", + "drop_invalid_header_fields": null, + "enable_cross_zone_load_balancing": true, + "enable_deletion_protection": false, + "enable_http2": null, + "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:loadbalancer/net/atlas-operator-mwcdx-int/d3bc22a211002d2e", + "idle_timeout": null, + "internal": true, + "ip_address_type": "ipv4", + "load_balancer_type": "network", + "name": "atlas-operator-mwcdx-int", + "name_prefix": null, + "security_groups": [], + "subnet_mapping": [ + { + "allocation_id": "", + "subnet_id": "subnet-003e0c57e7faae762" + }, + { + "allocation_id": "", + "subnet_id": "subnet-04cda98e80626f47c" + }, + { + "allocation_id": "", + "subnet_id": "subnet-0b41b011d2aeb60f0" + } + ], + "subnets": [ + "subnet-003e0c57e7faae762", + "subnet-04cda98e80626f47c", + "subnet-0b41b011d2aeb60f0" + ], + "tags": { + "Name": "atlas-operator-mwcdx-int", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "timeouts": { + "create": "20m", + "delete": null, + "update": null + }, + "vpc_id": "vpc-01095835b1df30896", + "zone_id": "Z1CMS0P5QUZ6D5" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjYwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9fQ==", + "dependencies": [ + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_lb_listener", + "name": "api_external_api", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:listener/net/atlas-operator-mwcdx-ext/0f216ba29b6f3dd8/e2d9b33e61e7364e", + "certificate_arn": null, + "default_action": [ + { + "authenticate_cognito": [], + "authenticate_oidc": [], + "fixed_response": [], + "forward": [], + "order": 1, + "redirect": [], + "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0", + "type": "forward" + } + ], + "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:listener/net/atlas-operator-mwcdx-ext/0f216ba29b6f3dd8/e2d9b33e61e7364e", + "load_balancer_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:loadbalancer/net/atlas-operator-mwcdx-ext/0f216ba29b6f3dd8", + "port": 6443, + "protocol": "TCP", + "ssl_policy": "", + "timeouts": null + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsicmVhZCI6NjAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_lb.api_external", + "module.vpc.aws_lb_target_group.api_external", + "module.vpc.aws_subnet.public_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_lb_listener", + "name": "api_internal_api", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:listener/net/atlas-operator-mwcdx-int/d3bc22a211002d2e/569afa15e838edb0", + "certificate_arn": null, + "default_action": [ + { + "authenticate_cognito": [], + "authenticate_oidc": [], + "fixed_response": [], + "forward": [], + "order": 1, + "redirect": [], + "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587", + "type": "forward" + } + ], + "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:listener/net/atlas-operator-mwcdx-int/d3bc22a211002d2e/569afa15e838edb0", + "load_balancer_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:loadbalancer/net/atlas-operator-mwcdx-int/d3bc22a211002d2e", + "port": 6443, + "protocol": "TCP", + "ssl_policy": "", + "timeouts": null + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsicmVhZCI6NjAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_lb.api_internal", + "module.vpc.aws_lb_target_group.api_internal", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_lb_listener", + "name": "api_internal_services", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:listener/net/atlas-operator-mwcdx-int/d3bc22a211002d2e/28399bf48274e650", + "certificate_arn": null, + "default_action": [ + { + "authenticate_cognito": [], + "authenticate_oidc": [], + "fixed_response": [], + "forward": [], + "order": 1, + "redirect": [], + "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7", + "type": "forward" + } + ], + "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:listener/net/atlas-operator-mwcdx-int/d3bc22a211002d2e/28399bf48274e650", + "load_balancer_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:loadbalancer/net/atlas-operator-mwcdx-int/d3bc22a211002d2e", + "port": 22623, + "protocol": "TCP", + "ssl_policy": "", + "timeouts": null + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsicmVhZCI6NjAwMDAwMDAwMDAwfX0=", + "dependencies": [ + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_lb.api_internal", + "module.vpc.aws_lb_target_group.services", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_lb_target_group", + "name": "api_external", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0", + "arn_suffix": "targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0", + "deregistration_delay": 300, + "health_check": [ + { + "enabled": true, + "healthy_threshold": 2, + "interval": 10, + "matcher": "200-399", + "path": "/readyz", + "port": "6443", + "protocol": "HTTPS", + "timeout": 10, + "unhealthy_threshold": 2 + } + ], + "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0", + "lambda_multi_value_headers_enabled": false, + "load_balancing_algorithm_type": null, + "name": "atlas-operator-mwcdx-aext", + "name_prefix": null, + "port": 6443, + "protocol": "TCP", + "proxy_protocol_v2": false, + "slow_start": 0, + "stickiness": [], + "tags": { + "Name": "atlas-operator-mwcdx-aext", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "target_type": "ip", + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_lb_target_group", + "name": "api_internal", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587", + "arn_suffix": "targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587", + "deregistration_delay": 300, + "health_check": [ + { + "enabled": true, + "healthy_threshold": 2, + "interval": 10, + "matcher": "200-399", + "path": "/readyz", + "port": "6443", + "protocol": "HTTPS", + "timeout": 10, + "unhealthy_threshold": 2 + } + ], + "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587", + "lambda_multi_value_headers_enabled": false, + "load_balancing_algorithm_type": null, + "name": "atlas-operator-mwcdx-aint", + "name_prefix": null, + "port": 6443, + "protocol": "TCP", + "proxy_protocol_v2": false, + "slow_start": 0, + "stickiness": [], + "tags": { + "Name": "atlas-operator-mwcdx-aint", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "target_type": "ip", + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_lb_target_group", + "name": "services", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 0, + "attributes": { + "arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7", + "arn_suffix": "targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7", + "deregistration_delay": 300, + "health_check": [ + { + "enabled": true, + "healthy_threshold": 2, + "interval": 10, + "matcher": "200-399", + "path": "/healthz", + "port": "22623", + "protocol": "HTTPS", + "timeout": 10, + "unhealthy_threshold": 2 + } + ], + "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7", + "lambda_multi_value_headers_enabled": false, + "load_balancing_algorithm_type": null, + "name": "atlas-operator-mwcdx-sint", + "name_prefix": null, + "port": 22623, + "protocol": "TCP", + "proxy_protocol_v2": false, + "slow_start": 0, + "stickiness": [], + "tags": { + "Name": "atlas-operator-mwcdx-sint", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "target_type": "ip", + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.masters", + "mode": "managed", + "type": "aws_lb_target_group_attachment", + "name": "master", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "availability_zone": null, + "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587-2021030815143087710000000e", + "port": null, + "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587", + "target_id": "10.0.131.42" + }, + "private": "bnVsbA==", + "dependencies": [ + "aws_ami_copy.imported", + "module.masters.aws_iam_instance_profile.master", + "module.masters.aws_iam_role.master_role", + "module.masters.aws_instance.master", + "module.masters.aws_network_interface.master", + "module.vpc.aws_lb_target_group.api_external", + "module.vpc.aws_lb_target_group.api_internal", + "module.vpc.aws_lb_target_group.services", + "module.vpc.aws_security_group.master", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "availability_zone": null, + "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7-20210308151430362100000007", + "port": null, + "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7", + "target_id": "10.0.131.42" + }, + "private": "bnVsbA==", + "dependencies": [ + "aws_ami_copy.imported", + "module.masters.aws_iam_instance_profile.master", + "module.masters.aws_iam_role.master_role", + "module.masters.aws_instance.master", + "module.masters.aws_network_interface.master", + "module.vpc.aws_lb_target_group.api_external", + "module.vpc.aws_lb_target_group.api_internal", + "module.vpc.aws_lb_target_group.services", + "module.vpc.aws_security_group.master", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "availability_zone": null, + "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0-2021030815143088360000000f", + "port": null, + "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0", + "target_id": "10.0.131.42" + }, + "private": "bnVsbA==", + "dependencies": [ + "aws_ami_copy.imported", + "module.masters.aws_iam_instance_profile.master", + "module.masters.aws_iam_role.master_role", + "module.masters.aws_instance.master", + "module.masters.aws_network_interface.master", + "module.vpc.aws_lb_target_group.api_external", + "module.vpc.aws_lb_target_group.api_internal", + "module.vpc.aws_lb_target_group.services", + "module.vpc.aws_security_group.master", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 3, + "schema_version": 0, + "attributes": { + "availability_zone": null, + "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587-2021030815143042010000000b", + "port": null, + "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587", + "target_id": "10.0.179.76" + }, + "private": "bnVsbA==", + "dependencies": [ + "aws_ami_copy.imported", + "module.masters.aws_iam_instance_profile.master", + "module.masters.aws_iam_role.master_role", + "module.masters.aws_instance.master", + "module.masters.aws_network_interface.master", + "module.vpc.aws_lb_target_group.api_external", + "module.vpc.aws_lb_target_group.api_internal", + "module.vpc.aws_lb_target_group.services", + "module.vpc.aws_security_group.master", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 4, + "schema_version": 0, + "attributes": { + "availability_zone": null, + "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7-2021030815143085450000000c", + "port": null, + "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7", + "target_id": "10.0.179.76" + }, + "private": "bnVsbA==", + "dependencies": [ + "aws_ami_copy.imported", + "module.masters.aws_iam_instance_profile.master", + "module.masters.aws_iam_role.master_role", + "module.masters.aws_instance.master", + "module.masters.aws_network_interface.master", + "module.vpc.aws_lb_target_group.api_external", + "module.vpc.aws_lb_target_group.api_internal", + "module.vpc.aws_lb_target_group.services", + "module.vpc.aws_security_group.master", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 5, + "schema_version": 0, + "attributes": { + "availability_zone": null, + "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0-20210308151430362200000008", + "port": null, + "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0", + "target_id": "10.0.179.76" + }, + "private": "bnVsbA==", + "dependencies": [ + "aws_ami_copy.imported", + "module.masters.aws_iam_instance_profile.master", + "module.masters.aws_iam_role.master_role", + "module.masters.aws_instance.master", + "module.masters.aws_network_interface.master", + "module.vpc.aws_lb_target_group.api_external", + "module.vpc.aws_lb_target_group.api_internal", + "module.vpc.aws_lb_target_group.services", + "module.vpc.aws_security_group.master", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 6, + "schema_version": 0, + "attributes": { + "availability_zone": null, + "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587-20210308151430371200000009", + "port": null, + "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587", + "target_id": "10.0.205.198" + }, + "private": "bnVsbA==", + "dependencies": [ + "aws_ami_copy.imported", + "module.masters.aws_iam_instance_profile.master", + "module.masters.aws_iam_role.master_role", + "module.masters.aws_instance.master", + "module.masters.aws_network_interface.master", + "module.vpc.aws_lb_target_group.api_external", + "module.vpc.aws_lb_target_group.api_internal", + "module.vpc.aws_lb_target_group.services", + "module.vpc.aws_security_group.master", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 7, + "schema_version": 0, + "attributes": { + "availability_zone": null, + "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7-2021030815143038650000000a", + "port": null, + "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7", + "target_id": "10.0.205.198" + }, + "private": "bnVsbA==", + "dependencies": [ + "aws_ami_copy.imported", + "module.masters.aws_iam_instance_profile.master", + "module.masters.aws_iam_role.master_role", + "module.masters.aws_instance.master", + "module.masters.aws_network_interface.master", + "module.vpc.aws_lb_target_group.api_external", + "module.vpc.aws_lb_target_group.api_internal", + "module.vpc.aws_lb_target_group.services", + "module.vpc.aws_security_group.master", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 8, + "schema_version": 0, + "attributes": { + "availability_zone": null, + "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0-2021030815143087030000000d", + "port": null, + "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0", + "target_id": "10.0.205.198" + }, + "private": "bnVsbA==", + "dependencies": [ + "aws_ami_copy.imported", + "module.masters.aws_iam_instance_profile.master", + "module.masters.aws_iam_role.master_role", + "module.masters.aws_instance.master", + "module.masters.aws_network_interface.master", + "module.vpc.aws_lb_target_group.api_external", + "module.vpc.aws_lb_target_group.api_internal", + "module.vpc.aws_lb_target_group.services", + "module.vpc.aws_security_group.master", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_main_route_table_association", + "name": "main_vpc_routes", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "rtbassoc-08be935f85ea4c398", + "original_route_table_id": "rtb-06c21506ba85b4119", + "route_table_id": "rtb-002994e3126112764", + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_route_table.default", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_nat_gateway", + "name": "nat_gw", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "allocation_id": "eipalloc-08a166d58ffed8d87", + "id": "nat-0e0bc384c4ae2edf1", + "network_interface_id": "eni-0021af46ba858fc3f", + "private_ip": "10.0.10.57", + "public_ip": "15.237.134.67", + "subnet_id": "subnet-0cb32a893e5f9f54f", + "tags": { + "Name": "atlas-operator-mwcdx-nat-eu-west-3a", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + } + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_eip.nat_eip", + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_subnet.public_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "allocation_id": "eipalloc-0e4507db846fd55c2", + "id": "nat-046d605c291ec708b", + "network_interface_id": "eni-077a0e6b8108daa16", + "private_ip": "10.0.50.42", + "public_ip": "13.36.86.133", + "subnet_id": "subnet-0d3eaab42501e7b00", + "tags": { + "Name": "atlas-operator-mwcdx-nat-eu-west-3b", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + } + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_eip.nat_eip", + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_subnet.public_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "allocation_id": "eipalloc-0c0f4d213a758e268", + "id": "nat-03a00aed849dad830", + "network_interface_id": "eni-0608770490673250e", + "private_ip": "10.0.86.248", + "public_ip": "13.36.23.217", + "subnet_id": "subnet-00762966c3511d35c", + "tags": { + "Name": "atlas-operator-mwcdx-nat-eu-west-3c", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + } + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_eip.nat_eip", + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_subnet.public_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.masters", + "mode": "managed", + "type": "aws_network_interface", + "name": "master", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "attachment": [], + "description": "", + "id": "eni-046261915d5d98f8d", + "mac_address": "06:2d:f8:f9:36:a6", + "outpost_arn": "", + "private_dns_name": "ip-10-0-131-42.eu-west-3.compute.internal", + "private_ip": "10.0.131.42", + "private_ips": [ + "10.0.131.42" + ], + "private_ips_count": 0, + "security_groups": [ + "sg-0c8969cd01ba7b06f" + ], + "source_dest_check": true, + "subnet_id": "subnet-04cda98e80626f47c", + "tags": { + "Name": "atlas-operator-mwcdx-master-0", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + } + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "attachment": [], + "description": "", + "id": "eni-01bea4d31ca0306a4", + "mac_address": "0a:f6:75:18:9d:ba", + "outpost_arn": "", + "private_dns_name": "ip-10-0-179-76.eu-west-3.compute.internal", + "private_ip": "10.0.179.76", + "private_ips": [ + "10.0.179.76" + ], + "private_ips_count": 0, + "security_groups": [ + "sg-0c8969cd01ba7b06f" + ], + "source_dest_check": true, + "subnet_id": "subnet-0b41b011d2aeb60f0", + "tags": { + "Name": "atlas-operator-mwcdx-master-1", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + } + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "attachment": [], + "description": "", + "id": "eni-095a6ba422efe298e", + "mac_address": "0e:71:8e:77:57:d4", + "outpost_arn": "", + "private_dns_name": "ip-10-0-205-198.eu-west-3.compute.internal", + "private_ip": "10.0.205.198", + "private_ips": [ + "10.0.205.198" + ], + "private_ips_count": 0, + "security_groups": [ + "sg-0c8969cd01ba7b06f" + ], + "source_dest_check": true, + "subnet_id": "subnet-003e0c57e7faae762", + "tags": { + "Name": "atlas-operator-mwcdx-master-2", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + } + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_route", + "name": "igw_route", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "destination_cidr_block": "0.0.0.0/0", + "destination_ipv6_cidr_block": null, + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "igw-04c74bb98b637a48c", + "id": "r-rtb-002994e31261127641080289494", + "instance_id": "", + "instance_owner_id": "", + "nat_gateway_id": "", + "network_interface_id": "", + "origin": "CreateRoute", + "route_table_id": "rtb-002994e3126112764", + "state": "active", + "timeouts": { + "create": "20m", + "delete": null + }, + "transit_gateway_id": "", + "vpc_peering_connection_id": "" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjMwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_route_table.default", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_route", + "name": "to_nat_gw", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "destination_cidr_block": "0.0.0.0/0", + "destination_ipv6_cidr_block": null, + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "", + "id": "r-rtb-0c82f432fc12ed6591080289494", + "instance_id": "", + "instance_owner_id": "", + "nat_gateway_id": "nat-0e0bc384c4ae2edf1", + "network_interface_id": "", + "origin": "CreateRoute", + "route_table_id": "rtb-0c82f432fc12ed659", + "state": "active", + "timeouts": { + "create": "20m", + "delete": null + }, + "transit_gateway_id": "", + "vpc_peering_connection_id": "" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjMwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.vpc.aws_eip.nat_eip", + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_nat_gateway.nat_gw", + "module.vpc.aws_route_table.private_routes", + "module.vpc.aws_subnet.public_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "destination_cidr_block": "0.0.0.0/0", + "destination_ipv6_cidr_block": null, + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "", + "id": "r-rtb-002306b7441779c9b1080289494", + "instance_id": "", + "instance_owner_id": "", + "nat_gateway_id": "nat-046d605c291ec708b", + "network_interface_id": "", + "origin": "CreateRoute", + "route_table_id": "rtb-002306b7441779c9b", + "state": "active", + "timeouts": { + "create": "20m", + "delete": null + }, + "transit_gateway_id": "", + "vpc_peering_connection_id": "" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjMwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.vpc.aws_eip.nat_eip", + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_nat_gateway.nat_gw", + "module.vpc.aws_route_table.private_routes", + "module.vpc.aws_subnet.public_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "destination_cidr_block": "0.0.0.0/0", + "destination_ipv6_cidr_block": null, + "destination_prefix_list_id": "", + "egress_only_gateway_id": "", + "gateway_id": "", + "id": "r-rtb-061c71ffef947c4541080289494", + "instance_id": "", + "instance_owner_id": "", + "nat_gateway_id": "nat-03a00aed849dad830", + "network_interface_id": "", + "origin": "CreateRoute", + "route_table_id": "rtb-061c71ffef947c454", + "state": "active", + "timeouts": { + "create": "20m", + "delete": null + }, + "transit_gateway_id": "", + "vpc_peering_connection_id": "" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjMwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.vpc.aws_eip.nat_eip", + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_nat_gateway.nat_gw", + "module.vpc.aws_route_table.private_routes", + "module.vpc.aws_subnet.public_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.dns", + "mode": "managed", + "type": "aws_route53_record", + "name": "api_external_alias", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 2, + "attributes": { + "alias": [ + { + "evaluate_target_health": false, + "name": "atlas-operator-mwcdx-ext-0f216ba29b6f3dd8.elb.eu-west-3.amazonaws.com", + "zone_id": "Z1CMS0P5QUZ6D5" + } + ], + "allow_overwrite": null, + "failover_routing_policy": [], + "fqdn": "api.atlas.operator.mongokubernetes.com", + "geolocation_routing_policy": [], + "health_check_id": null, + "id": "Z1BNZ7MGFF9M06_api.atlas.operator.mongokubernetes.com_A", + "latency_routing_policy": [], + "multivalue_answer_routing_policy": null, + "name": "api.atlas.operator.mongokubernetes.com", + "records": null, + "set_identifier": null, + "ttl": null, + "type": "A", + "weighted_routing_policy": [], + "zone_id": "Z1BNZ7MGFF9M06" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_lb.api_external", + "module.vpc.aws_subnet.public_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.dns", + "mode": "managed", + "type": "aws_route53_record", + "name": "api_external_internal_zone_alias", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 2, + "attributes": { + "alias": [ + { + "evaluate_target_health": false, + "name": "atlas-operator-mwcdx-int-d3bc22a211002d2e.elb.eu-west-3.amazonaws.com", + "zone_id": "Z1CMS0P5QUZ6D5" + } + ], + "allow_overwrite": null, + "failover_routing_policy": [], + "fqdn": "api.atlas.operator.mongokubernetes.com", + "geolocation_routing_policy": [], + "health_check_id": null, + "id": "Z01600711WBJ0YIF3IAM2_api.atlas.operator.mongokubernetes.com_A", + "latency_routing_policy": [], + "multivalue_answer_routing_policy": null, + "name": "api.atlas.operator.mongokubernetes.com", + "records": null, + "set_identifier": null, + "ttl": null, + "type": "A", + "weighted_routing_policy": [], + "zone_id": "Z01600711WBJ0YIF3IAM2" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.dns.aws_route53_record.api_external_alias", + "module.dns.aws_route53_record.api_external_cname", + "module.dns.aws_route53_zone.int", + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_lb.api_external", + "module.vpc.aws_lb.api_internal", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_subnet.public_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.dns", + "mode": "managed", + "type": "aws_route53_record", + "name": "api_internal_alias", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 2, + "attributes": { + "alias": [ + { + "evaluate_target_health": false, + "name": "atlas-operator-mwcdx-int-d3bc22a211002d2e.elb.eu-west-3.amazonaws.com", + "zone_id": "Z1CMS0P5QUZ6D5" + } + ], + "allow_overwrite": null, + "failover_routing_policy": [], + "fqdn": "api-int.atlas.operator.mongokubernetes.com", + "geolocation_routing_policy": [], + "health_check_id": null, + "id": "Z01600711WBJ0YIF3IAM2_api-int.atlas.operator.mongokubernetes.com_A", + "latency_routing_policy": [], + "multivalue_answer_routing_policy": null, + "name": "api-int.atlas.operator.mongokubernetes.com", + "records": null, + "set_identifier": null, + "ttl": null, + "type": "A", + "weighted_routing_policy": [], + "zone_id": "Z01600711WBJ0YIF3IAM2" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.dns.aws_route53_record.api_external_alias", + "module.dns.aws_route53_record.api_external_cname", + "module.dns.aws_route53_zone.int", + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_lb.api_external", + "module.vpc.aws_lb.api_internal", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_subnet.public_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.dns", + "mode": "managed", + "type": "aws_route53_zone", + "name": "int", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 0, + "attributes": { + "comment": "Managed by Terraform", + "delegation_set_id": "", + "force_destroy": true, + "id": "Z01600711WBJ0YIF3IAM2", + "name": "atlas.operator.mongokubernetes.com.", + "name_servers": [ + "ns-0.awsdns-00.com.", + "ns-1024.awsdns-00.org.", + "ns-1536.awsdns-00.co.uk.", + "ns-512.awsdns-00.net." + ], + "tags": { + "Name": "atlas-operator-mwcdx-int", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "vpc": [ + { + "vpc_id": "vpc-01095835b1df30896", + "vpc_region": "eu-west-3" + } + ], + "vpc_id": null, + "vpc_region": null, + "zone_id": "Z01600711WBJ0YIF3IAM2" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.dns.aws_route53_record.api_external_alias", + "module.dns.aws_route53_record.api_external_cname", + "module.vpc.aws_internet_gateway.igw", + "module.vpc.aws_lb.api_external", + "module.vpc.aws_subnet.public_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_route_table", + "name": "default", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "rtb-002994e3126112764", + "owner_id": "268558157000", + "propagating_vgws": [], + "route": [], + "tags": { + "Name": "atlas-operator-mwcdx-public", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_route_table", + "name": "private_routes", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "id": "rtb-0c82f432fc12ed659", + "owner_id": "268558157000", + "propagating_vgws": [], + "route": [], + "tags": { + "Name": "atlas-operator-mwcdx-private-eu-west-3a", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "id": "rtb-002306b7441779c9b", + "owner_id": "268558157000", + "propagating_vgws": [], + "route": [], + "tags": { + "Name": "atlas-operator-mwcdx-private-eu-west-3b", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "id": "rtb-061c71ffef947c454", + "owner_id": "268558157000", + "propagating_vgws": [], + "route": [], + "tags": { + "Name": "atlas-operator-mwcdx-private-eu-west-3c", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_route_table_association", + "name": "private_routing", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "gateway_id": null, + "id": "rtbassoc-0dd724fae88d08586", + "route_table_id": "rtb-0c82f432fc12ed659", + "subnet_id": "subnet-04cda98e80626f47c" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_route_table.private_routes", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "gateway_id": null, + "id": "rtbassoc-00457443939d8fdc8", + "route_table_id": "rtb-002306b7441779c9b", + "subnet_id": "subnet-0b41b011d2aeb60f0" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_route_table.private_routes", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "gateway_id": null, + "id": "rtbassoc-006a0e7f64cc41002", + "route_table_id": "rtb-061c71ffef947c454", + "subnet_id": "subnet-003e0c57e7faae762" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_route_table.private_routes", + "module.vpc.aws_subnet.private_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_route_table_association", + "name": "route_net", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "gateway_id": null, + "id": "rtbassoc-0570dfd355481e887", + "route_table_id": "rtb-002994e3126112764", + "subnet_id": "subnet-0cb32a893e5f9f54f" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_route_table.default", + "module.vpc.aws_subnet.public_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 1, + "schema_version": 0, + "attributes": { + "gateway_id": null, + "id": "rtbassoc-067f3ae275f0c83f3", + "route_table_id": "rtb-002994e3126112764", + "subnet_id": "subnet-0d3eaab42501e7b00" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_route_table.default", + "module.vpc.aws_subnet.public_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 2, + "schema_version": 0, + "attributes": { + "gateway_id": null, + "id": "rtbassoc-00f23081be22498a4", + "route_table_id": "rtb-002994e3126112764", + "subnet_id": "subnet-00762966c3511d35c" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_route_table.default", + "module.vpc.aws_subnet.public_subnet", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group", + "name": "master", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:security-group/sg-0c8969cd01ba7b06f", + "description": "Managed by Terraform", + "egress": [ + { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": "", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "-1", + "security_groups": [], + "self": false, + "to_port": 0 + } + ], + "id": "sg-0c8969cd01ba7b06f", + "ingress": [ + { + "cidr_blocks": [ + "10.0.0.0/16" + ], + "description": "", + "from_port": -1, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "icmp", + "security_groups": [], + "self": false, + "to_port": -1 + }, + { + "cidr_blocks": [ + "10.0.0.0/16" + ], + "description": "", + "from_port": 22623, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 22623 + }, + { + "cidr_blocks": [ + "10.0.0.0/16" + ], + "description": "", + "from_port": 22, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 22 + }, + { + "cidr_blocks": [ + "10.0.0.0/16" + ], + "description": "", + "from_port": 6443, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": false, + "to_port": 6443 + }, + { + "cidr_blocks": [], + "description": "", + "from_port": 0, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "50", + "security_groups": [ + "sg-041315ab2d5d385be" + ], + "self": true, + "to_port": 0 + }, + { + "cidr_blocks": [], + "description": "", + "from_port": 10250, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-041315ab2d5d385be" + ], + "self": true, + "to_port": 10250 + }, + { + "cidr_blocks": [], + "description": "", + "from_port": 10257, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-041315ab2d5d385be" + ], + "self": true, + "to_port": 10257 + }, + { + "cidr_blocks": [], + "description": "", + "from_port": 10259, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-041315ab2d5d385be" + ], + "self": true, + "to_port": 10259 + }, + { + "cidr_blocks": [], + "description": "", + "from_port": 2379, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [], + "self": true, + "to_port": 2380 + }, + { + "cidr_blocks": [], + "description": "", + "from_port": 30000, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-041315ab2d5d385be" + ], + "self": true, + "to_port": 32767 + }, + { + "cidr_blocks": [], + "description": "", + "from_port": 30000, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "udp", + "security_groups": [ + "sg-041315ab2d5d385be" + ], + "self": true, + "to_port": 32767 + }, + { + "cidr_blocks": [], + "description": "", + "from_port": 4500, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "udp", + "security_groups": [ + "sg-041315ab2d5d385be" + ], + "self": true, + "to_port": 4500 + }, + { + "cidr_blocks": [], + "description": "", + "from_port": 4789, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "udp", + "security_groups": [ + "sg-041315ab2d5d385be" + ], + "self": true, + "to_port": 4789 + }, + { + "cidr_blocks": [], + "description": "", + "from_port": 500, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "udp", + "security_groups": [ + "sg-041315ab2d5d385be" + ], + "self": true, + "to_port": 500 + }, + { + "cidr_blocks": [], + "description": "", + "from_port": 6081, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "udp", + "security_groups": [ + "sg-041315ab2d5d385be" + ], + "self": true, + "to_port": 6081 + }, + { + "cidr_blocks": [], + "description": "", + "from_port": 6641, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-041315ab2d5d385be" + ], + "self": true, + "to_port": 6642 + }, + { + "cidr_blocks": [], + "description": "", + "from_port": 9000, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "tcp", + "security_groups": [ + "sg-041315ab2d5d385be" + ], + "self": true, + "to_port": 9999 + }, + { + "cidr_blocks": [], + "description": "", + "from_port": 9000, + "ipv6_cidr_blocks": [], + "prefix_list_ids": [], + "protocol": "udp", + "security_groups": [ + "sg-041315ab2d5d385be" + ], + "self": true, + "to_port": 9999 + } + ], + "name": "terraform-20210308151332450200000002", + "name_prefix": null, + "owner_id": "268558157000", + "revoke_rules_on_delete": false, + "tags": { + "Name": "atlas-operator-mwcdx-master-sg", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "timeouts": { + "create": "20m", + "delete": null + }, + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjYwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group", + "name": "worker", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:security-group/sg-041315ab2d5d385be", + "description": "Managed by Terraform", + "egress": [], + "id": "sg-041315ab2d5d385be", + "ingress": [], + "name": "terraform-20210308151331925100000001", + "name_prefix": null, + "owner_id": "268558157000", + "revoke_rules_on_delete": false, + "tags": { + "Name": "atlas-operator-mwcdx-worker-sg", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "timeouts": { + "create": "20m", + "delete": null + }, + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjYwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_egress", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": null, + "from_port": 0, + "id": "sgrule-1541125736", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "-1", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": null, + "to_port": 0, + "type": "egress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_esp", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 0, + "id": "sgrule-3405530076", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "50", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": true, + "source_security_group_id": null, + "to_port": 0, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_esp_from_worker", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 0, + "id": "sgrule-2591925733", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "50", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": "sg-041315ab2d5d385be", + "to_port": 0, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_etcd", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 2379, + "id": "sgrule-2135001579", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": true, + "source_security_group_id": null, + "to_port": 2380, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_geneve", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 6081, + "id": "sgrule-1995052581", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": true, + "source_security_group_id": null, + "to_port": 6081, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_geneve_from_worker", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 6081, + "id": "sgrule-644608028", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": "sg-041315ab2d5d385be", + "to_port": 6081, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_https", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": [ + "10.0.0.0/16" + ], + "description": null, + "from_port": 6443, + "id": "sgrule-3087092960", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": null, + "to_port": 6443, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_icmp", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": [ + "10.0.0.0/16" + ], + "description": null, + "from_port": -1, + "id": "sgrule-652367452", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "icmp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": null, + "to_port": -1, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_ike", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 500, + "id": "sgrule-3795946560", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": true, + "source_security_group_id": null, + "to_port": 500, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_ike_from_worker", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 500, + "id": "sgrule-2998954617", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": "sg-041315ab2d5d385be", + "to_port": 500, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_ike_nat_t", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 4500, + "id": "sgrule-1105692593", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": true, + "source_security_group_id": null, + "to_port": 4500, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_ike_nat_t_from_worker", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 4500, + "id": "sgrule-291922312", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": "sg-041315ab2d5d385be", + "to_port": 4500, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_internal", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 9000, + "id": "sgrule-2390605683", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": true, + "source_security_group_id": null, + "to_port": 9999, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_internal_from_worker", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 9000, + "id": "sgrule-3741079882", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": "sg-041315ab2d5d385be", + "to_port": 9999, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_internal_from_worker_udp", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 9000, + "id": "sgrule-2057566885", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": "sg-041315ab2d5d385be", + "to_port": 9999, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_internal_udp", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 9000, + "id": "sgrule-706878620", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": true, + "source_security_group_id": null, + "to_port": 9999, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_kube_controller_manager", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 10257, + "id": "sgrule-2490293399", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": true, + "source_security_group_id": null, + "to_port": 10257, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_kube_controller_manager_from_worker", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 10257, + "id": "sgrule-3304012462", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": "sg-041315ab2d5d385be", + "to_port": 10257, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_kube_scheduler", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 10259, + "id": "sgrule-1424144404", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": true, + "source_security_group_id": null, + "to_port": 10259, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_kube_scheduler_from_worker", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 10259, + "id": "sgrule-73621037", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": "sg-041315ab2d5d385be", + "to_port": 10259, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_kubelet_secure", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 10250, + "id": "sgrule-428895734", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": true, + "source_security_group_id": null, + "to_port": 10250, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_kubelet_secure_from_worker", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 10250, + "id": "sgrule-1225886671", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": "sg-041315ab2d5d385be", + "to_port": 10250, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_ovndb", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 6641, + "id": "sgrule-914827436", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": true, + "source_security_group_id": null, + "to_port": 6642, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_ovndb_from_worker", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 6641, + "id": "sgrule-1711722133", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": "sg-041315ab2d5d385be", + "to_port": 6642, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_services_tcp", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 30000, + "id": "sgrule-4202506367", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": true, + "source_security_group_id": null, + "to_port": 32767, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_services_tcp_from_worker", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 30000, + "id": "sgrule-2868694598", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": "sg-041315ab2d5d385be", + "to_port": 32767, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_services_udp", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 30000, + "id": "sgrule-1579322256", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": true, + "source_security_group_id": null, + "to_port": 32767, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_services_udp_from_worker", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 30000, + "id": "sgrule-245591465", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": "sg-041315ab2d5d385be", + "to_port": 32767, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_ssh", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": [ + "10.0.0.0/16" + ], + "description": null, + "from_port": 22, + "id": "sgrule-1830851794", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": null, + "to_port": 22, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_vxlan", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 4789, + "id": "sgrule-4196558621", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": true, + "source_security_group_id": null, + "to_port": 4789, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_ingress_vxlan_from_worker", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 4789, + "id": "sgrule-2862842148", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": "sg-041315ab2d5d385be", + "to_port": 4789, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "master_mcs", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": [ + "10.0.0.0/16" + ], + "description": null, + "from_port": 22623, + "id": "sgrule-4285711353", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-0c8969cd01ba7b06f", + "self": false, + "source_security_group_id": null, + "to_port": 22623, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_egress", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": [ + "0.0.0.0/0" + ], + "description": null, + "from_port": 0, + "id": "sgrule-49364016", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "-1", + "security_group_id": "sg-041315ab2d5d385be", + "self": false, + "source_security_group_id": null, + "to_port": 0, + "type": "egress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_esp", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 0, + "id": "sgrule-1647754409", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "50", + "security_group_id": "sg-041315ab2d5d385be", + "self": true, + "source_security_group_id": null, + "to_port": 0, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_esp_from_master", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 0, + "id": "sgrule-850877072", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "50", + "security_group_id": "sg-041315ab2d5d385be", + "self": false, + "source_security_group_id": "sg-0c8969cd01ba7b06f", + "to_port": 0, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_geneve", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 6081, + "id": "sgrule-1372275507", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-041315ab2d5d385be", + "self": true, + "source_security_group_id": null, + "to_port": 6081, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_geneve_from_master", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 6081, + "id": "sgrule-21669130", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-041315ab2d5d385be", + "self": false, + "source_security_group_id": "sg-0c8969cd01ba7b06f", + "to_port": 6081, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_icmp", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": [ + "10.0.0.0/16" + ], + "description": null, + "from_port": -1, + "id": "sgrule-4073103650", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "icmp", + "security_group_id": "sg-041315ab2d5d385be", + "self": false, + "source_security_group_id": null, + "to_port": -1, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_ike", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 500, + "id": "sgrule-1449069213", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-041315ab2d5d385be", + "self": true, + "source_security_group_id": null, + "to_port": 500, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_ike_from_master", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 500, + "id": "sgrule-115272868", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-041315ab2d5d385be", + "self": false, + "source_security_group_id": "sg-0c8969cd01ba7b06f", + "to_port": 500, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_ike_nat_t", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 4500, + "id": "sgrule-1724306087", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-041315ab2d5d385be", + "self": true, + "source_security_group_id": null, + "to_port": 4500, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_internal", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 9000, + "id": "sgrule-2841438821", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-041315ab2d5d385be", + "self": true, + "source_security_group_id": null, + "to_port": 9999, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_internal_from_master", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 9000, + "id": "sgrule-4192013404", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-041315ab2d5d385be", + "self": false, + "source_security_group_id": "sg-0c8969cd01ba7b06f", + "to_port": 9999, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_internal_from_master_udp", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 9000, + "id": "sgrule-1568845747", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-041315ab2d5d385be", + "self": false, + "source_security_group_id": "sg-0c8969cd01ba7b06f", + "to_port": 9999, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_internal_udp", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 9000, + "id": "sgrule-218319242", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-041315ab2d5d385be", + "self": true, + "source_security_group_id": null, + "to_port": 9999, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_kubelet_insecure", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 10250, + "id": "sgrule-157623860", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-041315ab2d5d385be", + "self": true, + "source_security_group_id": null, + "to_port": 10250, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_kubelet_insecure_from_master", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 10250, + "id": "sgrule-1508163597", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-041315ab2d5d385be", + "self": false, + "source_security_group_id": "sg-0c8969cd01ba7b06f", + "to_port": 10250, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_nat_t_from_master", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 4500, + "id": "sgrule-910636190", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-041315ab2d5d385be", + "self": false, + "source_security_group_id": "sg-0c8969cd01ba7b06f", + "to_port": 4500, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_services_tcp", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 30000, + "id": "sgrule-3934806973", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-041315ab2d5d385be", + "self": true, + "source_security_group_id": null, + "to_port": 32767, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_services_tcp_from_master", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 30000, + "id": "sgrule-3121186180", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-041315ab2d5d385be", + "self": false, + "source_security_group_id": "sg-0c8969cd01ba7b06f", + "to_port": 32767, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_services_udp", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 30000, + "id": "sgrule-1322762322", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-041315ab2d5d385be", + "self": true, + "source_security_group_id": null, + "to_port": 32767, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_services_udp_from_master", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 30000, + "id": "sgrule-508962411", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-041315ab2d5d385be", + "self": false, + "source_security_group_id": "sg-0c8969cd01ba7b06f", + "to_port": 32767, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_ssh", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": [ + "10.0.0.0/16" + ], + "description": null, + "from_port": 22, + "id": "sgrule-3932359237", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "tcp", + "security_group_id": "sg-041315ab2d5d385be", + "self": false, + "source_security_group_id": null, + "to_port": 22, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_vxlan", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 4789, + "id": "sgrule-3707974155", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-041315ab2d5d385be", + "self": true, + "source_security_group_id": null, + "to_port": 4789, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_security_group_rule", + "name": "worker_ingress_vxlan_from_master", + "provider": "provider.aws", + "instances": [ + { + "schema_version": 2, + "attributes": { + "cidr_blocks": null, + "description": null, + "from_port": 4789, + "id": "sgrule-2374161458", + "ipv6_cidr_blocks": null, + "prefix_list_ids": null, + "protocol": "udp", + "security_group_id": "sg-041315ab2d5d385be", + "self": false, + "source_security_group_id": "sg-0c8969cd01ba7b06f", + "to_port": 4789, + "type": "ingress" + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", + "dependencies": [ + "module.vpc.aws_security_group.master", + "module.vpc.aws_security_group.worker", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_subnet", + "name": "private_subnet", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-04cda98e80626f47c", + "assign_ipv6_address_on_creation": false, + "availability_zone": "eu-west-3a", + "availability_zone_id": "euw3-az1", + "cidr_block": "10.0.128.0/19", + "id": "subnet-04cda98e80626f47c", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "268558157000", + "tags": { + "Name": "atlas-operator-mwcdx-private-eu-west-3a", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned", + "kubernetes.io/role/internal-elb": "" + }, + "timeouts": null, + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 1, + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-0b41b011d2aeb60f0", + "assign_ipv6_address_on_creation": false, + "availability_zone": "eu-west-3b", + "availability_zone_id": "euw3-az2", + "cidr_block": "10.0.160.0/19", + "id": "subnet-0b41b011d2aeb60f0", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "268558157000", + "tags": { + "Name": "atlas-operator-mwcdx-private-eu-west-3b", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned", + "kubernetes.io/role/internal-elb": "" + }, + "timeouts": null, + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 2, + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-003e0c57e7faae762", + "assign_ipv6_address_on_creation": false, + "availability_zone": "eu-west-3c", + "availability_zone_id": "euw3-az3", + "cidr_block": "10.0.192.0/19", + "id": "subnet-003e0c57e7faae762", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "268558157000", + "tags": { + "Name": "atlas-operator-mwcdx-private-eu-west-3c", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned", + "kubernetes.io/role/internal-elb": "" + }, + "timeouts": null, + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_subnet", + "name": "public_subnet", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-0cb32a893e5f9f54f", + "assign_ipv6_address_on_creation": false, + "availability_zone": "eu-west-3a", + "availability_zone_id": "euw3-az1", + "cidr_block": "10.0.0.0/19", + "id": "subnet-0cb32a893e5f9f54f", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "268558157000", + "tags": { + "Name": "atlas-operator-mwcdx-public-eu-west-3a", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "timeouts": null, + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 1, + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-0d3eaab42501e7b00", + "assign_ipv6_address_on_creation": false, + "availability_zone": "eu-west-3b", + "availability_zone_id": "euw3-az2", + "cidr_block": "10.0.32.0/19", + "id": "subnet-0d3eaab42501e7b00", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "268558157000", + "tags": { + "Name": "atlas-operator-mwcdx-public-eu-west-3b", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "timeouts": null, + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.vpc.aws_vpc.new_vpc" + ] + }, + { + "index_key": 2, + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-00762966c3511d35c", + "assign_ipv6_address_on_creation": false, + "availability_zone": "eu-west-3c", + "availability_zone_id": "euw3-az3", + "cidr_block": "10.0.64.0/19", + "id": "subnet-00762966c3511d35c", + "ipv6_cidr_block": "", + "ipv6_cidr_block_association_id": "", + "map_public_ip_on_launch": false, + "outpost_arn": "", + "owner_id": "268558157000", + "tags": { + "Name": "atlas-operator-mwcdx-public-eu-west-3c", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "timeouts": null, + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", + "dependencies": [ + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_vpc", + "name": "new_vpc", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 1, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:vpc/vpc-01095835b1df30896", + "assign_generated_ipv6_cidr_block": false, + "cidr_block": "10.0.0.0/16", + "default_network_acl_id": "acl-0ede2dbdf0b4a55dc", + "default_route_table_id": "rtb-002994e3126112764", + "default_security_group_id": "sg-09b5ee4a7c79130e1", + "dhcp_options_id": "dopt-0bd620d1288de8565", + "enable_classiclink": null, + "enable_classiclink_dns_support": null, + "enable_dns_hostnames": true, + "enable_dns_support": true, + "id": "vpc-01095835b1df30896", + "instance_tenancy": "default", + "ipv6_association_id": "", + "ipv6_cidr_block": "", + "main_route_table_id": "rtb-002994e3126112764", + "owner_id": "268558157000", + "tags": { + "Name": "atlas-operator-mwcdx-vpc", + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + } + }, + "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==" + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_vpc_dhcp_options", + "name": "main", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "arn": "arn:aws:ec2:eu-west-3:268558157000:dhcp-options/dopt-0bd620d1288de8565", + "domain_name": "eu-west-3.compute.internal", + "domain_name_servers": [ + "AmazonProvidedDNS" + ], + "id": "dopt-0bd620d1288de8565", + "netbios_name_servers": null, + "netbios_node_type": null, + "ntp_servers": null, + "owner_id": "268558157000", + "tags": { + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + } + }, + "private": "bnVsbA==" + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_vpc_dhcp_options_association", + "name": "main", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "dhcp_options_id": "dopt-0bd620d1288de8565", + "id": "dopt-0bd620d1288de8565-vpc-01095835b1df30896", + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "bnVsbA==", + "dependencies": [ + "module.vpc.aws_vpc.new_vpc", + "module.vpc.aws_vpc_dhcp_options.main" + ] + } + ] + }, + { + "module": "module.vpc", + "mode": "managed", + "type": "aws_vpc_endpoint", + "name": "s3", + "each": "list", + "provider": "provider.aws", + "instances": [ + { + "index_key": 0, + "schema_version": 0, + "attributes": { + "auto_accept": null, + "cidr_blocks": [ + "3.5.224.0/22", + "52.95.154.0/23", + "52.95.156.0/24" + ], + "dns_entry": [], + "id": "vpce-0b5b104ec88bb1a3a", + "network_interface_ids": [], + "owner_id": "268558157000", + "policy": "{\"Statement\":[{\"Action\":\"*\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"*\"}],\"Version\":\"2008-10-17\"}", + "prefix_list_id": "pl-23ad484a", + "private_dns_enabled": false, + "requester_managed": false, + "route_table_ids": [ + "rtb-002306b7441779c9b", + "rtb-002994e3126112764", + "rtb-061c71ffef947c454", + "rtb-0c82f432fc12ed659" + ], + "security_group_ids": [], + "service_name": "com.amazonaws.eu-west-3.s3", + "state": "available", + "subnet_ids": [], + "tags": { + "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" + }, + "timeouts": null, + "vpc_endpoint_type": "Gateway", + "vpc_id": "vpc-01095835b1df30896" + }, + "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", + "dependencies": [ + "module.vpc.aws_route_table.default", + "module.vpc.aws_route_table.private_routes", + "module.vpc.aws_vpc.new_vpc" + ] + } + ] + } + ] +} From 1b9dfe8bfdce6694f3c78fa8e5b665c3fc53dc0d Mon Sep 17 00:00:00 2001 From: antonlisovenko Date: Mon, 8 Mar 2021 17:56:12 +0000 Subject: [PATCH 02/26] CLOUDP-82782: flexible push --- .github/actions/push-files/entrypoint.sh | 56 +- .github/workflows/release-branch.yml | 49 +- scripts/openshift/terraform.tfstate | 4715 ---------------------- 3 files changed, 36 insertions(+), 4784 deletions(-) mode change 100644 => 100755 .github/actions/push-files/entrypoint.sh delete mode 100644 scripts/openshift/terraform.tfstate diff --git a/.github/actions/push-files/entrypoint.sh b/.github/actions/push-files/entrypoint.sh old mode 100644 new mode 100755 index bba1165dd2..6609cbf596 --- a/.github/actions/push-files/entrypoint.sh +++ b/.github/actions/push-files/entrypoint.sh @@ -1,28 +1,36 @@ -#!/bin/sh +#!/bin/bash -#set -eou pipefail +set -xeou pipefail -#commit file to the destination branch +commit_single_file() { + # Commit to the branch + file="$1" + sha=$(git rev-parse "$DESTINATION_BRANCH:$file") || true + content=$(base64 "$file") + message="Pushing $file using GitHub API" -MESSAGE="generated $FILE_TO_COMMIT" -SHA=$(git rev-parse "$DESTINATION_BRANCH:$FILE_TO_COMMIT") -CONTENT=$(base64 "$FILE_TO_COMMIT") -echo "$DESTINATION_BRANCH:$FILE_TO_COMMIT:$SHA" + echo "$DESTINATION_BRANCH:$file:$sha" + if [ "$sha" = "$DESTINATION_BRANCH:$file" ]; then + echo "File does not exist" + gh api --method PUT "/repos/:owner/:repo/contents/$file" \ + --field message="$message" \ + --field content="$content" \ + --field encoding="base64" \ + --field branch="$DESTINATION_BRANCH" + else + echo "File exists" + gh api --method PUT "/repos/:owner/:repo/contents/$file" \ + --field message="$message" \ + --field content="$content" \ + --field encoding="base64" \ + --field branch="$DESTINATION_BRANCH" \ + --field sha="$sha" + fi +} + +# simple 'for loop' does not work correctly, see https://github.com/koalaman/shellcheck/wiki/SC2044#correct-code +while IFS= read -r -d '' file +do + commit_single_file "$file" +done < <(find "${FILE_TO_COMMIT}" -type f -print0) -# Commit to the branch -if [ "$SHA" = "$DESTINATION_BRANCH:$FILE_TO_COMMIT" ]; then - echo "File does not exist" - gh api --method PUT "/repos/:owner/:repo/contents/$FILE_TO_COMMIT" \ - --field message="$MESSAGE" \ - --field content="$CONTENT" \ - --field encoding="base64" \ - --field branch="$DESTINATION_BRANCH" -else - echo "File exists" - gh api --method PUT "/repos/:owner/:repo/contents/$FILE_TO_COMMIT" \ - --field message="$MESSAGE" \ - --field content="$CONTENT" \ - --field encoding="base64" \ - --field branch="$DESTINATION_BRANCH" \ - --field sha="$SHA" -fi diff --git a/.github/workflows/release-branch.yml b/.github/workflows/release-branch.yml index c4bf124971..5fb0587cd4 100644 --- a/.github/workflows/release-branch.yml +++ b/.github/workflows/release-branch.yml @@ -10,6 +10,7 @@ on: description: "Release version:" required: true + jobs: create-release-branch: name: Create Release @@ -25,7 +26,7 @@ jobs: with: fetch-depth: 0 #required for tags - - name: Create all-in-one installation script + - name: Create deploy configurations uses: ./.github/actions/gen-install-scripts with: IMAGE_URL: ${{ env.DOCKER_RELEASE_REPO }}:${{ env.VERSION }} @@ -36,53 +37,11 @@ jobs: git checkout -b "release/${VERSION}" git push origin "release/${VERSION}" - - name: Commit all-in-one - uses: ./.github/actions/push-files - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - FILE_TO_COMMIT: "deploy/all-in-one.yaml" - DESTINATION_BRANCH: "release/${{ env.VERSION }}" - - - name: Commit crd project - uses: ./.github/actions/push-files - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - FILE_TO_COMMIT: "deploy/crds/atlas.mongodb.com_atlasprojects.yaml" - DESTINATION_BRANCH: "release/${{ env.VERSION }}" - - - name: Commit crd cluster - uses: ./.github/actions/push-files - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - FILE_TO_COMMIT: "deploy/crds/atlas.mongodb.com_atlasclusters.yaml" - DESTINATION_BRANCH: "release/${{ env.VERSION }}" - - - name: Commit namespaced crds - uses: ./.github/actions/push-files - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - FILE_TO_COMMIT: "deploy/namespaced/crds.yaml" - DESTINATION_BRANCH: "release/${{ env.VERSION }}" - - - name: Commit namespaced config - uses: ./.github/actions/push-files - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - FILE_TO_COMMIT: "deploy/namespaced/namespaced-config.yaml" - DESTINATION_BRANCH: "release/${{ env.VERSION }}" - - - name: Commit clusterwide crds - uses: ./.github/actions/push-files - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - FILE_TO_COMMIT: "deploy/clusterwide/crds.yaml" - DESTINATION_BRANCH: "release/${{ env.VERSION }}" - - - name: Commit clusterwide config + - name: Commit deploy directory uses: ./.github/actions/push-files env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - FILE_TO_COMMIT: "deploy/clusterwide/clusterwide-config.yaml" + FILE_TO_COMMIT: "deploy" DESTINATION_BRANCH: "release/${{ env.VERSION }}" - name: Create PR diff --git a/scripts/openshift/terraform.tfstate b/scripts/openshift/terraform.tfstate deleted file mode 100644 index dbcf99173a..0000000000 --- a/scripts/openshift/terraform.tfstate +++ /dev/null @@ -1,4715 +0,0 @@ -{ - "version": 4, - "terraform_version": "0.12.20", - "serial": 157, - "lineage": "b688f270-dfa3-56c3-2f39-d8aa137483d1", - "outputs": {}, - "resources": [ - { - "module": "module.masters", - "mode": "data", - "type": "aws_ebs_default_kms_key", - "name": "current", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 0, - "attributes": { - "id": "2021-03-08 15:13:17.592438 +0000 UTC", - "key_arn": "alias/aws/ebs" - } - } - ] - }, - { - "module": "module.masters", - "mode": "data", - "type": "aws_partition", - "name": "current", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 0, - "attributes": { - "dns_suffix": "amazonaws.com", - "id": "2021-03-08 15:13:17.001278 +0000 UTC", - "partition": "aws" - } - } - ] - }, - { - "module": "module.iam", - "mode": "data", - "type": "aws_partition", - "name": "current", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 0, - "attributes": { - "dns_suffix": "amazonaws.com", - "id": "2021-03-08 15:13:17.001053 +0000 UTC", - "partition": "aws" - } - } - ] - }, - { - "module": "module.dns", - "mode": "data", - "type": "aws_route53_zone", - "name": "public", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "caller_reference": "54CBFE23-8745-8B11-AC46-7D1F07C170D5", - "comment": "", - "id": "Z1BNZ7MGFF9M06", - "linked_service_description": null, - "linked_service_principal": null, - "name": "mongokubernetes.com.", - "name_servers": [ - "ns-1799.awsdns-32.co.uk", - "ns-1232.awsdns-26.org", - "ns-845.awsdns-41.net", - "ns-275.awsdns-34.com" - ], - "private_zone": false, - "resource_record_set_count": 33, - "tags": {}, - "vpc_id": null, - "zone_id": "Z1BNZ7MGFF9M06" - } - } - ] - }, - { - "module": "module.vpc", - "mode": "data", - "type": "aws_subnet", - "name": "private", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-04cda98e80626f47c", - "assign_ipv6_address_on_creation": false, - "availability_zone": "eu-west-3a", - "availability_zone_id": "euw3-az1", - "cidr_block": "10.0.128.0/19", - "default_for_az": false, - "filter": null, - "id": "subnet-04cda98e80626f47c", - "ipv6_cidr_block": null, - "ipv6_cidr_block_association_id": null, - "map_public_ip_on_launch": false, - "outpost_arn": "", - "owner_id": "268558157000", - "state": "available", - "tags": { - "Name": "atlas-operator-mwcdx-private-eu-west-3a", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned", - "kubernetes.io/role/internal-elb": "" - }, - "vpc_id": "vpc-01095835b1df30896" - } - }, - { - "index_key": 1, - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-0b41b011d2aeb60f0", - "assign_ipv6_address_on_creation": false, - "availability_zone": "eu-west-3b", - "availability_zone_id": "euw3-az2", - "cidr_block": "10.0.160.0/19", - "default_for_az": false, - "filter": null, - "id": "subnet-0b41b011d2aeb60f0", - "ipv6_cidr_block": null, - "ipv6_cidr_block_association_id": null, - "map_public_ip_on_launch": false, - "outpost_arn": "", - "owner_id": "268558157000", - "state": "available", - "tags": { - "Name": "atlas-operator-mwcdx-private-eu-west-3b", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned", - "kubernetes.io/role/internal-elb": "" - }, - "vpc_id": "vpc-01095835b1df30896" - } - }, - { - "index_key": 2, - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-003e0c57e7faae762", - "assign_ipv6_address_on_creation": false, - "availability_zone": "eu-west-3c", - "availability_zone_id": "euw3-az3", - "cidr_block": "10.0.192.0/19", - "default_for_az": false, - "filter": null, - "id": "subnet-003e0c57e7faae762", - "ipv6_cidr_block": null, - "ipv6_cidr_block_association_id": null, - "map_public_ip_on_launch": false, - "outpost_arn": "", - "owner_id": "268558157000", - "state": "available", - "tags": { - "Name": "atlas-operator-mwcdx-private-eu-west-3c", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned", - "kubernetes.io/role/internal-elb": "" - }, - "vpc_id": "vpc-01095835b1df30896" - } - } - ] - }, - { - "module": "module.vpc", - "mode": "data", - "type": "aws_subnet", - "name": "public", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-0cb32a893e5f9f54f", - "assign_ipv6_address_on_creation": false, - "availability_zone": "eu-west-3a", - "availability_zone_id": "euw3-az1", - "cidr_block": "10.0.0.0/19", - "default_for_az": false, - "filter": null, - "id": "subnet-0cb32a893e5f9f54f", - "ipv6_cidr_block": null, - "ipv6_cidr_block_association_id": null, - "map_public_ip_on_launch": false, - "outpost_arn": "", - "owner_id": "268558157000", - "state": "available", - "tags": { - "Name": "atlas-operator-mwcdx-public-eu-west-3a", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "vpc_id": "vpc-01095835b1df30896" - } - }, - { - "index_key": 1, - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-0d3eaab42501e7b00", - "assign_ipv6_address_on_creation": false, - "availability_zone": "eu-west-3b", - "availability_zone_id": "euw3-az2", - "cidr_block": "10.0.32.0/19", - "default_for_az": false, - "filter": null, - "id": "subnet-0d3eaab42501e7b00", - "ipv6_cidr_block": null, - "ipv6_cidr_block_association_id": null, - "map_public_ip_on_launch": false, - "outpost_arn": "", - "owner_id": "268558157000", - "state": "available", - "tags": { - "Name": "atlas-operator-mwcdx-public-eu-west-3b", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "vpc_id": "vpc-01095835b1df30896" - } - }, - { - "index_key": 2, - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-00762966c3511d35c", - "assign_ipv6_address_on_creation": false, - "availability_zone": "eu-west-3c", - "availability_zone_id": "euw3-az3", - "cidr_block": "10.0.64.0/19", - "default_for_az": false, - "filter": null, - "id": "subnet-00762966c3511d35c", - "ipv6_cidr_block": null, - "ipv6_cidr_block_association_id": null, - "map_public_ip_on_launch": false, - "outpost_arn": "", - "owner_id": "268558157000", - "state": "available", - "tags": { - "Name": "atlas-operator-mwcdx-public-eu-west-3c", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "vpc_id": "vpc-01095835b1df30896" - } - } - ] - }, - { - "module": "module.vpc", - "mode": "data", - "type": "aws_vpc", - "name": "cluster_vpc", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:vpc/vpc-01095835b1df30896", - "cidr_block": "10.0.0.0/16", - "cidr_block_associations": [ - { - "association_id": "vpc-cidr-assoc-013ae704c60b1fb8a", - "cidr_block": "10.0.0.0/16", - "state": "associated" - } - ], - "default": false, - "dhcp_options_id": "dopt-0bd620d1288de8565", - "enable_dns_hostnames": true, - "enable_dns_support": true, - "filter": null, - "id": "vpc-01095835b1df30896", - "instance_tenancy": "default", - "ipv6_association_id": null, - "ipv6_cidr_block": null, - "main_route_table_id": "rtb-002994e3126112764", - "owner_id": "268558157000", - "state": "available", - "tags": { - "Name": "atlas-operator-mwcdx-vpc", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - } - } - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_eip", - "name": "nat_eip", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "allocation_id": null, - "associate_with_private_ip": null, - "association_id": "", - "customer_owned_ip": "", - "customer_owned_ipv4_pool": "", - "domain": "vpc", - "id": "eipalloc-08a166d58ffed8d87", - "instance": "", - "network_interface": "", - "private_dns": null, - "private_ip": "", - "public_dns": "ec2-15-237-134-67.eu-west-3.compute.amazonaws.com", - "public_ip": "15.237.134.67", - "public_ipv4_pool": "amazon", - "tags": { - "Name": "atlas-operator-mwcdx-eip-eu-west-3a", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "timeouts": null, - "vpc": true - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjoxODAwMDAwMDAwMDAsInJlYWQiOjkwMDAwMDAwMDAwMCwidXBkYXRlIjozMDAwMDAwMDAwMDB9fQ==", - "dependencies": [ - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 1, - "schema_version": 0, - "attributes": { - "allocation_id": null, - "associate_with_private_ip": null, - "association_id": "", - "customer_owned_ip": "", - "customer_owned_ipv4_pool": "", - "domain": "vpc", - "id": "eipalloc-0e4507db846fd55c2", - "instance": "", - "network_interface": "", - "private_dns": null, - "private_ip": "", - "public_dns": "ec2-13-36-86-133.eu-west-3.compute.amazonaws.com", - "public_ip": "13.36.86.133", - "public_ipv4_pool": "amazon", - "tags": { - "Name": "atlas-operator-mwcdx-eip-eu-west-3b", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "timeouts": null, - "vpc": true - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjoxODAwMDAwMDAwMDAsInJlYWQiOjkwMDAwMDAwMDAwMCwidXBkYXRlIjozMDAwMDAwMDAwMDB9fQ==", - "dependencies": [ - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 2, - "schema_version": 0, - "attributes": { - "allocation_id": null, - "associate_with_private_ip": null, - "association_id": "", - "customer_owned_ip": "", - "customer_owned_ipv4_pool": "", - "domain": "vpc", - "id": "eipalloc-0c0f4d213a758e268", - "instance": "", - "network_interface": "", - "private_dns": null, - "private_ip": "", - "public_dns": "ec2-13-36-23-217.eu-west-3.compute.amazonaws.com", - "public_ip": "13.36.23.217", - "public_ipv4_pool": "amazon", - "tags": { - "Name": "atlas-operator-mwcdx-eip-eu-west-3c", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "timeouts": null, - "vpc": true - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiZGVsZXRlIjoxODAwMDAwMDAwMDAsInJlYWQiOjkwMDAwMDAwMDAwMCwidXBkYXRlIjozMDAwMDAwMDAwMDB9fQ==", - "dependencies": [ - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.masters", - "mode": "managed", - "type": "aws_iam_instance_profile", - "name": "master", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:iam::268558157000:instance-profile/atlas-operator-mwcdx-master-profile", - "create_date": "2021-03-08T15:13:28Z", - "id": "atlas-operator-mwcdx-master-profile", - "name": "atlas-operator-mwcdx-master-profile", - "name_prefix": null, - "path": "/", - "role": "atlas-operator-mwcdx-master-role", - "roles": [], - "unique_id": "AIPAT5B2QITEIUMIN3ZJP" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.masters.aws_iam_role.master_role" - ] - } - ] - }, - { - "module": "module.iam", - "mode": "managed", - "type": "aws_iam_instance_profile", - "name": "worker", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:iam::268558157000:instance-profile/atlas-operator-mwcdx-worker-profile", - "create_date": "2021-03-08T15:13:28Z", - "id": "atlas-operator-mwcdx-worker-profile", - "name": "atlas-operator-mwcdx-worker-profile", - "name_prefix": null, - "path": "/", - "role": "atlas-operator-mwcdx-worker-role", - "roles": [], - "unique_id": "AIPAT5B2QITEPGXDH57CB" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.iam.aws_iam_role.worker_role" - ] - } - ] - }, - { - "module": "module.masters", - "mode": "managed", - "type": "aws_iam_role", - "name": "master_role", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:iam::268558157000:role/atlas-operator-mwcdx-master-role", - "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", - "create_date": "2021-03-08T15:13:27Z", - "description": "", - "force_detach_policies": false, - "id": "atlas-operator-mwcdx-master-role", - "max_session_duration": 3600, - "name": "atlas-operator-mwcdx-master-role", - "name_prefix": null, - "path": "/", - "permissions_boundary": null, - "tags": { - "Name": "atlas-operator-mwcdx-master-role", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "unique_id": "AROAT5B2QITENJ32BMONG" - }, - "private": "bnVsbA==" - } - ] - }, - { - "module": "module.iam", - "mode": "managed", - "type": "aws_iam_role", - "name": "worker_role", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:iam::268558157000:role/atlas-operator-mwcdx-worker-role", - "assume_role_policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":{\"Service\":\"ec2.amazonaws.com\"},\"Action\":\"sts:AssumeRole\"}]}", - "create_date": "2021-03-08T15:13:27Z", - "description": "", - "force_detach_policies": false, - "id": "atlas-operator-mwcdx-worker-role", - "max_session_duration": 3600, - "name": "atlas-operator-mwcdx-worker-role", - "name_prefix": null, - "path": "/", - "permissions_boundary": null, - "tags": { - "Name": "atlas-operator-mwcdx-worker-role", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "unique_id": "AROAT5B2QITEAKNQGMM45" - }, - "private": "bnVsbA==" - } - ] - }, - { - "module": "module.masters", - "mode": "managed", - "type": "aws_iam_role_policy", - "name": "master_policy", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 0, - "attributes": { - "id": "atlas-operator-mwcdx-master-role:atlas-operator-mwcdx-master-policy", - "name": "atlas-operator-mwcdx-master-policy", - "name_prefix": null, - "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Action\": [\n \"ec2:AttachVolume\",\n \"ec2:AuthorizeSecurityGroupIngress\",\n \"ec2:CreateSecurityGroup\",\n \"ec2:CreateTags\",\n \"ec2:CreateVolume\",\n \"ec2:DeleteSecurityGroup\",\n \"ec2:DeleteVolume\",\n \"ec2:Describe*\",\n \"ec2:DetachVolume\",\n \"ec2:ModifyInstanceAttribute\",\n \"ec2:ModifyVolume\",\n \"ec2:RevokeSecurityGroupIngress\",\n \"elasticloadbalancing:AddTags\",\n \"elasticloadbalancing:AttachLoadBalancerToSubnets\",\n \"elasticloadbalancing:ApplySecurityGroupsToLoadBalancer\",\n \"elasticloadbalancing:CreateListener\",\n \"elasticloadbalancing:CreateLoadBalancer\",\n \"elasticloadbalancing:CreateLoadBalancerPolicy\",\n \"elasticloadbalancing:CreateLoadBalancerListeners\",\n \"elasticloadbalancing:CreateTargetGroup\",\n \"elasticloadbalancing:ConfigureHealthCheck\",\n \"elasticloadbalancing:DeleteListener\",\n \"elasticloadbalancing:DeleteLoadBalancer\",\n \"elasticloadbalancing:DeleteLoadBalancerListeners\",\n \"elasticloadbalancing:DeleteTargetGroup\",\n \"elasticloadbalancing:DeregisterInstancesFromLoadBalancer\",\n \"elasticloadbalancing:DeregisterTargets\",\n \"elasticloadbalancing:Describe*\",\n \"elasticloadbalancing:DetachLoadBalancerFromSubnets\",\n \"elasticloadbalancing:ModifyListener\",\n \"elasticloadbalancing:ModifyLoadBalancerAttributes\",\n \"elasticloadbalancing:ModifyTargetGroup\",\n \"elasticloadbalancing:ModifyTargetGroupAttributes\",\n \"elasticloadbalancing:RegisterInstancesWithLoadBalancer\",\n \"elasticloadbalancing:RegisterTargets\",\n \"elasticloadbalancing:SetLoadBalancerPoliciesForBackendServer\",\n \"elasticloadbalancing:SetLoadBalancerPoliciesOfListener\",\n \"kms:DescribeKey\"\n ],\n \"Resource\": \"*\",\n \"Effect\": \"Allow\"\n }\n ]\n}\n", - "role": "atlas-operator-mwcdx-master-role" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.masters.aws_iam_role.master_role" - ] - } - ] - }, - { - "module": "module.iam", - "mode": "managed", - "type": "aws_iam_role_policy", - "name": "worker_policy", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 0, - "attributes": { - "id": "atlas-operator-mwcdx-worker-role:atlas-operator-mwcdx-worker-policy", - "name": "atlas-operator-mwcdx-worker-policy", - "name_prefix": null, - "policy": "{\n \"Version\": \"2012-10-17\",\n \"Statement\": [\n {\n \"Effect\": \"Allow\",\n \"Action\": [\n \"ec2:DescribeInstances\",\n \"ec2:DescribeRegions\"\n ],\n \"Resource\": \"*\"\n }\n ]\n}\n", - "role": "atlas-operator-mwcdx-worker-role" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.iam.aws_iam_role.worker_role" - ] - } - ] - }, - { - "module": "module.masters", - "mode": "managed", - "type": "aws_instance", - "name": "master", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 1, - "attributes": { - "ami": "ami-038f4ce9ea7ac7191", - "arn": "arn:aws:ec2:eu-west-3:268558157000:instance/i-07b646f442403dffb", - "associate_public_ip_address": false, - "availability_zone": "eu-west-3a", - "cpu_core_count": 2, - "cpu_threads_per_core": 2, - "credit_specification": [ - { - "cpu_credits": "unlimited" - } - ], - "disable_api_termination": false, - "ebs_block_device": [], - "ebs_optimized": false, - "ephemeral_block_device": [], - "get_password_data": false, - "hibernation": false, - "host_id": null, - "iam_instance_profile": "atlas-operator-mwcdx-master-profile", - "id": "i-07b646f442403dffb", - "instance_initiated_shutdown_behavior": null, - "instance_state": "running", - "instance_type": "t3.xlarge", - "ipv6_address_count": 0, - "ipv6_addresses": [], - "key_name": "", - "metadata_options": [ - { - "http_endpoint": "enabled", - "http_put_response_hop_limit": 1, - "http_tokens": "optional" - } - ], - "monitoring": false, - "network_interface": [ - { - "delete_on_termination": false, - "device_index": 0, - "network_interface_id": "eni-046261915d5d98f8d" - } - ], - "network_interface_id": null, - "outpost_arn": "", - "password_data": "", - "placement_group": "", - "primary_network_interface_id": "eni-046261915d5d98f8d", - "private_dns": "ip-10-0-131-42.eu-west-3.compute.internal", - "private_ip": "10.0.131.42", - "public_dns": "", - "public_ip": "", - "root_block_device": [ - { - "delete_on_termination": true, - "device_name": "/dev/xvda", - "encrypted": true, - "iops": 360, - "kms_key_id": "arn:aws:kms:eu-west-3:268558157000:key/35b2789f-5f02-412c-bd97-0e9a9a766580", - "volume_id": "vol-0021e98a1d82c5935", - "volume_size": 120, - "volume_type": "gp2" - } - ], - "security_groups": [], - "source_dest_check": true, - "subnet_id": "subnet-04cda98e80626f47c", - "tags": { - "Name": "atlas-operator-mwcdx-master-0", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "tenancy": "default", - "timeouts": null, - "user_data": "62b58cdcf4d5f46d5e29a54d2fa572e817eb13ca", - "user_data_base64": null, - "volume_tags": { - "Name": "atlas-operator-mwcdx-master-0-vol", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "vpc_security_group_ids": [ - "sg-0c8969cd01ba7b06f" - ] - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", - "dependencies": [ - "aws_ami_copy.imported", - "module.masters.aws_iam_instance_profile.master", - "module.masters.aws_iam_role.master_role", - "module.masters.aws_network_interface.master", - "module.vpc.aws_security_group.master", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 1, - "schema_version": 1, - "attributes": { - "ami": "ami-038f4ce9ea7ac7191", - "arn": "arn:aws:ec2:eu-west-3:268558157000:instance/i-00b7132b849d40be5", - "associate_public_ip_address": false, - "availability_zone": "eu-west-3b", - "cpu_core_count": 2, - "cpu_threads_per_core": 2, - "credit_specification": [ - { - "cpu_credits": "unlimited" - } - ], - "disable_api_termination": false, - "ebs_block_device": [], - "ebs_optimized": false, - "ephemeral_block_device": [], - "get_password_data": false, - "hibernation": false, - "host_id": null, - "iam_instance_profile": "atlas-operator-mwcdx-master-profile", - "id": "i-00b7132b849d40be5", - "instance_initiated_shutdown_behavior": null, - "instance_state": "running", - "instance_type": "t3.xlarge", - "ipv6_address_count": 0, - "ipv6_addresses": [], - "key_name": "", - "metadata_options": [ - { - "http_endpoint": "enabled", - "http_put_response_hop_limit": 1, - "http_tokens": "optional" - } - ], - "monitoring": false, - "network_interface": [ - { - "delete_on_termination": false, - "device_index": 0, - "network_interface_id": "eni-01bea4d31ca0306a4" - } - ], - "network_interface_id": null, - "outpost_arn": "", - "password_data": "", - "placement_group": "", - "primary_network_interface_id": "eni-01bea4d31ca0306a4", - "private_dns": "ip-10-0-179-76.eu-west-3.compute.internal", - "private_ip": "10.0.179.76", - "public_dns": "", - "public_ip": "", - "root_block_device": [ - { - "delete_on_termination": true, - "device_name": "/dev/xvda", - "encrypted": true, - "iops": 360, - "kms_key_id": "arn:aws:kms:eu-west-3:268558157000:key/35b2789f-5f02-412c-bd97-0e9a9a766580", - "volume_id": "vol-0c75feaebad2d5206", - "volume_size": 120, - "volume_type": "gp2" - } - ], - "security_groups": [], - "source_dest_check": true, - "subnet_id": "subnet-0b41b011d2aeb60f0", - "tags": { - "Name": "atlas-operator-mwcdx-master-1", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "tenancy": "default", - "timeouts": null, - "user_data": "62b58cdcf4d5f46d5e29a54d2fa572e817eb13ca", - "user_data_base64": null, - "volume_tags": { - "Name": "atlas-operator-mwcdx-master-1-vol", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "vpc_security_group_ids": [ - "sg-0c8969cd01ba7b06f" - ] - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", - "dependencies": [ - "aws_ami_copy.imported", - "module.masters.aws_iam_instance_profile.master", - "module.masters.aws_iam_role.master_role", - "module.masters.aws_network_interface.master", - "module.vpc.aws_security_group.master", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 2, - "schema_version": 1, - "attributes": { - "ami": "ami-038f4ce9ea7ac7191", - "arn": "arn:aws:ec2:eu-west-3:268558157000:instance/i-0af060f77553df4b7", - "associate_public_ip_address": false, - "availability_zone": "eu-west-3c", - "cpu_core_count": 2, - "cpu_threads_per_core": 2, - "credit_specification": [ - { - "cpu_credits": "unlimited" - } - ], - "disable_api_termination": false, - "ebs_block_device": [], - "ebs_optimized": false, - "ephemeral_block_device": [], - "get_password_data": false, - "hibernation": false, - "host_id": null, - "iam_instance_profile": "atlas-operator-mwcdx-master-profile", - "id": "i-0af060f77553df4b7", - "instance_initiated_shutdown_behavior": null, - "instance_state": "running", - "instance_type": "t3.xlarge", - "ipv6_address_count": 0, - "ipv6_addresses": [], - "key_name": "", - "metadata_options": [ - { - "http_endpoint": "enabled", - "http_put_response_hop_limit": 1, - "http_tokens": "optional" - } - ], - "monitoring": false, - "network_interface": [ - { - "delete_on_termination": false, - "device_index": 0, - "network_interface_id": "eni-095a6ba422efe298e" - } - ], - "network_interface_id": null, - "outpost_arn": "", - "password_data": "", - "placement_group": "", - "primary_network_interface_id": "eni-095a6ba422efe298e", - "private_dns": "ip-10-0-205-198.eu-west-3.compute.internal", - "private_ip": "10.0.205.198", - "public_dns": "", - "public_ip": "", - "root_block_device": [ - { - "delete_on_termination": true, - "device_name": "/dev/xvda", - "encrypted": true, - "iops": 360, - "kms_key_id": "arn:aws:kms:eu-west-3:268558157000:key/35b2789f-5f02-412c-bd97-0e9a9a766580", - "volume_id": "vol-0dd62f1b14ad096e9", - "volume_size": 120, - "volume_type": "gp2" - } - ], - "security_groups": [], - "source_dest_check": true, - "subnet_id": "subnet-003e0c57e7faae762", - "tags": { - "Name": "atlas-operator-mwcdx-master-2", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "tenancy": "default", - "timeouts": null, - "user_data": "62b58cdcf4d5f46d5e29a54d2fa572e817eb13ca", - "user_data_base64": null, - "volume_tags": { - "Name": "atlas-operator-mwcdx-master-2-vol", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "vpc_security_group_ids": [ - "sg-0c8969cd01ba7b06f" - ] - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9LCJzY2hlbWFfdmVyc2lvbiI6IjEifQ==", - "dependencies": [ - "aws_ami_copy.imported", - "module.masters.aws_iam_instance_profile.master", - "module.masters.aws_iam_role.master_role", - "module.masters.aws_network_interface.master", - "module.vpc.aws_security_group.master", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_internet_gateway", - "name": "igw", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:internet-gateway/igw-04c74bb98b637a48c", - "id": "igw-04c74bb98b637a48c", - "owner_id": "268558157000", - "tags": { - "Name": "atlas-operator-mwcdx-igw", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_lb", - "name": "api_external", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "access_logs": [ - { - "bucket": "", - "enabled": false, - "prefix": "" - } - ], - "arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:loadbalancer/net/atlas-operator-mwcdx-ext/0f216ba29b6f3dd8", - "arn_suffix": "net/atlas-operator-mwcdx-ext/0f216ba29b6f3dd8", - "dns_name": "atlas-operator-mwcdx-ext-0f216ba29b6f3dd8.elb.eu-west-3.amazonaws.com", - "drop_invalid_header_fields": null, - "enable_cross_zone_load_balancing": true, - "enable_deletion_protection": false, - "enable_http2": null, - "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:loadbalancer/net/atlas-operator-mwcdx-ext/0f216ba29b6f3dd8", - "idle_timeout": null, - "internal": false, - "ip_address_type": "ipv4", - "load_balancer_type": "network", - "name": "atlas-operator-mwcdx-ext", - "name_prefix": null, - "security_groups": [], - "subnet_mapping": [ - { - "allocation_id": "", - "subnet_id": "subnet-00762966c3511d35c" - }, - { - "allocation_id": "", - "subnet_id": "subnet-0cb32a893e5f9f54f" - }, - { - "allocation_id": "", - "subnet_id": "subnet-0d3eaab42501e7b00" - } - ], - "subnets": [ - "subnet-00762966c3511d35c", - "subnet-0cb32a893e5f9f54f", - "subnet-0d3eaab42501e7b00" - ], - "tags": { - "Name": "atlas-operator-mwcdx-ext", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "timeouts": { - "create": "20m", - "delete": null, - "update": null - }, - "vpc_id": "vpc-01095835b1df30896", - "zone_id": "Z1CMS0P5QUZ6D5" - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjYwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9fQ==", - "dependencies": [ - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_subnet.public_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_lb", - "name": "api_internal", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 0, - "attributes": { - "access_logs": [ - { - "bucket": "", - "enabled": false, - "prefix": "" - } - ], - "arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:loadbalancer/net/atlas-operator-mwcdx-int/d3bc22a211002d2e", - "arn_suffix": "net/atlas-operator-mwcdx-int/d3bc22a211002d2e", - "dns_name": "atlas-operator-mwcdx-int-d3bc22a211002d2e.elb.eu-west-3.amazonaws.com", - "drop_invalid_header_fields": null, - "enable_cross_zone_load_balancing": true, - "enable_deletion_protection": false, - "enable_http2": null, - "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:loadbalancer/net/atlas-operator-mwcdx-int/d3bc22a211002d2e", - "idle_timeout": null, - "internal": true, - "ip_address_type": "ipv4", - "load_balancer_type": "network", - "name": "atlas-operator-mwcdx-int", - "name_prefix": null, - "security_groups": [], - "subnet_mapping": [ - { - "allocation_id": "", - "subnet_id": "subnet-003e0c57e7faae762" - }, - { - "allocation_id": "", - "subnet_id": "subnet-04cda98e80626f47c" - }, - { - "allocation_id": "", - "subnet_id": "subnet-0b41b011d2aeb60f0" - } - ], - "subnets": [ - "subnet-003e0c57e7faae762", - "subnet-04cda98e80626f47c", - "subnet-0b41b011d2aeb60f0" - ], - "tags": { - "Name": "atlas-operator-mwcdx-int", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "timeouts": { - "create": "20m", - "delete": null, - "update": null - }, - "vpc_id": "vpc-01095835b1df30896", - "zone_id": "Z1CMS0P5QUZ6D5" - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjYwMDAwMDAwMDAwMCwidXBkYXRlIjo2MDAwMDAwMDAwMDB9fQ==", - "dependencies": [ - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_lb_listener", - "name": "api_external_api", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:listener/net/atlas-operator-mwcdx-ext/0f216ba29b6f3dd8/e2d9b33e61e7364e", - "certificate_arn": null, - "default_action": [ - { - "authenticate_cognito": [], - "authenticate_oidc": [], - "fixed_response": [], - "forward": [], - "order": 1, - "redirect": [], - "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0", - "type": "forward" - } - ], - "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:listener/net/atlas-operator-mwcdx-ext/0f216ba29b6f3dd8/e2d9b33e61e7364e", - "load_balancer_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:loadbalancer/net/atlas-operator-mwcdx-ext/0f216ba29b6f3dd8", - "port": 6443, - "protocol": "TCP", - "ssl_policy": "", - "timeouts": null - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsicmVhZCI6NjAwMDAwMDAwMDAwfX0=", - "dependencies": [ - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_lb.api_external", - "module.vpc.aws_lb_target_group.api_external", - "module.vpc.aws_subnet.public_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_lb_listener", - "name": "api_internal_api", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:listener/net/atlas-operator-mwcdx-int/d3bc22a211002d2e/569afa15e838edb0", - "certificate_arn": null, - "default_action": [ - { - "authenticate_cognito": [], - "authenticate_oidc": [], - "fixed_response": [], - "forward": [], - "order": 1, - "redirect": [], - "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587", - "type": "forward" - } - ], - "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:listener/net/atlas-operator-mwcdx-int/d3bc22a211002d2e/569afa15e838edb0", - "load_balancer_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:loadbalancer/net/atlas-operator-mwcdx-int/d3bc22a211002d2e", - "port": 6443, - "protocol": "TCP", - "ssl_policy": "", - "timeouts": null - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsicmVhZCI6NjAwMDAwMDAwMDAwfX0=", - "dependencies": [ - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_lb.api_internal", - "module.vpc.aws_lb_target_group.api_internal", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_lb_listener", - "name": "api_internal_services", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:listener/net/atlas-operator-mwcdx-int/d3bc22a211002d2e/28399bf48274e650", - "certificate_arn": null, - "default_action": [ - { - "authenticate_cognito": [], - "authenticate_oidc": [], - "fixed_response": [], - "forward": [], - "order": 1, - "redirect": [], - "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7", - "type": "forward" - } - ], - "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:listener/net/atlas-operator-mwcdx-int/d3bc22a211002d2e/28399bf48274e650", - "load_balancer_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:loadbalancer/net/atlas-operator-mwcdx-int/d3bc22a211002d2e", - "port": 22623, - "protocol": "TCP", - "ssl_policy": "", - "timeouts": null - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsicmVhZCI6NjAwMDAwMDAwMDAwfX0=", - "dependencies": [ - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_lb.api_internal", - "module.vpc.aws_lb_target_group.services", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_lb_target_group", - "name": "api_external", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0", - "arn_suffix": "targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0", - "deregistration_delay": 300, - "health_check": [ - { - "enabled": true, - "healthy_threshold": 2, - "interval": 10, - "matcher": "200-399", - "path": "/readyz", - "port": "6443", - "protocol": "HTTPS", - "timeout": 10, - "unhealthy_threshold": 2 - } - ], - "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0", - "lambda_multi_value_headers_enabled": false, - "load_balancing_algorithm_type": null, - "name": "atlas-operator-mwcdx-aext", - "name_prefix": null, - "port": 6443, - "protocol": "TCP", - "proxy_protocol_v2": false, - "slow_start": 0, - "stickiness": [], - "tags": { - "Name": "atlas-operator-mwcdx-aext", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "target_type": "ip", - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_lb_target_group", - "name": "api_internal", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587", - "arn_suffix": "targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587", - "deregistration_delay": 300, - "health_check": [ - { - "enabled": true, - "healthy_threshold": 2, - "interval": 10, - "matcher": "200-399", - "path": "/readyz", - "port": "6443", - "protocol": "HTTPS", - "timeout": 10, - "unhealthy_threshold": 2 - } - ], - "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587", - "lambda_multi_value_headers_enabled": false, - "load_balancing_algorithm_type": null, - "name": "atlas-operator-mwcdx-aint", - "name_prefix": null, - "port": 6443, - "protocol": "TCP", - "proxy_protocol_v2": false, - "slow_start": 0, - "stickiness": [], - "tags": { - "Name": "atlas-operator-mwcdx-aint", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "target_type": "ip", - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_lb_target_group", - "name": "services", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 0, - "attributes": { - "arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7", - "arn_suffix": "targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7", - "deregistration_delay": 300, - "health_check": [ - { - "enabled": true, - "healthy_threshold": 2, - "interval": 10, - "matcher": "200-399", - "path": "/healthz", - "port": "22623", - "protocol": "HTTPS", - "timeout": 10, - "unhealthy_threshold": 2 - } - ], - "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7", - "lambda_multi_value_headers_enabled": false, - "load_balancing_algorithm_type": null, - "name": "atlas-operator-mwcdx-sint", - "name_prefix": null, - "port": 22623, - "protocol": "TCP", - "proxy_protocol_v2": false, - "slow_start": 0, - "stickiness": [], - "tags": { - "Name": "atlas-operator-mwcdx-sint", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "target_type": "ip", - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.masters", - "mode": "managed", - "type": "aws_lb_target_group_attachment", - "name": "master", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "availability_zone": null, - "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587-2021030815143087710000000e", - "port": null, - "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587", - "target_id": "10.0.131.42" - }, - "private": "bnVsbA==", - "dependencies": [ - "aws_ami_copy.imported", - "module.masters.aws_iam_instance_profile.master", - "module.masters.aws_iam_role.master_role", - "module.masters.aws_instance.master", - "module.masters.aws_network_interface.master", - "module.vpc.aws_lb_target_group.api_external", - "module.vpc.aws_lb_target_group.api_internal", - "module.vpc.aws_lb_target_group.services", - "module.vpc.aws_security_group.master", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 1, - "schema_version": 0, - "attributes": { - "availability_zone": null, - "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7-20210308151430362100000007", - "port": null, - "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7", - "target_id": "10.0.131.42" - }, - "private": "bnVsbA==", - "dependencies": [ - "aws_ami_copy.imported", - "module.masters.aws_iam_instance_profile.master", - "module.masters.aws_iam_role.master_role", - "module.masters.aws_instance.master", - "module.masters.aws_network_interface.master", - "module.vpc.aws_lb_target_group.api_external", - "module.vpc.aws_lb_target_group.api_internal", - "module.vpc.aws_lb_target_group.services", - "module.vpc.aws_security_group.master", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 2, - "schema_version": 0, - "attributes": { - "availability_zone": null, - "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0-2021030815143088360000000f", - "port": null, - "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0", - "target_id": "10.0.131.42" - }, - "private": "bnVsbA==", - "dependencies": [ - "aws_ami_copy.imported", - "module.masters.aws_iam_instance_profile.master", - "module.masters.aws_iam_role.master_role", - "module.masters.aws_instance.master", - "module.masters.aws_network_interface.master", - "module.vpc.aws_lb_target_group.api_external", - "module.vpc.aws_lb_target_group.api_internal", - "module.vpc.aws_lb_target_group.services", - "module.vpc.aws_security_group.master", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 3, - "schema_version": 0, - "attributes": { - "availability_zone": null, - "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587-2021030815143042010000000b", - "port": null, - "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587", - "target_id": "10.0.179.76" - }, - "private": "bnVsbA==", - "dependencies": [ - "aws_ami_copy.imported", - "module.masters.aws_iam_instance_profile.master", - "module.masters.aws_iam_role.master_role", - "module.masters.aws_instance.master", - "module.masters.aws_network_interface.master", - "module.vpc.aws_lb_target_group.api_external", - "module.vpc.aws_lb_target_group.api_internal", - "module.vpc.aws_lb_target_group.services", - "module.vpc.aws_security_group.master", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 4, - "schema_version": 0, - "attributes": { - "availability_zone": null, - "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7-2021030815143085450000000c", - "port": null, - "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7", - "target_id": "10.0.179.76" - }, - "private": "bnVsbA==", - "dependencies": [ - "aws_ami_copy.imported", - "module.masters.aws_iam_instance_profile.master", - "module.masters.aws_iam_role.master_role", - "module.masters.aws_instance.master", - "module.masters.aws_network_interface.master", - "module.vpc.aws_lb_target_group.api_external", - "module.vpc.aws_lb_target_group.api_internal", - "module.vpc.aws_lb_target_group.services", - "module.vpc.aws_security_group.master", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 5, - "schema_version": 0, - "attributes": { - "availability_zone": null, - "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0-20210308151430362200000008", - "port": null, - "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0", - "target_id": "10.0.179.76" - }, - "private": "bnVsbA==", - "dependencies": [ - "aws_ami_copy.imported", - "module.masters.aws_iam_instance_profile.master", - "module.masters.aws_iam_role.master_role", - "module.masters.aws_instance.master", - "module.masters.aws_network_interface.master", - "module.vpc.aws_lb_target_group.api_external", - "module.vpc.aws_lb_target_group.api_internal", - "module.vpc.aws_lb_target_group.services", - "module.vpc.aws_security_group.master", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 6, - "schema_version": 0, - "attributes": { - "availability_zone": null, - "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587-20210308151430371200000009", - "port": null, - "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aint/af57dac98d54f587", - "target_id": "10.0.205.198" - }, - "private": "bnVsbA==", - "dependencies": [ - "aws_ami_copy.imported", - "module.masters.aws_iam_instance_profile.master", - "module.masters.aws_iam_role.master_role", - "module.masters.aws_instance.master", - "module.masters.aws_network_interface.master", - "module.vpc.aws_lb_target_group.api_external", - "module.vpc.aws_lb_target_group.api_internal", - "module.vpc.aws_lb_target_group.services", - "module.vpc.aws_security_group.master", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 7, - "schema_version": 0, - "attributes": { - "availability_zone": null, - "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7-2021030815143038650000000a", - "port": null, - "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-sint/4d6741267d8196f7", - "target_id": "10.0.205.198" - }, - "private": "bnVsbA==", - "dependencies": [ - "aws_ami_copy.imported", - "module.masters.aws_iam_instance_profile.master", - "module.masters.aws_iam_role.master_role", - "module.masters.aws_instance.master", - "module.masters.aws_network_interface.master", - "module.vpc.aws_lb_target_group.api_external", - "module.vpc.aws_lb_target_group.api_internal", - "module.vpc.aws_lb_target_group.services", - "module.vpc.aws_security_group.master", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 8, - "schema_version": 0, - "attributes": { - "availability_zone": null, - "id": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0-2021030815143087030000000d", - "port": null, - "target_group_arn": "arn:aws:elasticloadbalancing:eu-west-3:268558157000:targetgroup/atlas-operator-mwcdx-aext/317d998c038e31b0", - "target_id": "10.0.205.198" - }, - "private": "bnVsbA==", - "dependencies": [ - "aws_ami_copy.imported", - "module.masters.aws_iam_instance_profile.master", - "module.masters.aws_iam_role.master_role", - "module.masters.aws_instance.master", - "module.masters.aws_network_interface.master", - "module.vpc.aws_lb_target_group.api_external", - "module.vpc.aws_lb_target_group.api_internal", - "module.vpc.aws_lb_target_group.services", - "module.vpc.aws_security_group.master", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_main_route_table_association", - "name": "main_vpc_routes", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "id": "rtbassoc-08be935f85ea4c398", - "original_route_table_id": "rtb-06c21506ba85b4119", - "route_table_id": "rtb-002994e3126112764", - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_route_table.default", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_nat_gateway", - "name": "nat_gw", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "allocation_id": "eipalloc-08a166d58ffed8d87", - "id": "nat-0e0bc384c4ae2edf1", - "network_interface_id": "eni-0021af46ba858fc3f", - "private_ip": "10.0.10.57", - "public_ip": "15.237.134.67", - "subnet_id": "subnet-0cb32a893e5f9f54f", - "tags": { - "Name": "atlas-operator-mwcdx-nat-eu-west-3a", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - } - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_eip.nat_eip", - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_subnet.public_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 1, - "schema_version": 0, - "attributes": { - "allocation_id": "eipalloc-0e4507db846fd55c2", - "id": "nat-046d605c291ec708b", - "network_interface_id": "eni-077a0e6b8108daa16", - "private_ip": "10.0.50.42", - "public_ip": "13.36.86.133", - "subnet_id": "subnet-0d3eaab42501e7b00", - "tags": { - "Name": "atlas-operator-mwcdx-nat-eu-west-3b", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - } - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_eip.nat_eip", - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_subnet.public_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 2, - "schema_version": 0, - "attributes": { - "allocation_id": "eipalloc-0c0f4d213a758e268", - "id": "nat-03a00aed849dad830", - "network_interface_id": "eni-0608770490673250e", - "private_ip": "10.0.86.248", - "public_ip": "13.36.23.217", - "subnet_id": "subnet-00762966c3511d35c", - "tags": { - "Name": "atlas-operator-mwcdx-nat-eu-west-3c", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - } - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_eip.nat_eip", - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_subnet.public_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.masters", - "mode": "managed", - "type": "aws_network_interface", - "name": "master", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "attachment": [], - "description": "", - "id": "eni-046261915d5d98f8d", - "mac_address": "06:2d:f8:f9:36:a6", - "outpost_arn": "", - "private_dns_name": "ip-10-0-131-42.eu-west-3.compute.internal", - "private_ip": "10.0.131.42", - "private_ips": [ - "10.0.131.42" - ], - "private_ips_count": 0, - "security_groups": [ - "sg-0c8969cd01ba7b06f" - ], - "source_dest_check": true, - "subnet_id": "subnet-04cda98e80626f47c", - "tags": { - "Name": "atlas-operator-mwcdx-master-0", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - } - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 1, - "schema_version": 0, - "attributes": { - "attachment": [], - "description": "", - "id": "eni-01bea4d31ca0306a4", - "mac_address": "0a:f6:75:18:9d:ba", - "outpost_arn": "", - "private_dns_name": "ip-10-0-179-76.eu-west-3.compute.internal", - "private_ip": "10.0.179.76", - "private_ips": [ - "10.0.179.76" - ], - "private_ips_count": 0, - "security_groups": [ - "sg-0c8969cd01ba7b06f" - ], - "source_dest_check": true, - "subnet_id": "subnet-0b41b011d2aeb60f0", - "tags": { - "Name": "atlas-operator-mwcdx-master-1", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - } - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 2, - "schema_version": 0, - "attributes": { - "attachment": [], - "description": "", - "id": "eni-095a6ba422efe298e", - "mac_address": "0e:71:8e:77:57:d4", - "outpost_arn": "", - "private_dns_name": "ip-10-0-205-198.eu-west-3.compute.internal", - "private_ip": "10.0.205.198", - "private_ips": [ - "10.0.205.198" - ], - "private_ips_count": 0, - "security_groups": [ - "sg-0c8969cd01ba7b06f" - ], - "source_dest_check": true, - "subnet_id": "subnet-003e0c57e7faae762", - "tags": { - "Name": "atlas-operator-mwcdx-master-2", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - } - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_route", - "name": "igw_route", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "destination_cidr_block": "0.0.0.0/0", - "destination_ipv6_cidr_block": null, - "destination_prefix_list_id": "", - "egress_only_gateway_id": "", - "gateway_id": "igw-04c74bb98b637a48c", - "id": "r-rtb-002994e31261127641080289494", - "instance_id": "", - "instance_owner_id": "", - "nat_gateway_id": "", - "network_interface_id": "", - "origin": "CreateRoute", - "route_table_id": "rtb-002994e3126112764", - "state": "active", - "timeouts": { - "create": "20m", - "delete": null - }, - "transit_gateway_id": "", - "vpc_peering_connection_id": "" - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjMwMDAwMDAwMDAwMH19", - "dependencies": [ - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_route_table.default", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_route", - "name": "to_nat_gw", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "destination_cidr_block": "0.0.0.0/0", - "destination_ipv6_cidr_block": null, - "destination_prefix_list_id": "", - "egress_only_gateway_id": "", - "gateway_id": "", - "id": "r-rtb-0c82f432fc12ed6591080289494", - "instance_id": "", - "instance_owner_id": "", - "nat_gateway_id": "nat-0e0bc384c4ae2edf1", - "network_interface_id": "", - "origin": "CreateRoute", - "route_table_id": "rtb-0c82f432fc12ed659", - "state": "active", - "timeouts": { - "create": "20m", - "delete": null - }, - "transit_gateway_id": "", - "vpc_peering_connection_id": "" - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjMwMDAwMDAwMDAwMH19", - "dependencies": [ - "module.vpc.aws_eip.nat_eip", - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_nat_gateway.nat_gw", - "module.vpc.aws_route_table.private_routes", - "module.vpc.aws_subnet.public_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 1, - "schema_version": 0, - "attributes": { - "destination_cidr_block": "0.0.0.0/0", - "destination_ipv6_cidr_block": null, - "destination_prefix_list_id": "", - "egress_only_gateway_id": "", - "gateway_id": "", - "id": "r-rtb-002306b7441779c9b1080289494", - "instance_id": "", - "instance_owner_id": "", - "nat_gateway_id": "nat-046d605c291ec708b", - "network_interface_id": "", - "origin": "CreateRoute", - "route_table_id": "rtb-002306b7441779c9b", - "state": "active", - "timeouts": { - "create": "20m", - "delete": null - }, - "transit_gateway_id": "", - "vpc_peering_connection_id": "" - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjMwMDAwMDAwMDAwMH19", - "dependencies": [ - "module.vpc.aws_eip.nat_eip", - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_nat_gateway.nat_gw", - "module.vpc.aws_route_table.private_routes", - "module.vpc.aws_subnet.public_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 2, - "schema_version": 0, - "attributes": { - "destination_cidr_block": "0.0.0.0/0", - "destination_ipv6_cidr_block": null, - "destination_prefix_list_id": "", - "egress_only_gateway_id": "", - "gateway_id": "", - "id": "r-rtb-061c71ffef947c4541080289494", - "instance_id": "", - "instance_owner_id": "", - "nat_gateway_id": "nat-03a00aed849dad830", - "network_interface_id": "", - "origin": "CreateRoute", - "route_table_id": "rtb-061c71ffef947c454", - "state": "active", - "timeouts": { - "create": "20m", - "delete": null - }, - "transit_gateway_id": "", - "vpc_peering_connection_id": "" - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjMwMDAwMDAwMDAwMH19", - "dependencies": [ - "module.vpc.aws_eip.nat_eip", - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_nat_gateway.nat_gw", - "module.vpc.aws_route_table.private_routes", - "module.vpc.aws_subnet.public_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.dns", - "mode": "managed", - "type": "aws_route53_record", - "name": "api_external_alias", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 2, - "attributes": { - "alias": [ - { - "evaluate_target_health": false, - "name": "atlas-operator-mwcdx-ext-0f216ba29b6f3dd8.elb.eu-west-3.amazonaws.com", - "zone_id": "Z1CMS0P5QUZ6D5" - } - ], - "allow_overwrite": null, - "failover_routing_policy": [], - "fqdn": "api.atlas.operator.mongokubernetes.com", - "geolocation_routing_policy": [], - "health_check_id": null, - "id": "Z1BNZ7MGFF9M06_api.atlas.operator.mongokubernetes.com_A", - "latency_routing_policy": [], - "multivalue_answer_routing_policy": null, - "name": "api.atlas.operator.mongokubernetes.com", - "records": null, - "set_identifier": null, - "ttl": null, - "type": "A", - "weighted_routing_policy": [], - "zone_id": "Z1BNZ7MGFF9M06" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_lb.api_external", - "module.vpc.aws_subnet.public_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.dns", - "mode": "managed", - "type": "aws_route53_record", - "name": "api_external_internal_zone_alias", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 2, - "attributes": { - "alias": [ - { - "evaluate_target_health": false, - "name": "atlas-operator-mwcdx-int-d3bc22a211002d2e.elb.eu-west-3.amazonaws.com", - "zone_id": "Z1CMS0P5QUZ6D5" - } - ], - "allow_overwrite": null, - "failover_routing_policy": [], - "fqdn": "api.atlas.operator.mongokubernetes.com", - "geolocation_routing_policy": [], - "health_check_id": null, - "id": "Z01600711WBJ0YIF3IAM2_api.atlas.operator.mongokubernetes.com_A", - "latency_routing_policy": [], - "multivalue_answer_routing_policy": null, - "name": "api.atlas.operator.mongokubernetes.com", - "records": null, - "set_identifier": null, - "ttl": null, - "type": "A", - "weighted_routing_policy": [], - "zone_id": "Z01600711WBJ0YIF3IAM2" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.dns.aws_route53_record.api_external_alias", - "module.dns.aws_route53_record.api_external_cname", - "module.dns.aws_route53_zone.int", - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_lb.api_external", - "module.vpc.aws_lb.api_internal", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_subnet.public_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.dns", - "mode": "managed", - "type": "aws_route53_record", - "name": "api_internal_alias", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 2, - "attributes": { - "alias": [ - { - "evaluate_target_health": false, - "name": "atlas-operator-mwcdx-int-d3bc22a211002d2e.elb.eu-west-3.amazonaws.com", - "zone_id": "Z1CMS0P5QUZ6D5" - } - ], - "allow_overwrite": null, - "failover_routing_policy": [], - "fqdn": "api-int.atlas.operator.mongokubernetes.com", - "geolocation_routing_policy": [], - "health_check_id": null, - "id": "Z01600711WBJ0YIF3IAM2_api-int.atlas.operator.mongokubernetes.com_A", - "latency_routing_policy": [], - "multivalue_answer_routing_policy": null, - "name": "api-int.atlas.operator.mongokubernetes.com", - "records": null, - "set_identifier": null, - "ttl": null, - "type": "A", - "weighted_routing_policy": [], - "zone_id": "Z01600711WBJ0YIF3IAM2" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.dns.aws_route53_record.api_external_alias", - "module.dns.aws_route53_record.api_external_cname", - "module.dns.aws_route53_zone.int", - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_lb.api_external", - "module.vpc.aws_lb.api_internal", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_subnet.public_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.dns", - "mode": "managed", - "type": "aws_route53_zone", - "name": "int", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 0, - "attributes": { - "comment": "Managed by Terraform", - "delegation_set_id": "", - "force_destroy": true, - "id": "Z01600711WBJ0YIF3IAM2", - "name": "atlas.operator.mongokubernetes.com.", - "name_servers": [ - "ns-0.awsdns-00.com.", - "ns-1024.awsdns-00.org.", - "ns-1536.awsdns-00.co.uk.", - "ns-512.awsdns-00.net." - ], - "tags": { - "Name": "atlas-operator-mwcdx-int", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "vpc": [ - { - "vpc_id": "vpc-01095835b1df30896", - "vpc_region": "eu-west-3" - } - ], - "vpc_id": null, - "vpc_region": null, - "zone_id": "Z01600711WBJ0YIF3IAM2" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.dns.aws_route53_record.api_external_alias", - "module.dns.aws_route53_record.api_external_cname", - "module.vpc.aws_internet_gateway.igw", - "module.vpc.aws_lb.api_external", - "module.vpc.aws_subnet.public_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_route_table", - "name": "default", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "id": "rtb-002994e3126112764", - "owner_id": "268558157000", - "propagating_vgws": [], - "route": [], - "tags": { - "Name": "atlas-operator-mwcdx-public", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_route_table", - "name": "private_routes", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "id": "rtb-0c82f432fc12ed659", - "owner_id": "268558157000", - "propagating_vgws": [], - "route": [], - "tags": { - "Name": "atlas-operator-mwcdx-private-eu-west-3a", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 1, - "schema_version": 0, - "attributes": { - "id": "rtb-002306b7441779c9b", - "owner_id": "268558157000", - "propagating_vgws": [], - "route": [], - "tags": { - "Name": "atlas-operator-mwcdx-private-eu-west-3b", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 2, - "schema_version": 0, - "attributes": { - "id": "rtb-061c71ffef947c454", - "owner_id": "268558157000", - "propagating_vgws": [], - "route": [], - "tags": { - "Name": "atlas-operator-mwcdx-private-eu-west-3c", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_route_table_association", - "name": "private_routing", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "gateway_id": null, - "id": "rtbassoc-0dd724fae88d08586", - "route_table_id": "rtb-0c82f432fc12ed659", - "subnet_id": "subnet-04cda98e80626f47c" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_route_table.private_routes", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 1, - "schema_version": 0, - "attributes": { - "gateway_id": null, - "id": "rtbassoc-00457443939d8fdc8", - "route_table_id": "rtb-002306b7441779c9b", - "subnet_id": "subnet-0b41b011d2aeb60f0" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_route_table.private_routes", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 2, - "schema_version": 0, - "attributes": { - "gateway_id": null, - "id": "rtbassoc-006a0e7f64cc41002", - "route_table_id": "rtb-061c71ffef947c454", - "subnet_id": "subnet-003e0c57e7faae762" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_route_table.private_routes", - "module.vpc.aws_subnet.private_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_route_table_association", - "name": "route_net", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "gateway_id": null, - "id": "rtbassoc-0570dfd355481e887", - "route_table_id": "rtb-002994e3126112764", - "subnet_id": "subnet-0cb32a893e5f9f54f" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_route_table.default", - "module.vpc.aws_subnet.public_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 1, - "schema_version": 0, - "attributes": { - "gateway_id": null, - "id": "rtbassoc-067f3ae275f0c83f3", - "route_table_id": "rtb-002994e3126112764", - "subnet_id": "subnet-0d3eaab42501e7b00" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_route_table.default", - "module.vpc.aws_subnet.public_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 2, - "schema_version": 0, - "attributes": { - "gateway_id": null, - "id": "rtbassoc-00f23081be22498a4", - "route_table_id": "rtb-002994e3126112764", - "subnet_id": "subnet-00762966c3511d35c" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_route_table.default", - "module.vpc.aws_subnet.public_subnet", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group", - "name": "master", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:security-group/sg-0c8969cd01ba7b06f", - "description": "Managed by Terraform", - "egress": [ - { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "-1", - "security_groups": [], - "self": false, - "to_port": 0 - } - ], - "id": "sg-0c8969cd01ba7b06f", - "ingress": [ - { - "cidr_blocks": [ - "10.0.0.0/16" - ], - "description": "", - "from_port": -1, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "icmp", - "security_groups": [], - "self": false, - "to_port": -1 - }, - { - "cidr_blocks": [ - "10.0.0.0/16" - ], - "description": "", - "from_port": 22623, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 22623 - }, - { - "cidr_blocks": [ - "10.0.0.0/16" - ], - "description": "", - "from_port": 22, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 22 - }, - { - "cidr_blocks": [ - "10.0.0.0/16" - ], - "description": "", - "from_port": 6443, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": false, - "to_port": 6443 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 0, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "50", - "security_groups": [ - "sg-041315ab2d5d385be" - ], - "self": true, - "to_port": 0 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 10250, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [ - "sg-041315ab2d5d385be" - ], - "self": true, - "to_port": 10250 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 10257, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [ - "sg-041315ab2d5d385be" - ], - "self": true, - "to_port": 10257 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 10259, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [ - "sg-041315ab2d5d385be" - ], - "self": true, - "to_port": 10259 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 2379, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [], - "self": true, - "to_port": 2380 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 30000, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [ - "sg-041315ab2d5d385be" - ], - "self": true, - "to_port": 32767 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 30000, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "udp", - "security_groups": [ - "sg-041315ab2d5d385be" - ], - "self": true, - "to_port": 32767 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 4500, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "udp", - "security_groups": [ - "sg-041315ab2d5d385be" - ], - "self": true, - "to_port": 4500 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 4789, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "udp", - "security_groups": [ - "sg-041315ab2d5d385be" - ], - "self": true, - "to_port": 4789 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 500, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "udp", - "security_groups": [ - "sg-041315ab2d5d385be" - ], - "self": true, - "to_port": 500 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 6081, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "udp", - "security_groups": [ - "sg-041315ab2d5d385be" - ], - "self": true, - "to_port": 6081 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 6641, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [ - "sg-041315ab2d5d385be" - ], - "self": true, - "to_port": 6642 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 9000, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "tcp", - "security_groups": [ - "sg-041315ab2d5d385be" - ], - "self": true, - "to_port": 9999 - }, - { - "cidr_blocks": [], - "description": "", - "from_port": 9000, - "ipv6_cidr_blocks": [], - "prefix_list_ids": [], - "protocol": "udp", - "security_groups": [ - "sg-041315ab2d5d385be" - ], - "self": true, - "to_port": 9999 - } - ], - "name": "terraform-20210308151332450200000002", - "name_prefix": null, - "owner_id": "268558157000", - "revoke_rules_on_delete": false, - "tags": { - "Name": "atlas-operator-mwcdx-master-sg", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "timeouts": { - "create": "20m", - "delete": null - }, - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjYwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", - "dependencies": [ - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group", - "name": "worker", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:security-group/sg-041315ab2d5d385be", - "description": "Managed by Terraform", - "egress": [], - "id": "sg-041315ab2d5d385be", - "ingress": [], - "name": "terraform-20210308151331925100000001", - "name_prefix": null, - "owner_id": "268558157000", - "revoke_rules_on_delete": false, - "tags": { - "Name": "atlas-operator-mwcdx-worker-sg", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "timeouts": { - "create": "20m", - "delete": null - }, - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjoxMjAwMDAwMDAwMDAwLCJkZWxldGUiOjYwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", - "dependencies": [ - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_egress", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": null, - "from_port": 0, - "id": "sgrule-1541125736", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "-1", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": null, - "to_port": 0, - "type": "egress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_esp", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 0, - "id": "sgrule-3405530076", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "50", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": true, - "source_security_group_id": null, - "to_port": 0, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_esp_from_worker", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 0, - "id": "sgrule-2591925733", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "50", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": "sg-041315ab2d5d385be", - "to_port": 0, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_etcd", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 2379, - "id": "sgrule-2135001579", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": true, - "source_security_group_id": null, - "to_port": 2380, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_geneve", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 6081, - "id": "sgrule-1995052581", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": true, - "source_security_group_id": null, - "to_port": 6081, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_geneve_from_worker", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 6081, - "id": "sgrule-644608028", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": "sg-041315ab2d5d385be", - "to_port": 6081, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_https", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": [ - "10.0.0.0/16" - ], - "description": null, - "from_port": 6443, - "id": "sgrule-3087092960", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": null, - "to_port": 6443, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_icmp", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": [ - "10.0.0.0/16" - ], - "description": null, - "from_port": -1, - "id": "sgrule-652367452", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "icmp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": null, - "to_port": -1, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_ike", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 500, - "id": "sgrule-3795946560", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": true, - "source_security_group_id": null, - "to_port": 500, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_ike_from_worker", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 500, - "id": "sgrule-2998954617", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": "sg-041315ab2d5d385be", - "to_port": 500, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_ike_nat_t", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 4500, - "id": "sgrule-1105692593", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": true, - "source_security_group_id": null, - "to_port": 4500, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_ike_nat_t_from_worker", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 4500, - "id": "sgrule-291922312", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": "sg-041315ab2d5d385be", - "to_port": 4500, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_internal", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 9000, - "id": "sgrule-2390605683", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": true, - "source_security_group_id": null, - "to_port": 9999, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_internal_from_worker", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 9000, - "id": "sgrule-3741079882", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": "sg-041315ab2d5d385be", - "to_port": 9999, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_internal_from_worker_udp", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 9000, - "id": "sgrule-2057566885", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": "sg-041315ab2d5d385be", - "to_port": 9999, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_internal_udp", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 9000, - "id": "sgrule-706878620", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": true, - "source_security_group_id": null, - "to_port": 9999, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_kube_controller_manager", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 10257, - "id": "sgrule-2490293399", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": true, - "source_security_group_id": null, - "to_port": 10257, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_kube_controller_manager_from_worker", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 10257, - "id": "sgrule-3304012462", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": "sg-041315ab2d5d385be", - "to_port": 10257, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_kube_scheduler", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 10259, - "id": "sgrule-1424144404", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": true, - "source_security_group_id": null, - "to_port": 10259, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_kube_scheduler_from_worker", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 10259, - "id": "sgrule-73621037", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": "sg-041315ab2d5d385be", - "to_port": 10259, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_kubelet_secure", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 10250, - "id": "sgrule-428895734", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": true, - "source_security_group_id": null, - "to_port": 10250, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_kubelet_secure_from_worker", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 10250, - "id": "sgrule-1225886671", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": "sg-041315ab2d5d385be", - "to_port": 10250, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_ovndb", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 6641, - "id": "sgrule-914827436", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": true, - "source_security_group_id": null, - "to_port": 6642, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_ovndb_from_worker", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 6641, - "id": "sgrule-1711722133", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": "sg-041315ab2d5d385be", - "to_port": 6642, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_services_tcp", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 30000, - "id": "sgrule-4202506367", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": true, - "source_security_group_id": null, - "to_port": 32767, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_services_tcp_from_worker", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 30000, - "id": "sgrule-2868694598", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": "sg-041315ab2d5d385be", - "to_port": 32767, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_services_udp", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 30000, - "id": "sgrule-1579322256", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": true, - "source_security_group_id": null, - "to_port": 32767, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_services_udp_from_worker", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 30000, - "id": "sgrule-245591465", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": "sg-041315ab2d5d385be", - "to_port": 32767, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_ssh", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": [ - "10.0.0.0/16" - ], - "description": null, - "from_port": 22, - "id": "sgrule-1830851794", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": null, - "to_port": 22, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_vxlan", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 4789, - "id": "sgrule-4196558621", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": true, - "source_security_group_id": null, - "to_port": 4789, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_ingress_vxlan_from_worker", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 4789, - "id": "sgrule-2862842148", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": "sg-041315ab2d5d385be", - "to_port": 4789, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "master_mcs", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": [ - "10.0.0.0/16" - ], - "description": null, - "from_port": 22623, - "id": "sgrule-4285711353", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-0c8969cd01ba7b06f", - "self": false, - "source_security_group_id": null, - "to_port": 22623, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_egress", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": [ - "0.0.0.0/0" - ], - "description": null, - "from_port": 0, - "id": "sgrule-49364016", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "-1", - "security_group_id": "sg-041315ab2d5d385be", - "self": false, - "source_security_group_id": null, - "to_port": 0, - "type": "egress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_esp", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 0, - "id": "sgrule-1647754409", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "50", - "security_group_id": "sg-041315ab2d5d385be", - "self": true, - "source_security_group_id": null, - "to_port": 0, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_esp_from_master", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 0, - "id": "sgrule-850877072", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "50", - "security_group_id": "sg-041315ab2d5d385be", - "self": false, - "source_security_group_id": "sg-0c8969cd01ba7b06f", - "to_port": 0, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_geneve", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 6081, - "id": "sgrule-1372275507", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-041315ab2d5d385be", - "self": true, - "source_security_group_id": null, - "to_port": 6081, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_geneve_from_master", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 6081, - "id": "sgrule-21669130", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-041315ab2d5d385be", - "self": false, - "source_security_group_id": "sg-0c8969cd01ba7b06f", - "to_port": 6081, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_icmp", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": [ - "10.0.0.0/16" - ], - "description": null, - "from_port": -1, - "id": "sgrule-4073103650", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "icmp", - "security_group_id": "sg-041315ab2d5d385be", - "self": false, - "source_security_group_id": null, - "to_port": -1, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_ike", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 500, - "id": "sgrule-1449069213", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-041315ab2d5d385be", - "self": true, - "source_security_group_id": null, - "to_port": 500, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_ike_from_master", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 500, - "id": "sgrule-115272868", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-041315ab2d5d385be", - "self": false, - "source_security_group_id": "sg-0c8969cd01ba7b06f", - "to_port": 500, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_ike_nat_t", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 4500, - "id": "sgrule-1724306087", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-041315ab2d5d385be", - "self": true, - "source_security_group_id": null, - "to_port": 4500, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_internal", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 9000, - "id": "sgrule-2841438821", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-041315ab2d5d385be", - "self": true, - "source_security_group_id": null, - "to_port": 9999, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_internal_from_master", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 9000, - "id": "sgrule-4192013404", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-041315ab2d5d385be", - "self": false, - "source_security_group_id": "sg-0c8969cd01ba7b06f", - "to_port": 9999, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_internal_from_master_udp", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 9000, - "id": "sgrule-1568845747", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-041315ab2d5d385be", - "self": false, - "source_security_group_id": "sg-0c8969cd01ba7b06f", - "to_port": 9999, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_internal_udp", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 9000, - "id": "sgrule-218319242", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-041315ab2d5d385be", - "self": true, - "source_security_group_id": null, - "to_port": 9999, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_kubelet_insecure", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 10250, - "id": "sgrule-157623860", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-041315ab2d5d385be", - "self": true, - "source_security_group_id": null, - "to_port": 10250, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_kubelet_insecure_from_master", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 10250, - "id": "sgrule-1508163597", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-041315ab2d5d385be", - "self": false, - "source_security_group_id": "sg-0c8969cd01ba7b06f", - "to_port": 10250, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_nat_t_from_master", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 4500, - "id": "sgrule-910636190", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-041315ab2d5d385be", - "self": false, - "source_security_group_id": "sg-0c8969cd01ba7b06f", - "to_port": 4500, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_services_tcp", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 30000, - "id": "sgrule-3934806973", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-041315ab2d5d385be", - "self": true, - "source_security_group_id": null, - "to_port": 32767, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_services_tcp_from_master", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 30000, - "id": "sgrule-3121186180", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-041315ab2d5d385be", - "self": false, - "source_security_group_id": "sg-0c8969cd01ba7b06f", - "to_port": 32767, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_services_udp", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 30000, - "id": "sgrule-1322762322", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-041315ab2d5d385be", - "self": true, - "source_security_group_id": null, - "to_port": 32767, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_services_udp_from_master", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 30000, - "id": "sgrule-508962411", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-041315ab2d5d385be", - "self": false, - "source_security_group_id": "sg-0c8969cd01ba7b06f", - "to_port": 32767, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_ssh", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": [ - "10.0.0.0/16" - ], - "description": null, - "from_port": 22, - "id": "sgrule-3932359237", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "tcp", - "security_group_id": "sg-041315ab2d5d385be", - "self": false, - "source_security_group_id": null, - "to_port": 22, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_vxlan", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 4789, - "id": "sgrule-3707974155", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-041315ab2d5d385be", - "self": true, - "source_security_group_id": null, - "to_port": 4789, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_security_group_rule", - "name": "worker_ingress_vxlan_from_master", - "provider": "provider.aws", - "instances": [ - { - "schema_version": 2, - "attributes": { - "cidr_blocks": null, - "description": null, - "from_port": 4789, - "id": "sgrule-2374161458", - "ipv6_cidr_blocks": null, - "prefix_list_ids": null, - "protocol": "udp", - "security_group_id": "sg-041315ab2d5d385be", - "self": false, - "source_security_group_id": "sg-0c8969cd01ba7b06f", - "to_port": 4789, - "type": "ingress" - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjIifQ==", - "dependencies": [ - "module.vpc.aws_security_group.master", - "module.vpc.aws_security_group.worker", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_subnet", - "name": "private_subnet", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-04cda98e80626f47c", - "assign_ipv6_address_on_creation": false, - "availability_zone": "eu-west-3a", - "availability_zone_id": "euw3-az1", - "cidr_block": "10.0.128.0/19", - "id": "subnet-04cda98e80626f47c", - "ipv6_cidr_block": "", - "ipv6_cidr_block_association_id": "", - "map_public_ip_on_launch": false, - "outpost_arn": "", - "owner_id": "268558157000", - "tags": { - "Name": "atlas-operator-mwcdx-private-eu-west-3a", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned", - "kubernetes.io/role/internal-elb": "" - }, - "timeouts": null, - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", - "dependencies": [ - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 1, - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-0b41b011d2aeb60f0", - "assign_ipv6_address_on_creation": false, - "availability_zone": "eu-west-3b", - "availability_zone_id": "euw3-az2", - "cidr_block": "10.0.160.0/19", - "id": "subnet-0b41b011d2aeb60f0", - "ipv6_cidr_block": "", - "ipv6_cidr_block_association_id": "", - "map_public_ip_on_launch": false, - "outpost_arn": "", - "owner_id": "268558157000", - "tags": { - "Name": "atlas-operator-mwcdx-private-eu-west-3b", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned", - "kubernetes.io/role/internal-elb": "" - }, - "timeouts": null, - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", - "dependencies": [ - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 2, - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-003e0c57e7faae762", - "assign_ipv6_address_on_creation": false, - "availability_zone": "eu-west-3c", - "availability_zone_id": "euw3-az3", - "cidr_block": "10.0.192.0/19", - "id": "subnet-003e0c57e7faae762", - "ipv6_cidr_block": "", - "ipv6_cidr_block_association_id": "", - "map_public_ip_on_launch": false, - "outpost_arn": "", - "owner_id": "268558157000", - "tags": { - "Name": "atlas-operator-mwcdx-private-eu-west-3c", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned", - "kubernetes.io/role/internal-elb": "" - }, - "timeouts": null, - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", - "dependencies": [ - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_subnet", - "name": "public_subnet", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-0cb32a893e5f9f54f", - "assign_ipv6_address_on_creation": false, - "availability_zone": "eu-west-3a", - "availability_zone_id": "euw3-az1", - "cidr_block": "10.0.0.0/19", - "id": "subnet-0cb32a893e5f9f54f", - "ipv6_cidr_block": "", - "ipv6_cidr_block_association_id": "", - "map_public_ip_on_launch": false, - "outpost_arn": "", - "owner_id": "268558157000", - "tags": { - "Name": "atlas-operator-mwcdx-public-eu-west-3a", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "timeouts": null, - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", - "dependencies": [ - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 1, - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-0d3eaab42501e7b00", - "assign_ipv6_address_on_creation": false, - "availability_zone": "eu-west-3b", - "availability_zone_id": "euw3-az2", - "cidr_block": "10.0.32.0/19", - "id": "subnet-0d3eaab42501e7b00", - "ipv6_cidr_block": "", - "ipv6_cidr_block_association_id": "", - "map_public_ip_on_launch": false, - "outpost_arn": "", - "owner_id": "268558157000", - "tags": { - "Name": "atlas-operator-mwcdx-public-eu-west-3b", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "timeouts": null, - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", - "dependencies": [ - "module.vpc.aws_vpc.new_vpc" - ] - }, - { - "index_key": 2, - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:subnet/subnet-00762966c3511d35c", - "assign_ipv6_address_on_creation": false, - "availability_zone": "eu-west-3c", - "availability_zone_id": "euw3-az3", - "cidr_block": "10.0.64.0/19", - "id": "subnet-00762966c3511d35c", - "ipv6_cidr_block": "", - "ipv6_cidr_block_association_id": "", - "map_public_ip_on_launch": false, - "outpost_arn": "", - "owner_id": "268558157000", - "tags": { - "Name": "atlas-operator-mwcdx-public-eu-west-3c", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "timeouts": null, - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6MTIwMDAwMDAwMDAwMH0sInNjaGVtYV92ZXJzaW9uIjoiMSJ9", - "dependencies": [ - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_vpc", - "name": "new_vpc", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 1, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:vpc/vpc-01095835b1df30896", - "assign_generated_ipv6_cidr_block": false, - "cidr_block": "10.0.0.0/16", - "default_network_acl_id": "acl-0ede2dbdf0b4a55dc", - "default_route_table_id": "rtb-002994e3126112764", - "default_security_group_id": "sg-09b5ee4a7c79130e1", - "dhcp_options_id": "dopt-0bd620d1288de8565", - "enable_classiclink": null, - "enable_classiclink_dns_support": null, - "enable_dns_hostnames": true, - "enable_dns_support": true, - "id": "vpc-01095835b1df30896", - "instance_tenancy": "default", - "ipv6_association_id": "", - "ipv6_cidr_block": "", - "main_route_table_id": "rtb-002994e3126112764", - "owner_id": "268558157000", - "tags": { - "Name": "atlas-operator-mwcdx-vpc", - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - } - }, - "private": "eyJzY2hlbWFfdmVyc2lvbiI6IjEifQ==" - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_vpc_dhcp_options", - "name": "main", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "arn": "arn:aws:ec2:eu-west-3:268558157000:dhcp-options/dopt-0bd620d1288de8565", - "domain_name": "eu-west-3.compute.internal", - "domain_name_servers": [ - "AmazonProvidedDNS" - ], - "id": "dopt-0bd620d1288de8565", - "netbios_name_servers": null, - "netbios_node_type": null, - "ntp_servers": null, - "owner_id": "268558157000", - "tags": { - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - } - }, - "private": "bnVsbA==" - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_vpc_dhcp_options_association", - "name": "main", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "dhcp_options_id": "dopt-0bd620d1288de8565", - "id": "dopt-0bd620d1288de8565-vpc-01095835b1df30896", - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "bnVsbA==", - "dependencies": [ - "module.vpc.aws_vpc.new_vpc", - "module.vpc.aws_vpc_dhcp_options.main" - ] - } - ] - }, - { - "module": "module.vpc", - "mode": "managed", - "type": "aws_vpc_endpoint", - "name": "s3", - "each": "list", - "provider": "provider.aws", - "instances": [ - { - "index_key": 0, - "schema_version": 0, - "attributes": { - "auto_accept": null, - "cidr_blocks": [ - "3.5.224.0/22", - "52.95.154.0/23", - "52.95.156.0/24" - ], - "dns_entry": [], - "id": "vpce-0b5b104ec88bb1a3a", - "network_interface_ids": [], - "owner_id": "268558157000", - "policy": "{\"Statement\":[{\"Action\":\"*\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Resource\":\"*\"}],\"Version\":\"2008-10-17\"}", - "prefix_list_id": "pl-23ad484a", - "private_dns_enabled": false, - "requester_managed": false, - "route_table_ids": [ - "rtb-002306b7441779c9b", - "rtb-002994e3126112764", - "rtb-061c71ffef947c454", - "rtb-0c82f432fc12ed659" - ], - "security_group_ids": [], - "service_name": "com.amazonaws.eu-west-3.s3", - "state": "available", - "subnet_ids": [], - "tags": { - "kubernetes.io/cluster/atlas-operator-mwcdx": "owned" - }, - "timeouts": null, - "vpc_endpoint_type": "Gateway", - "vpc_id": "vpc-01095835b1df30896" - }, - "private": "eyJlMmJmYjczMC1lY2FhLTExZTYtOGY4OC0zNDM2M2JjN2M0YzAiOnsiY3JlYXRlIjo2MDAwMDAwMDAwMDAsImRlbGV0ZSI6NjAwMDAwMDAwMDAwLCJ1cGRhdGUiOjYwMDAwMDAwMDAwMH19", - "dependencies": [ - "module.vpc.aws_route_table.default", - "module.vpc.aws_route_table.private_routes", - "module.vpc.aws_vpc.new_vpc" - ] - } - ] - } - ] -} From 10c56a2142ba77ff669f23194aa1b0c0d53d5df3 Mon Sep 17 00:00:00 2001 From: antonlisovenko Date: Mon, 8 Mar 2021 18:03:53 +0000 Subject: [PATCH 03/26] wip --- .github/actions/push-files/Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/push-files/Dockerfile b/.github/actions/push-files/Dockerfile index df77188e5b..66df9fa0fa 100644 --- a/.github/actions/push-files/Dockerfile +++ b/.github/actions/push-files/Dockerfile @@ -3,7 +3,7 @@ FROM alpine/git:latest # Install GitHub CLI RUN apk update && \ - apk add --no-cache libc6-compat + apk add --no-cache libc6-compat bash RUN mkdir ghcli && cd ghcli && \ wget https://github.com/cli/cli/releases/download/v1.5.0/gh_1.5.0_linux_386.tar.gz -O ghcli.tar.gz --no-check-certificate && \ tar --strip-components=1 -xf ghcli.tar.gz -C /usr/local From ad8a5ad2829301c5c2b31d7bfa20ac69efb84d87 Mon Sep 17 00:00:00 2001 From: antonlisovenko Date: Mon, 8 Mar 2021 18:09:33 +0000 Subject: [PATCH 04/26] wip --- .github/actions/push-files/Dockerfile | 1 - .github/actions/push-files/entrypoint.sh | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/actions/push-files/Dockerfile b/.github/actions/push-files/Dockerfile index 66df9fa0fa..c2f5b2d1c6 100644 --- a/.github/actions/push-files/Dockerfile +++ b/.github/actions/push-files/Dockerfile @@ -1,4 +1,3 @@ -#TODO change to alpine FROM alpine/git:latest # Install GitHub CLI diff --git a/.github/actions/push-files/entrypoint.sh b/.github/actions/push-files/entrypoint.sh index 6609cbf596..511d335269 100755 --- a/.github/actions/push-files/entrypoint.sh +++ b/.github/actions/push-files/entrypoint.sh @@ -1,6 +1,6 @@ #!/bin/bash -set -xeou pipefail +set -eou pipefail commit_single_file() { # Commit to the branch From 4527b7f1c88746cafefc4342f5ab1a35d3a65564 Mon Sep 17 00:00:00 2001 From: antonlisovenko Date: Mon, 8 Mar 2021 18:10:40 +0000 Subject: [PATCH 05/26] wip --- .github/workflows/release-branch.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-branch.yml b/.github/workflows/release-branch.yml index 5fb0587cd4..c11738a0b4 100644 --- a/.github/workflows/release-branch.yml +++ b/.github/workflows/release-branch.yml @@ -37,7 +37,7 @@ jobs: git checkout -b "release/${VERSION}" git push origin "release/${VERSION}" - - name: Commit deploy directory + - name: Commit and push deploy directory uses: ./.github/actions/push-files env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} From 460af035e657f5a5aa7d2531a4eb9495c6fbafac Mon Sep 17 00:00:00 2001 From: antonlisovenko Date: Tue, 9 Mar 2021 10:22:54 +0000 Subject: [PATCH 06/26] CLOUDP-84352: generate OLM bundle during release process --- .github/actions/gen-install-scripts/Dockerfile | 6 ++++++ .github/actions/gen-install-scripts/action.yml | 3 +++ .github/actions/gen-install-scripts/entrypoint.sh | 6 +++++- .github/workflows/release-branch.yml | 8 ++++++++ .github/workflows/test.yml | 1 + 5 files changed, 23 insertions(+), 1 deletion(-) diff --git a/.github/actions/gen-install-scripts/Dockerfile b/.github/actions/gen-install-scripts/Dockerfile index 8e0f729988..869fea9211 100644 --- a/.github/actions/gen-install-scripts/Dockerfile +++ b/.github/actions/gen-install-scripts/Dockerfile @@ -5,8 +5,10 @@ ENV KUBECTL_VERSION 1.18.12 # Install RUN curl -L https://storage.googleapis.com/kubernetes-release/release/v${KUBECTL_VERSION}/bin/linux/amd64/kubectl -o /usr/bin/kubectl && \ chmod +x /usr/bin/kubectl + RUN cd /usr/local/bin &&\ curl -L https://raw.githubusercontent.com/kubernetes-sigs/kustomize/master/hack/install_kustomize.sh | bash + RUN CONTROLLER_GEN_TMP_DIR=$(mktemp -d) && \ cd $CONTROLLER_GEN_TMP_DIR && \ go mod init tmp && \ @@ -14,6 +16,10 @@ RUN CONTROLLER_GEN_TMP_DIR=$(mktemp -d) && \ rm -rf $CONTROLLER_GEN_TMP_DIR && \ CONTROLLER_GEN=${GOBIN}/controller-gen +RUN curl -LO https://github.com/operator-framework/operator-sdk/releases/download/v1.4.2/operator-sdk_linux_amd64 && \ + chmod +x operator-sdk_linux_amd64 && \ + mv operator-sdk_linux_amd64 /usr/local/bin/operator-sdk + # Copies your code file from your action repository to the filesystem path `/` of the container COPY entrypoint.sh /home/entrypoint.sh RUN chmod +x /home/entrypoint.sh diff --git a/.github/actions/gen-install-scripts/action.yml b/.github/actions/gen-install-scripts/action.yml index 87b3e1d372..78c722e243 100644 --- a/.github/actions/gen-install-scripts/action.yml +++ b/.github/actions/gen-install-scripts/action.yml @@ -4,6 +4,9 @@ inputs: IMAGE_URL: description: "Operator image" required: true + VERSION: + description: "Version of the Operator" + required: true ENV: description: "Kustomize patch name (enviroment configuration patch)" required: true diff --git a/.github/actions/gen-install-scripts/entrypoint.sh b/.github/actions/gen-install-scripts/entrypoint.sh index f9a715a051..268e115f5b 100755 --- a/.github/actions/gen-install-scripts/entrypoint.sh +++ b/.github/actions/gen-install-scripts/entrypoint.sh @@ -19,6 +19,7 @@ cd - which kustomize kustomize version + # all-in-one kustomize build --load-restrictor LoadRestrictionsNone "config/release/${INPUT_ENV}/allinone" > "${target_dir}/all-in-one.yaml" echo "Created all-in-one config" @@ -36,4 +37,7 @@ echo "Created namespaced config" # crds cp config/crd/bases/* "${crds_dir}" - +# CSV bundle +operator-sdk generate kustomize manifests -q --apis-dir=pkg/api +kustomize build --load-restrictor LoadRestrictionsNone config/manifests | operator-sdk generate bundle -q --overwrite --version "${VERSION}" +operator-sdk bundle validate ./bundle diff --git a/.github/workflows/release-branch.yml b/.github/workflows/release-branch.yml index c11738a0b4..ac7c4f9cc9 100644 --- a/.github/workflows/release-branch.yml +++ b/.github/workflows/release-branch.yml @@ -30,6 +30,7 @@ jobs: uses: ./.github/actions/gen-install-scripts with: IMAGE_URL: ${{ env.DOCKER_RELEASE_REPO }}:${{ env.VERSION }} + VERSION: ${{ env.VERSION }} ENV: prod - name: Create branch and push it @@ -44,6 +45,13 @@ jobs: FILE_TO_COMMIT: "deploy" DESTINATION_BRANCH: "release/${{ env.VERSION }}" + - name: Commit and push bundle directory + uses: ./.github/actions/push-files + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + FILE_TO_COMMIT: "bundle" + DESTINATION_BRANCH: "release/${{ env.VERSION }}" + - name: Create PR uses: ./.github/actions/create-pr env: diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 72469707e3..2ec50ca518 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -97,6 +97,7 @@ jobs: uses: ./.github/actions/gen-install-scripts with: IMAGE_URL: ${{ env.DOCKER_REPO }}:${{ steps.prepare.outputs.tag }} + VERSION: ${{ steps.prepare.outputs.tag }} ENV: dev - name: Set properties From c006e22d6d543302de11bd0485fbac075af68d73 Mon Sep 17 00:00:00 2001 From: antonlisovenko Date: Tue, 9 Mar 2021 10:53:01 +0000 Subject: [PATCH 07/26] renamed to `PATH_TO_COMMIT` --- .github/actions/push-files/action.yml | 2 +- .github/actions/push-files/entrypoint.sh | 2 +- .github/workflows/release-branch.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/actions/push-files/action.yml b/.github/actions/push-files/action.yml index ae1191c6dc..ce0ad54f8d 100644 --- a/.github/actions/push-files/action.yml +++ b/.github/actions/push-files/action.yml @@ -4,7 +4,7 @@ inputs: GITHUB_TOKEN: description: "Action token" required: true - FILE_TO_COMMIT: + PATH_TO_COMMIT: description: "Target file which will be committed" required: true DESTINATION_BRANCH: diff --git a/.github/actions/push-files/entrypoint.sh b/.github/actions/push-files/entrypoint.sh index 511d335269..ebed059dfd 100755 --- a/.github/actions/push-files/entrypoint.sh +++ b/.github/actions/push-files/entrypoint.sh @@ -32,5 +32,5 @@ commit_single_file() { while IFS= read -r -d '' file do commit_single_file "$file" -done < <(find "${FILE_TO_COMMIT}" -type f -print0) +done < <(find "${PATH_TO_COMMIT}" -type f -print0) diff --git a/.github/workflows/release-branch.yml b/.github/workflows/release-branch.yml index c11738a0b4..be3b0da67d 100644 --- a/.github/workflows/release-branch.yml +++ b/.github/workflows/release-branch.yml @@ -41,7 +41,7 @@ jobs: uses: ./.github/actions/push-files env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - FILE_TO_COMMIT: "deploy" + PATH_TO_COMMIT: "deploy" DESTINATION_BRANCH: "release/${{ env.VERSION }}" - name: Create PR From 716d678abf11d777cd2ebbf9c9459dc4fb601b15 Mon Sep 17 00:00:00 2001 From: antonlisovenko Date: Tue, 9 Mar 2021 10:58:54 +0000 Subject: [PATCH 08/26] wip --- .github/workflows/release-branch.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-branch.yml b/.github/workflows/release-branch.yml index 1e19a4ecaf..76503cba6a 100644 --- a/.github/workflows/release-branch.yml +++ b/.github/workflows/release-branch.yml @@ -49,7 +49,7 @@ jobs: uses: ./.github/actions/push-files env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - FILE_TO_COMMIT: "bundle" + PATH_TO_COMMIT: "bundle" DESTINATION_BRANCH: "release/${{ env.VERSION }}" - name: Create PR From 5a84c7e6c45c9f431a166b5a55195452fcf82975 Mon Sep 17 00:00:00 2001 From: antonlisovenko Date: Tue, 9 Mar 2021 11:05:10 +0000 Subject: [PATCH 09/26] adding bundle.Dockerfile --- .github/workflows/release-branch.yml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.github/workflows/release-branch.yml b/.github/workflows/release-branch.yml index 76503cba6a..e78c8a11e5 100644 --- a/.github/workflows/release-branch.yml +++ b/.github/workflows/release-branch.yml @@ -52,6 +52,13 @@ jobs: PATH_TO_COMMIT: "bundle" DESTINATION_BRANCH: "release/${{ env.VERSION }}" + - name: Commit and push bundle dockerfile + uses: ./.github/actions/push-files + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + PATH_TO_COMMIT: "bundle.Dockerfile" + DESTINATION_BRANCH: "release/${{ env.VERSION }}" + - name: Create PR uses: ./.github/actions/create-pr env: From 98dfddefb60a61bfc17a3c6b1035c0f92c1cbfbc Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 9 Mar 2021 11:07:36 +0000 Subject: [PATCH 10/26] Pushing deploy/all-in-one.yaml using GitHub API --- deploy/all-in-one.yaml | 632 +++++++++++++++++++++++++++++++++-------- 1 file changed, 510 insertions(+), 122 deletions(-) diff --git a/deploy/all-in-one.yaml b/deploy/all-in-one.yaml index df8166d0be..3df81dad56 100644 --- a/deploy/all-in-one.yaml +++ b/deploy/all-in-one.yaml @@ -3,13 +3,13 @@ kind: Namespace metadata: labels: control-plane: controller-manager - name: mongodb-atlas-kubernetes-system + name: mongodb-atlas-system --- apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.3.0 + controller-gen.kubebuilder.io/version: v0.4.1 creationTimestamp: null name: atlasclusters.atlas.mongodb.com spec: @@ -27,10 +27,14 @@ spec: description: AtlasCluster is the Schema for the atlasclusters API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object @@ -38,50 +42,74 @@ spec: description: AtlasClusterSpec defines the desired state of AtlasCluster properties: autoScaling: - description: Collection of settings that configures auto-scaling information for the cluster. If you specify the autoScaling object, you must also specify the providerSettings.autoScaling object. + description: Collection of settings that configures auto-scaling information + for the cluster. If you specify the autoScaling object, you must + also specify the providerSettings.autoScaling object. properties: autoIndexingEnabled: - description: Flag that indicates whether autopilot mode for Performance Advisor is enabled. The default is false. + description: Flag that indicates whether autopilot mode for Performance + Advisor is enabled. The default is false. type: boolean compute: - description: Collection of settings that configure how a cluster might scale its cluster tier and whether the cluster can scale down. + description: Collection of settings that configure how a cluster + might scale its cluster tier and whether the cluster can scale + down. properties: enabled: - description: Flag that indicates whether cluster tier auto-scaling is enabled. The default is false. + description: Flag that indicates whether cluster tier auto-scaling + is enabled. The default is false. type: boolean maxInstanceSize: - description: 'Maximum instance size to which your cluster can automatically scale (such as M40). Atlas requires this parameter if "autoScaling.compute.enabled" : true.' + description: 'Maximum instance size to which your cluster + can automatically scale (such as M40). Atlas requires this + parameter if "autoScaling.compute.enabled" : true.' type: string minInstanceSize: - description: 'Minimum instance size to which your cluster can automatically scale (such as M10). Atlas requires this parameter if "autoScaling.compute.scaleDownEnabled" : true.' + description: 'Minimum instance size to which your cluster + can automatically scale (such as M10). Atlas requires this + parameter if "autoScaling.compute.scaleDownEnabled" : true.' type: string scaleDownEnabled: - description: 'Flag that indicates whether the cluster tier may scale down. Atlas requires this parameter if "autoScaling.compute.enabled" : true.' + description: 'Flag that indicates whether the cluster tier + may scale down. Atlas requires this parameter if "autoScaling.compute.enabled" + : true.' type: boolean type: object diskGBEnabled: - description: Flag that indicates whether disk auto-scaling is enabled. The default is true. + description: Flag that indicates whether disk auto-scaling is + enabled. The default is true. type: boolean type: object biConnector: - description: Configuration of BI Connector for Atlas on this cluster. The MongoDB Connector for Business Intelligence for Atlas (BI Connector) is only available for M10 and larger clusters. + description: Configuration of BI Connector for Atlas on this cluster. + The MongoDB Connector for Business Intelligence for Atlas (BI Connector) + is only available for M10 and larger clusters. properties: enabled: - description: Flag that indicates whether or not BI Connector for Atlas is enabled on the cluster. + description: Flag that indicates whether or not BI Connector for + Atlas is enabled on the cluster. type: boolean readPreference: - description: Source from which the BI Connector for Atlas reads data. Each BI Connector for Atlas read preference contains a distinct combination of readPreference and readPreferenceTags options. + description: Source from which the BI Connector for Atlas reads + data. Each BI Connector for Atlas read preference contains a + distinct combination of readPreference and readPreferenceTags + options. type: string type: object clusterType: - description: Type of the cluster that you want to create. The parameter is required if replicationSpecs are set or if Global Clusters are deployed. + description: Type of the cluster that you want to create. The parameter + is required if replicationSpecs are set or if Global Clusters are + deployed. enum: - REPLICASET - SHARDED - GEOSHARDED type: string diskSizeGB: - description: Capacity, in gigabytes, of the host's root volume. Increase this number to add capacity, up to a maximum possible value of 4096 (i.e., 4 TB). This value must be a positive integer. The parameter is required if replicationSpecs are configured. + description: Capacity, in gigabytes, of the host's root volume. Increase + this number to add capacity, up to a maximum possible value of 4096 + (i.e., 4 TB). This value must be a positive integer. The parameter + is required if replicationSpecs are configured. maximum: 4096 minimum: 0 type: integer @@ -94,24 +122,33 @@ spec: - NONE type: string labels: - description: Collection of key-value pairs that tag and categorize the cluster. Each key and value has a maximum length of 255 characters. + description: Collection of key-value pairs that tag and categorize + the cluster. Each key and value has a maximum length of 255 characters. items: - description: LabelSpec contains key-value pairs that tag and categorize the Cluster/DBUser + description: LabelSpec contains key-value pairs that tag and categorize + the Cluster/DBUser properties: key: + maxLength: 255 type: string value: type: string + required: + - key + - value type: object type: array mongoDBMajorVersion: description: Version of the cluster to deploy. type: string name: - description: Name of the cluster as it appears in Atlas. After Atlas creates the cluster, you can't change its name. + description: Name of the cluster as it appears in Atlas. After Atlas + creates the cluster, you can't change its name. type: string numShards: - description: Positive integer that specifies the number of shards to deploy for a sharded cluster. The parameter is required if replicationSpecs are configured + description: Positive integer that specifies the number of shards + to deploy for a sharded cluster. The parameter is required if replicationSpecs + are configured maximum: 50 minimum: 1 type: integer @@ -119,10 +156,12 @@ spec: description: Flag that indicates whether the cluster should be paused. type: boolean pitEnabled: - description: Flag that indicates the cluster uses continuous cloud backups. + description: Flag that indicates the cluster uses continuous cloud + backups. type: boolean projectRef: - description: Project is a reference to AtlasProject resource the cluster belongs to + description: Project is a reference to AtlasProject resource the cluster + belongs to properties: name: description: Name is the name of the Kubernetes Resource @@ -131,59 +170,84 @@ spec: - name type: object providerBackupEnabled: - description: Applicable only for M10+ clusters. Flag that indicates if the cluster uses Cloud Backups for backups. + description: Applicable only for M10+ clusters. Flag that indicates + if the cluster uses Cloud Backups for backups. type: boolean providerSettings: - description: Configuration for the provisioned hosts on which MongoDB runs. The available options are specific to the cloud service provider. + description: Configuration for the provisioned hosts on which MongoDB + runs. The available options are specific to the cloud service provider. properties: autoScaling: - description: Range of instance sizes to which your cluster can scale. + description: Range of instance sizes to which your cluster can + scale. properties: autoIndexingEnabled: - description: Flag that indicates whether autopilot mode for Performance Advisor is enabled. The default is false. + description: Flag that indicates whether autopilot mode for + Performance Advisor is enabled. The default is false. type: boolean compute: - description: Collection of settings that configure how a cluster might scale its cluster tier and whether the cluster can scale down. + description: Collection of settings that configure how a cluster + might scale its cluster tier and whether the cluster can + scale down. properties: enabled: - description: Flag that indicates whether cluster tier auto-scaling is enabled. The default is false. + description: Flag that indicates whether cluster tier + auto-scaling is enabled. The default is false. type: boolean maxInstanceSize: - description: 'Maximum instance size to which your cluster can automatically scale (such as M40). Atlas requires this parameter if "autoScaling.compute.enabled" : true.' + description: 'Maximum instance size to which your cluster + can automatically scale (such as M40). Atlas requires + this parameter if "autoScaling.compute.enabled" : true.' type: string minInstanceSize: - description: 'Minimum instance size to which your cluster can automatically scale (such as M10). Atlas requires this parameter if "autoScaling.compute.scaleDownEnabled" : true.' + description: 'Minimum instance size to which your cluster + can automatically scale (such as M10). Atlas requires + this parameter if "autoScaling.compute.scaleDownEnabled" + : true.' type: string scaleDownEnabled: - description: 'Flag that indicates whether the cluster tier may scale down. Atlas requires this parameter if "autoScaling.compute.enabled" : true.' + description: 'Flag that indicates whether the cluster + tier may scale down. Atlas requires this parameter if + "autoScaling.compute.enabled" : true.' type: boolean type: object diskGBEnabled: - description: Flag that indicates whether disk auto-scaling is enabled. The default is true. + description: Flag that indicates whether disk auto-scaling + is enabled. The default is true. type: boolean type: object backingProviderName: - description: 'Cloud service provider on which the host for a multi-tenant cluster is provisioned. This setting only works when "providerSetting.providerName" : "TENANT" and "providerSetting.instanceSizeName" : M2 or M5.' + description: 'Cloud service provider on which the host for a multi-tenant + cluster is provisioned. This setting only works when "providerSetting.providerName" + : "TENANT" and "providerSetting.instanceSizeName" : M2 or M5.' enum: - AWS - GCP - AZURE type: string diskIOPS: - description: Disk IOPS setting for AWS storage. Set only if you selected AWS as your cloud service provider. + description: Disk IOPS setting for AWS storage. Set only if you + selected AWS as your cloud service provider. format: int64 type: integer diskTypeName: - description: Type of disk if you selected Azure as your cloud service provider. + description: Type of disk if you selected Azure as your cloud + service provider. type: string encryptEBSVolume: - description: Flag that indicates whether the Amazon EBS encryption feature encrypts the host's root volume for both data at rest within the volume and for data moving between the volume and the cluster. + description: Flag that indicates whether the Amazon EBS encryption + feature encrypts the host's root volume for both data at rest + within the volume and for data moving between the volume and + the cluster. type: boolean instanceSizeName: - description: Atlas provides different cluster tiers, each with a default storage capacity and RAM size. The cluster you select is used for all the data-bearing hosts in your cluster tier. + description: Atlas provides different cluster tiers, each with + a default storage capacity and RAM size. The cluster you select + is used for all the data-bearing hosts in your cluster tier. type: string providerName: - description: Cloud service provider on which Atlas provisions the hosts. + description: Cloud service provider on which Atlas provisions + the hosts. enum: - AWS - GCP @@ -191,10 +255,13 @@ spec: - TENANT type: string regionName: - description: Physical location of your MongoDB cluster. The region you choose can affect network latency for clients accessing your databases. + description: Physical location of your MongoDB cluster. The region + you choose can affect network latency for clients accessing + your databases. type: string volumeType: - description: Disk IOPS setting for AWS storage. Set only if you selected AWS as your cloud service provider. + description: Disk IOPS setting for AWS storage. Set only if you + selected AWS as your cloud service provider. enum: - STANDARD - PROVISIONED @@ -206,37 +273,57 @@ spec: replicationSpecs: description: Configuration for cluster regions. items: - description: ReplicationSpec represents a configuration for cluster regions + description: ReplicationSpec represents a configuration for cluster + regions properties: numShards: - description: Number of shards to deploy in each specified zone. The default value is 1. + description: Number of shards to deploy in each specified zone. + The default value is 1. format: int64 type: integer regionsConfig: additionalProperties: - description: RegionsConfig describes the region’s priority in elections and the number and type of MongoDB nodes Atlas deploys to the region. + description: RegionsConfig describes the region’s priority + in elections and the number and type of MongoDB nodes Atlas + deploys to the region. properties: analyticsNodes: - description: The number of analytics nodes for Atlas to deploy to the region. Analytics nodes are useful for handling analytic data such as reporting queries from BI Connector for Atlas. Analytics nodes are read-only, and can never become the primary. If you do not specify this option, no analytics nodes are deployed to the region. + description: The number of analytics nodes for Atlas to + deploy to the region. Analytics nodes are useful for + handling analytic data such as reporting queries from + BI Connector for Atlas. Analytics nodes are read-only, + and can never become the primary. If you do not specify + this option, no analytics nodes are deployed to the + region. format: int64 type: integer electableNodes: - description: Number of electable nodes for Atlas to deploy to the region. Electable nodes can become the primary and can facilitate local reads. + description: Number of electable nodes for Atlas to deploy + to the region. Electable nodes can become the primary + and can facilitate local reads. format: int64 type: integer priority: - description: Election priority of the region. For regions with only replicationSpecs[n].regionsConfig..readOnlyNodes, set this value to 0. + description: Election priority of the region. For regions + with only replicationSpecs[n].regionsConfig..readOnlyNodes, + set this value to 0. format: int64 type: integer readOnlyNodes: - description: Number of read-only nodes for Atlas to deploy to the region. Read-only nodes can never become the primary, but can facilitate local-reads. + description: Number of read-only nodes for Atlas to deploy + to the region. Read-only nodes can never become the + primary, but can facilitate local-reads. format: int64 type: integer type: object - description: Configuration for a region. Each regionsConfig object describes the region's priority in elections and the number and type of MongoDB nodes that Atlas deploys to the region. + description: Configuration for a region. Each regionsConfig + object describes the region's priority in elections and the + number and type of MongoDB nodes that Atlas deploys to the + region. type: object zoneName: - description: Name for the zone in a Global Cluster. Don't provide this value if clusterType is not GEOSHARDED. + description: Name for the zone in a Global Cluster. Don't provide + this value if clusterType is not GEOSHARDED. type: string type: object type: array @@ -249,16 +336,20 @@ spec: description: AtlasClusterStatus defines the observed state of AtlasCluster. properties: conditions: - description: Conditions is the list of statuses showing the current state of the Atlas Custom Resource + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource items: - description: Condition describes the state of an Atlas Custom Resource at a certain point. + description: Condition describes the state of an Atlas Custom Resource + at a certain point. properties: lastTransitionTime: - description: Last time the condition transitioned from one status to another. + description: Last time the condition transitioned from one status + to another. format: date-time type: string message: - description: A human readable message indicating details about the transition. + description: A human readable message indicating details about + the transition. type: string reason: description: The reason for the condition's last transition. @@ -275,21 +366,36 @@ spec: type: object type: array connectionStrings: - description: ConnectionStrings is a set of connection strings that your applications use to connect to this cluster. + description: ConnectionStrings is a set of connection strings that + your applications use to connect to this cluster. properties: private: - description: Network-peering-endpoint-aware mongodb:// connection strings for each interface VPC endpoint you configured to connect to this cluster. Atlas returns this parameter only if you created a network peering connection to this cluster. + description: Network-peering-endpoint-aware mongodb:// connection + strings for each interface VPC endpoint you configured to connect + to this cluster. Atlas returns this parameter only if you created + a network peering connection to this cluster. type: string privateEndpoint: - description: Private endpoint connection strings. Each object describes the connection strings you can use to connect to this cluster through a private endpoint. Atlas returns this parameter only if you deployed a private endpoint to all regions to which you deployed this cluster's nodes. + description: Private endpoint connection strings. Each object + describes the connection strings you can use to connect to this + cluster through a private endpoint. Atlas returns this parameter + only if you deployed a private endpoint to all regions to which + you deployed this cluster's nodes. items: - description: PrivateEndpoint connection strings. Each object describes the connection strings you can use to connect to this cluster through a private endpoint. Atlas returns this parameter only if you deployed a private endpoint to all regions to which you deployed this cluster's nodes. + description: PrivateEndpoint connection strings. Each object + describes the connection strings you can use to connect to + this cluster through a private endpoint. Atlas returns this + parameter only if you deployed a private endpoint to all regions + to which you deployed this cluster's nodes. properties: connectionString: - description: Private-endpoint-aware mongodb:// connection string for this private endpoint. + description: Private-endpoint-aware mongodb:// connection + string for this private endpoint. type: string endpoints: - description: Private endpoint through which you connect to Atlas when you use connectionStrings.privateEndpoint[n].connectionString or connectionStrings.privateEndpoint[n].srvConnectionString. + description: Private endpoint through which you connect + to Atlas when you use connectionStrings.privateEndpoint[n].connectionString + or connectionStrings.privateEndpoint[n].srvConnectionString. items: description: Endpoint through which you connect to Atlas properties: @@ -297,45 +403,273 @@ spec: description: Unique identifier of the private endpoint. type: string providerName: - description: Cloud provider to which you deployed the private endpoint. Atlas returns AWS or AZURE. + description: Cloud provider to which you deployed + the private endpoint. Atlas returns AWS or AZURE. type: string region: - description: Region to which you deployed the private endpoint. + description: Region to which you deployed the private + endpoint. type: string type: object type: array srvConnectionString: - description: Private-endpoint-aware mongodb+srv:// connection string for this private endpoint. + description: Private-endpoint-aware mongodb+srv:// connection + string for this private endpoint. type: string type: - description: "Type of MongoDB process that you connect to with the connection strings \n Atlas returns: \n • MONGOD for replica sets, or \n • MONGOS for sharded clusters" + description: "Type of MongoDB process that you connect to + with the connection strings \n Atlas returns: \n • MONGOD + for replica sets, or \n • MONGOS for sharded clusters" type: string type: object type: array privateSrv: - description: Network-peering-endpoint-aware mongodb+srv:// connection strings for each interface VPC endpoint you configured to connect to this cluster. Atlas returns this parameter only if you created a network peering connection to this cluster. Use this URI format if your driver supports it. If it doesn't, use connectionStrings.private. + description: Network-peering-endpoint-aware mongodb+srv:// connection + strings for each interface VPC endpoint you configured to connect + to this cluster. Atlas returns this parameter only if you created + a network peering connection to this cluster. Use this URI format + if your driver supports it. If it doesn't, use connectionStrings.private. type: string standard: description: Public mongodb:// connection string for this cluster. type: string standardSrv: - description: Public mongodb+srv:// connection string for this cluster. + description: Public mongodb+srv:// connection string for this + cluster. type: string type: object mongoDBVersion: - description: MongoDBVersion is the version of MongoDB the cluster runs, in . format. + description: MongoDBVersion is the version of MongoDB the cluster + runs, in . format. type: string mongoURIUpdated: - description: MongoURIUpdated is a timestamp in ISO 8601 date and time format in UTC when the connection string was last updated. The connection string changes if you update any of the other values. + description: MongoURIUpdated is a timestamp in ISO 8601 date and time + format in UTC when the connection string was last updated. The connection + string changes if you update any of the other values. type: string observedGeneration: - description: ObservedGeneration indicates the generation of the resource specification that the Atlas Operator is aware of. The Atlas Operator updates this field to the 'metadata.generation' as soon as it starts reconciliation of the resource. + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. format: int64 type: integer stateName: - description: 'StateName is the current state of the cluster. The possible states are: IDLE, CREATING, UPDATING, DELETING, DELETED, REPAIRING' + description: 'StateName is the current state of the cluster. The possible + states are: IDLE, CREATING, UPDATING, DELETING, DELETED, REPAIRING' + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: atlasdatabaseusers.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasDatabaseUser + listKind: AtlasDatabaseUserList + plural: atlasdatabaseusers + singular: atlasdatabaseuser + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.name + name: Name + type: string + name: v1 + schema: + openAPIV3Schema: + description: AtlasDatabaseUser is the Schema for the Atlas Database User API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasDatabaseUserSpec defines the desired state of Database + User in Atlas + properties: + databaseName: + default: admin + description: DatabaseName is a Database against which Atlas authenticates + the user. Default value is 'admin'. + type: string + deleteAfterDate: + description: DeleteAfterDate is a timestamp in ISO 8601 date and time + format in UTC after which Atlas deletes the user. The specified + date must be in the future and within one week. + type: string + labels: + description: Labels is an array containing key-value pairs that tag + and categorize the database user. Each key and value has a maximum + length of 255 characters. + items: + description: LabelSpec contains key-value pairs that tag and categorize + the Cluster/DBUser + properties: + key: + maxLength: 255 + type: string + value: + type: string + required: + - key + - value + type: object + type: array + passwordSecretRef: + description: PasswordSecret is a reference to the Secret keeping the + user password. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + projectRef: + description: Project is a reference to AtlasProject resource the user + belongs to + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + roles: + description: Roles is an array of this user's roles and the databases + / collections on which the roles apply. A role allows the user to + perform particular actions on the specified database. + items: + description: RoleSpec allows the user to perform particular actions + on the specified database. A role on the admin database can include + privileges that apply to the other databases as well. + properties: + collectionName: + description: CollectionName is a collection for which the role + applies. + type: string + databaseName: + description: DatabaseName is a database on which the user has + the specified role. A role on the admin database can include + privileges that apply to the other databases. + type: string + roleName: + description: RoleName is a name of the role. This value can + either be a built-in role or a custom role. + type: string + required: + - databaseName + - roleName + type: object + minItems: 1 + type: array + scopes: + description: Scopes is an array of clusters and Atlas Data Lakes that + this user has access to. + items: + description: ScopeSpec if present a database user only have access + to the indicated resource (Cluster or Atlas Data Lake) if none + is given then it has access to all. It's highly recommended to + restrict the access of the database users only to a limited set + of resources. + properties: + name: + description: Name is a name of the cluster or Atlas Data Lake + that the user has access to. + type: string + type: + description: Type is a type of resource that the user has access + to. + enum: + - CLUSTER + - DATA_LAKE + type: string + required: + - name + - type + type: object + type: array + username: + description: Username is a username for authenticating to MongoDB. type: string required: + - passwordSecretRef + - projectRef + - roles + - username + type: object + status: + description: AtlasDatabaseUserStatus defines the observed state of AtlasProject + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + connectionSecrets: + additionalProperties: + type: string + type: object + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + required: - conditions type: object type: object @@ -354,7 +688,7 @@ apiVersion: apiextensions.k8s.io/v1 kind: CustomResourceDefinition metadata: annotations: - controller-gen.kubebuilder.io/version: v0.3.0 + controller-gen.kubebuilder.io/version: v0.4.1 creationTimestamp: null name: atlasprojects.atlas.mongodb.com spec: @@ -376,18 +710,26 @@ spec: description: AtlasProject is the Schema for the atlasprojects API properties: apiVersion: - description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' type: string kind: - description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' type: string metadata: type: object spec: - description: AtlasProjectSpec defines the desired state of Project in Atlas + description: AtlasProjectSpec defines the desired state of Project in + Atlas properties: connectionSecretRef: - description: ConnectionSecret is the name of the Kubernetes Secret which contains the information about the way to connect to Atlas (organization ID, API keys). The default Operator connection configuration will be used if not provided. + description: ConnectionSecret is the name of the Kubernetes Secret + which contains the information about the way to connect to Atlas + (organization ID, API keys). The default Operator connection configuration + will be used if not provided. properties: name: description: Name is the name of the Kubernetes Resource @@ -396,23 +738,28 @@ spec: - name type: object name: - description: Name is the name of the Project that is created in Atlas by the Operator if it doesn't exist yet. + description: Name is the name of the Project that is created in Atlas + by the Operator if it doesn't exist yet. type: string projectIpAccessList: - description: ProjectIPAccessList allows to enable the IP Access List for the Project. See more information at https://docs.atlas.mongodb.com/reference/api/ip-access-list/add-entries-to-access-list/ + description: ProjectIPAccessList allows to enable the IP Access List + for the Project. See more information at https://docs.atlas.mongodb.com/reference/api/ip-access-list/add-entries-to-access-list/ items: properties: awsSecurityGroup: - description: Unique identifier of AWS security group in this access list entry. + description: Unique identifier of AWS security group in this + access list entry. type: string cidrBlock: - description: Range of IP addresses in CIDR notation in this access list entry. + description: Range of IP addresses in CIDR notation in this + access list entry. type: string comment: description: Comment associated with this access list entry. type: string deleteAfterDate: - description: Timestamp in ISO 8601 date and time format in UTC after which Atlas deletes the temporary access list entry. + description: Timestamp in ISO 8601 date and time format in UTC + after which Atlas deletes the temporary access list entry. type: string ipAddress: description: Entry using an IP address in this access list entry. @@ -426,16 +773,20 @@ spec: description: AtlasProjectStatus defines the observed state of AtlasProject properties: conditions: - description: Conditions is the list of statuses showing the current state of the Atlas Custom Resource + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource items: - description: Condition describes the state of an Atlas Custom Resource at a certain point. + description: Condition describes the state of an Atlas Custom Resource + at a certain point. properties: lastTransitionTime: - description: Last time the condition transitioned from one status to another. + description: Last time the condition transitioned from one status + to another. format: date-time type: string message: - description: A human readable message indicating details about the transition. + description: A human readable message indicating details about + the transition. type: string reason: description: The reason for the condition's last transition. @@ -452,21 +803,26 @@ spec: type: object type: array expiredIpAccessList: - description: The list of IP Access List entries that are expired due to 'deleteAfterDate' being less than the current date. Note, that this field is updated by the Atlas Operator only after specification changes + description: The list of IP Access List entries that are expired due + to 'deleteAfterDate' being less than the current date. Note, that + this field is updated by the Atlas Operator only after specification + changes items: - description: ProjectIPAccessList is a copy of mdbv1.ProjectIPAccessList properties: awsSecurityGroup: - description: Unique identifier of AWS security group in this access list entry. + description: Unique identifier of AWS security group in this + access list entry. type: string cidrBlock: - description: Range of IP addresses in CIDR notation in this access list entry. + description: Range of IP addresses in CIDR notation in this + access list entry. type: string comment: description: Comment associated with this access list entry. type: string deleteAfterDate: - description: Timestamp in ISO 8601 date and time format in UTC after which Atlas deletes the temporary access list entry. + description: Timestamp in ISO 8601 date and time format in UTC + after which Atlas deletes the temporary access list entry. type: string ipAddress: description: Entry using an IP address in this access list entry. @@ -477,7 +833,10 @@ spec: description: The ID of the Atlas Project type: string observedGeneration: - description: ObservedGeneration indicates the generation of the resource specification that the Atlas Operator is aware of. The Atlas Operator updates this field to the 'metadata.generation' as soon as it starts reconciliation of the resource. + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. format: int64 type: integer required: @@ -498,13 +857,15 @@ status: apiVersion: rbac.authorization.k8s.io/v1 kind: Role metadata: - name: mongodb-atlas-kubernetes-leader-election-role - namespace: mongodb-atlas-kubernetes-system + name: mongodb-atlas-leader-election-role + namespace: mongodb-atlas-system rules: - apiGroups: - "" + - coordination.k8s.io resources: - configmaps + - leases verbs: - get - list @@ -513,14 +874,6 @@ rules: - update - patch - delete -- apiGroups: - - "" - resources: - - configmaps/status - verbs: - - get - - update - - patch - apiGroups: - "" resources: @@ -533,7 +886,7 @@ apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: creationTimestamp: null - name: mongodb-atlas-kubernetes-manager-role + name: mongodb-atlas-manager-role rules: - apiGroups: - "" @@ -563,6 +916,26 @@ rules: - get - patch - update +- apiGroups: + - atlas.mongodb.com + resources: + - atlasdatabaseusers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - atlas.mongodb.com + resources: + - atlasdatabaseusers/status + verbs: + - get + - patch + - update - apiGroups: - atlas.mongodb.com resources: @@ -587,7 +960,7 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: mongodb-atlas-kubernetes-metrics-reader + name: mongodb-atlas-metrics-reader rules: - nonResourceURLs: - /metrics @@ -597,7 +970,7 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: - name: mongodb-atlas-kubernetes-proxy-role + name: mongodb-atlas-proxy-role rules: - apiGroups: - authentication.k8s.io @@ -615,50 +988,50 @@ rules: apiVersion: rbac.authorization.k8s.io/v1 kind: RoleBinding metadata: - name: mongodb-atlas-kubernetes-leader-election-rolebinding - namespace: mongodb-atlas-kubernetes-system + name: mongodb-atlas-leader-election-rolebinding + namespace: mongodb-atlas-system roleRef: apiGroup: rbac.authorization.k8s.io kind: Role - name: mongodb-atlas-kubernetes-leader-election-role + name: mongodb-atlas-leader-election-role subjects: - kind: ServiceAccount name: default - namespace: mongodb-atlas-kubernetes-system + namespace: mongodb-atlas-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: mongodb-atlas-kubernetes-manager-rolebinding + name: mongodb-atlas-manager-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: mongodb-atlas-kubernetes-manager-role + name: mongodb-atlas-manager-role subjects: - kind: ServiceAccount name: default - namespace: mongodb-atlas-kubernetes-system + namespace: mongodb-atlas-system --- apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRoleBinding metadata: - name: mongodb-atlas-kubernetes-proxy-rolebinding + name: mongodb-atlas-proxy-rolebinding roleRef: apiGroup: rbac.authorization.k8s.io kind: ClusterRole - name: mongodb-atlas-kubernetes-proxy-role + name: mongodb-atlas-proxy-role subjects: - kind: ServiceAccount name: default - namespace: mongodb-atlas-kubernetes-system + namespace: mongodb-atlas-system --- apiVersion: v1 kind: Service metadata: labels: control-plane: controller-manager - name: mongodb-atlas-kubernetes-controller-manager-metrics-service - namespace: mongodb-atlas-kubernetes-system + name: mongodb-atlas-controller-manager-metrics-service + namespace: mongodb-atlas-system spec: ports: - name: https @@ -671,9 +1044,9 @@ apiVersion: apps/v1 kind: Deployment metadata: labels: - control-plane: controller-manager - name: mongodb-atlas-kubernetes-controller-manager - namespace: mongodb-atlas-kubernetes-system + control-plane: operator + name: mongodb-atlas-operator + namespace: mongodb-atlas-system spec: replicas: 1 selector: @@ -696,9 +1069,10 @@ spec: - containerPort: 8443 name: https - args: - - --metrics-addr=127.0.0.1:8080 - - --enable-leader-election - --atlas-domain=https://cloud.mongodb.com + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect command: - /manager env: @@ -710,16 +1084,30 @@ spec: valueFrom: fieldRef: fieldPath: metadata.namespace - image: mongodb/mongodb-atlas-kubernetes-operator:0.3.0 + image: mongodb/mongodb-atlas-kubernetes-operator:0.21.0 imagePullPolicy: Always + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 name: manager + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 resources: limits: cpu: 100m - memory: 30Mi + memory: 100Mi requests: cpu: 100m memory: 20Mi + securityContext: + allowPrivilegeEscalation: false securityContext: runAsNonRoot: true runAsUser: 2000 From 8643ca4604d3d9e4de7856b2745f466d25113d9e Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 9 Mar 2021 11:07:37 +0000 Subject: [PATCH 11/26] Pushing deploy/crds/atlas.mongodb.com_atlasprojects.yaml using GitHub API --- .../crds/atlas.mongodb.com_atlasprojects.yaml | 171 ++++++++++++++++++ 1 file changed, 171 insertions(+) create mode 100644 deploy/crds/atlas.mongodb.com_atlasprojects.yaml diff --git a/deploy/crds/atlas.mongodb.com_atlasprojects.yaml b/deploy/crds/atlas.mongodb.com_atlasprojects.yaml new file mode 100644 index 0000000000..7b0a538365 --- /dev/null +++ b/deploy/crds/atlas.mongodb.com_atlasprojects.yaml @@ -0,0 +1,171 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: atlasprojects.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasProject + listKind: AtlasProjectList + plural: atlasprojects + singular: atlasproject + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.name + name: Name + type: string + name: v1 + schema: + openAPIV3Schema: + description: AtlasProject is the Schema for the atlasprojects API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasProjectSpec defines the desired state of Project in + Atlas + properties: + connectionSecretRef: + description: ConnectionSecret is the name of the Kubernetes Secret + which contains the information about the way to connect to Atlas + (organization ID, API keys). The default Operator connection configuration + will be used if not provided. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + name: + description: Name is the name of the Project that is created in Atlas + by the Operator if it doesn't exist yet. + type: string + projectIpAccessList: + description: ProjectIPAccessList allows to enable the IP Access List + for the Project. See more information at https://docs.atlas.mongodb.com/reference/api/ip-access-list/add-entries-to-access-list/ + items: + properties: + awsSecurityGroup: + description: Unique identifier of AWS security group in this + access list entry. + type: string + cidrBlock: + description: Range of IP addresses in CIDR notation in this + access list entry. + type: string + comment: + description: Comment associated with this access list entry. + type: string + deleteAfterDate: + description: Timestamp in ISO 8601 date and time format in UTC + after which Atlas deletes the temporary access list entry. + type: string + ipAddress: + description: Entry using an IP address in this access list entry. + type: string + type: object + type: array + required: + - name + type: object + status: + description: AtlasProjectStatus defines the observed state of AtlasProject + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + expiredIpAccessList: + description: The list of IP Access List entries that are expired due + to 'deleteAfterDate' being less than the current date. Note, that + this field is updated by the Atlas Operator only after specification + changes + items: + properties: + awsSecurityGroup: + description: Unique identifier of AWS security group in this + access list entry. + type: string + cidrBlock: + description: Range of IP addresses in CIDR notation in this + access list entry. + type: string + comment: + description: Comment associated with this access list entry. + type: string + deleteAfterDate: + description: Timestamp in ISO 8601 date and time format in UTC + after which Atlas deletes the temporary access list entry. + type: string + ipAddress: + description: Entry using an IP address in this access list entry. + type: string + type: object + type: array + id: + description: The ID of the Atlas Project + type: string + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] From e41eb7edc884316423e33a4b9d5da3fef14f8dee Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 9 Mar 2021 11:07:37 +0000 Subject: [PATCH 12/26] Pushing deploy/crds/atlas.mongodb.com_atlasclusters.yaml using GitHub API --- .../crds/atlas.mongodb.com_atlasclusters.yaml | 469 ++++++++++++++++++ 1 file changed, 469 insertions(+) create mode 100644 deploy/crds/atlas.mongodb.com_atlasclusters.yaml diff --git a/deploy/crds/atlas.mongodb.com_atlasclusters.yaml b/deploy/crds/atlas.mongodb.com_atlasclusters.yaml new file mode 100644 index 0000000000..93d9f283af --- /dev/null +++ b/deploy/crds/atlas.mongodb.com_atlasclusters.yaml @@ -0,0 +1,469 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: atlasclusters.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasCluster + listKind: AtlasClusterList + plural: atlasclusters + singular: atlascluster + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: AtlasCluster is the Schema for the atlasclusters API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasClusterSpec defines the desired state of AtlasCluster + properties: + autoScaling: + description: Collection of settings that configures auto-scaling information + for the cluster. If you specify the autoScaling object, you must + also specify the providerSettings.autoScaling object. + properties: + autoIndexingEnabled: + description: Flag that indicates whether autopilot mode for Performance + Advisor is enabled. The default is false. + type: boolean + compute: + description: Collection of settings that configure how a cluster + might scale its cluster tier and whether the cluster can scale + down. + properties: + enabled: + description: Flag that indicates whether cluster tier auto-scaling + is enabled. The default is false. + type: boolean + maxInstanceSize: + description: 'Maximum instance size to which your cluster + can automatically scale (such as M40). Atlas requires this + parameter if "autoScaling.compute.enabled" : true.' + type: string + minInstanceSize: + description: 'Minimum instance size to which your cluster + can automatically scale (such as M10). Atlas requires this + parameter if "autoScaling.compute.scaleDownEnabled" : true.' + type: string + scaleDownEnabled: + description: 'Flag that indicates whether the cluster tier + may scale down. Atlas requires this parameter if "autoScaling.compute.enabled" + : true.' + type: boolean + type: object + diskGBEnabled: + description: Flag that indicates whether disk auto-scaling is + enabled. The default is true. + type: boolean + type: object + biConnector: + description: Configuration of BI Connector for Atlas on this cluster. + The MongoDB Connector for Business Intelligence for Atlas (BI Connector) + is only available for M10 and larger clusters. + properties: + enabled: + description: Flag that indicates whether or not BI Connector for + Atlas is enabled on the cluster. + type: boolean + readPreference: + description: Source from which the BI Connector for Atlas reads + data. Each BI Connector for Atlas read preference contains a + distinct combination of readPreference and readPreferenceTags + options. + type: string + type: object + clusterType: + description: Type of the cluster that you want to create. The parameter + is required if replicationSpecs are set or if Global Clusters are + deployed. + enum: + - REPLICASET + - SHARDED + - GEOSHARDED + type: string + diskSizeGB: + description: Capacity, in gigabytes, of the host's root volume. Increase + this number to add capacity, up to a maximum possible value of 4096 + (i.e., 4 TB). This value must be a positive integer. The parameter + is required if replicationSpecs are configured. + maximum: 4096 + minimum: 0 + type: integer + encryptionAtRestProvider: + description: Cloud service provider that offers Encryption at Rest. + enum: + - AWS + - GCP + - AZURE + - NONE + type: string + labels: + description: Collection of key-value pairs that tag and categorize + the cluster. Each key and value has a maximum length of 255 characters. + items: + description: LabelSpec contains key-value pairs that tag and categorize + the Cluster/DBUser + properties: + key: + maxLength: 255 + type: string + value: + type: string + required: + - key + - value + type: object + type: array + mongoDBMajorVersion: + description: Version of the cluster to deploy. + type: string + name: + description: Name of the cluster as it appears in Atlas. After Atlas + creates the cluster, you can't change its name. + type: string + numShards: + description: Positive integer that specifies the number of shards + to deploy for a sharded cluster. The parameter is required if replicationSpecs + are configured + maximum: 50 + minimum: 1 + type: integer + paused: + description: Flag that indicates whether the cluster should be paused. + type: boolean + pitEnabled: + description: Flag that indicates the cluster uses continuous cloud + backups. + type: boolean + projectRef: + description: Project is a reference to AtlasProject resource the cluster + belongs to + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + providerBackupEnabled: + description: Applicable only for M10+ clusters. Flag that indicates + if the cluster uses Cloud Backups for backups. + type: boolean + providerSettings: + description: Configuration for the provisioned hosts on which MongoDB + runs. The available options are specific to the cloud service provider. + properties: + autoScaling: + description: Range of instance sizes to which your cluster can + scale. + properties: + autoIndexingEnabled: + description: Flag that indicates whether autopilot mode for + Performance Advisor is enabled. The default is false. + type: boolean + compute: + description: Collection of settings that configure how a cluster + might scale its cluster tier and whether the cluster can + scale down. + properties: + enabled: + description: Flag that indicates whether cluster tier + auto-scaling is enabled. The default is false. + type: boolean + maxInstanceSize: + description: 'Maximum instance size to which your cluster + can automatically scale (such as M40). Atlas requires + this parameter if "autoScaling.compute.enabled" : true.' + type: string + minInstanceSize: + description: 'Minimum instance size to which your cluster + can automatically scale (such as M10). Atlas requires + this parameter if "autoScaling.compute.scaleDownEnabled" + : true.' + type: string + scaleDownEnabled: + description: 'Flag that indicates whether the cluster + tier may scale down. Atlas requires this parameter if + "autoScaling.compute.enabled" : true.' + type: boolean + type: object + diskGBEnabled: + description: Flag that indicates whether disk auto-scaling + is enabled. The default is true. + type: boolean + type: object + backingProviderName: + description: 'Cloud service provider on which the host for a multi-tenant + cluster is provisioned. This setting only works when "providerSetting.providerName" + : "TENANT" and "providerSetting.instanceSizeName" : M2 or M5.' + enum: + - AWS + - GCP + - AZURE + type: string + diskIOPS: + description: Disk IOPS setting for AWS storage. Set only if you + selected AWS as your cloud service provider. + format: int64 + type: integer + diskTypeName: + description: Type of disk if you selected Azure as your cloud + service provider. + type: string + encryptEBSVolume: + description: Flag that indicates whether the Amazon EBS encryption + feature encrypts the host's root volume for both data at rest + within the volume and for data moving between the volume and + the cluster. + type: boolean + instanceSizeName: + description: Atlas provides different cluster tiers, each with + a default storage capacity and RAM size. The cluster you select + is used for all the data-bearing hosts in your cluster tier. + type: string + providerName: + description: Cloud service provider on which Atlas provisions + the hosts. + enum: + - AWS + - GCP + - AZURE + - TENANT + type: string + regionName: + description: Physical location of your MongoDB cluster. The region + you choose can affect network latency for clients accessing + your databases. + type: string + volumeType: + description: Disk IOPS setting for AWS storage. Set only if you + selected AWS as your cloud service provider. + enum: + - STANDARD + - PROVISIONED + type: string + required: + - instanceSizeName + - providerName + type: object + replicationSpecs: + description: Configuration for cluster regions. + items: + description: ReplicationSpec represents a configuration for cluster + regions + properties: + numShards: + description: Number of shards to deploy in each specified zone. + The default value is 1. + format: int64 + type: integer + regionsConfig: + additionalProperties: + description: RegionsConfig describes the region’s priority + in elections and the number and type of MongoDB nodes Atlas + deploys to the region. + properties: + analyticsNodes: + description: The number of analytics nodes for Atlas to + deploy to the region. Analytics nodes are useful for + handling analytic data such as reporting queries from + BI Connector for Atlas. Analytics nodes are read-only, + and can never become the primary. If you do not specify + this option, no analytics nodes are deployed to the + region. + format: int64 + type: integer + electableNodes: + description: Number of electable nodes for Atlas to deploy + to the region. Electable nodes can become the primary + and can facilitate local reads. + format: int64 + type: integer + priority: + description: Election priority of the region. For regions + with only replicationSpecs[n].regionsConfig..readOnlyNodes, + set this value to 0. + format: int64 + type: integer + readOnlyNodes: + description: Number of read-only nodes for Atlas to deploy + to the region. Read-only nodes can never become the + primary, but can facilitate local-reads. + format: int64 + type: integer + type: object + description: Configuration for a region. Each regionsConfig + object describes the region's priority in elections and the + number and type of MongoDB nodes that Atlas deploys to the + region. + type: object + zoneName: + description: Name for the zone in a Global Cluster. Don't provide + this value if clusterType is not GEOSHARDED. + type: string + type: object + type: array + required: + - name + - projectRef + - providerSettings + type: object + status: + description: AtlasClusterStatus defines the observed state of AtlasCluster. + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + connectionStrings: + description: ConnectionStrings is a set of connection strings that + your applications use to connect to this cluster. + properties: + private: + description: Network-peering-endpoint-aware mongodb:// connection + strings for each interface VPC endpoint you configured to connect + to this cluster. Atlas returns this parameter only if you created + a network peering connection to this cluster. + type: string + privateEndpoint: + description: Private endpoint connection strings. Each object + describes the connection strings you can use to connect to this + cluster through a private endpoint. Atlas returns this parameter + only if you deployed a private endpoint to all regions to which + you deployed this cluster's nodes. + items: + description: PrivateEndpoint connection strings. Each object + describes the connection strings you can use to connect to + this cluster through a private endpoint. Atlas returns this + parameter only if you deployed a private endpoint to all regions + to which you deployed this cluster's nodes. + properties: + connectionString: + description: Private-endpoint-aware mongodb:// connection + string for this private endpoint. + type: string + endpoints: + description: Private endpoint through which you connect + to Atlas when you use connectionStrings.privateEndpoint[n].connectionString + or connectionStrings.privateEndpoint[n].srvConnectionString. + items: + description: Endpoint through which you connect to Atlas + properties: + endpointId: + description: Unique identifier of the private endpoint. + type: string + providerName: + description: Cloud provider to which you deployed + the private endpoint. Atlas returns AWS or AZURE. + type: string + region: + description: Region to which you deployed the private + endpoint. + type: string + type: object + type: array + srvConnectionString: + description: Private-endpoint-aware mongodb+srv:// connection + string for this private endpoint. + type: string + type: + description: "Type of MongoDB process that you connect to + with the connection strings \n Atlas returns: \n • MONGOD + for replica sets, or \n • MONGOS for sharded clusters" + type: string + type: object + type: array + privateSrv: + description: Network-peering-endpoint-aware mongodb+srv:// connection + strings for each interface VPC endpoint you configured to connect + to this cluster. Atlas returns this parameter only if you created + a network peering connection to this cluster. Use this URI format + if your driver supports it. If it doesn't, use connectionStrings.private. + type: string + standard: + description: Public mongodb:// connection string for this cluster. + type: string + standardSrv: + description: Public mongodb+srv:// connection string for this + cluster. + type: string + type: object + mongoDBVersion: + description: MongoDBVersion is the version of MongoDB the cluster + runs, in . format. + type: string + mongoURIUpdated: + description: MongoURIUpdated is a timestamp in ISO 8601 date and time + format in UTC when the connection string was last updated. The connection + string changes if you update any of the other values. + type: string + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + stateName: + description: 'StateName is the current state of the cluster. The possible + states are: IDLE, CREATING, UPDATING, DELETING, DELETED, REPAIRING' + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] From 8f5efbb4a5c63536e72c080992907a8a671b31ad Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 9 Mar 2021 11:07:38 +0000 Subject: [PATCH 13/26] Pushing deploy/crds/atlas.mongodb.com_atlasdatabaseusers.yaml using GitHub API --- .../atlas.mongodb.com_atlasdatabaseusers.yaml | 212 ++++++++++++++++++ 1 file changed, 212 insertions(+) create mode 100644 deploy/crds/atlas.mongodb.com_atlasdatabaseusers.yaml diff --git a/deploy/crds/atlas.mongodb.com_atlasdatabaseusers.yaml b/deploy/crds/atlas.mongodb.com_atlasdatabaseusers.yaml new file mode 100644 index 0000000000..4dede6f140 --- /dev/null +++ b/deploy/crds/atlas.mongodb.com_atlasdatabaseusers.yaml @@ -0,0 +1,212 @@ + +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: atlasdatabaseusers.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasDatabaseUser + listKind: AtlasDatabaseUserList + plural: atlasdatabaseusers + singular: atlasdatabaseuser + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.name + name: Name + type: string + name: v1 + schema: + openAPIV3Schema: + description: AtlasDatabaseUser is the Schema for the Atlas Database User API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasDatabaseUserSpec defines the desired state of Database + User in Atlas + properties: + databaseName: + default: admin + description: DatabaseName is a Database against which Atlas authenticates + the user. Default value is 'admin'. + type: string + deleteAfterDate: + description: DeleteAfterDate is a timestamp in ISO 8601 date and time + format in UTC after which Atlas deletes the user. The specified + date must be in the future and within one week. + type: string + labels: + description: Labels is an array containing key-value pairs that tag + and categorize the database user. Each key and value has a maximum + length of 255 characters. + items: + description: LabelSpec contains key-value pairs that tag and categorize + the Cluster/DBUser + properties: + key: + maxLength: 255 + type: string + value: + type: string + required: + - key + - value + type: object + type: array + passwordSecretRef: + description: PasswordSecret is a reference to the Secret keeping the + user password. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + projectRef: + description: Project is a reference to AtlasProject resource the user + belongs to + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + roles: + description: Roles is an array of this user's roles and the databases + / collections on which the roles apply. A role allows the user to + perform particular actions on the specified database. + items: + description: RoleSpec allows the user to perform particular actions + on the specified database. A role on the admin database can include + privileges that apply to the other databases as well. + properties: + collectionName: + description: CollectionName is a collection for which the role + applies. + type: string + databaseName: + description: DatabaseName is a database on which the user has + the specified role. A role on the admin database can include + privileges that apply to the other databases. + type: string + roleName: + description: RoleName is a name of the role. This value can + either be a built-in role or a custom role. + type: string + required: + - databaseName + - roleName + type: object + minItems: 1 + type: array + scopes: + description: Scopes is an array of clusters and Atlas Data Lakes that + this user has access to. + items: + description: ScopeSpec if present a database user only have access + to the indicated resource (Cluster or Atlas Data Lake) if none + is given then it has access to all. It's highly recommended to + restrict the access of the database users only to a limited set + of resources. + properties: + name: + description: Name is a name of the cluster or Atlas Data Lake + that the user has access to. + type: string + type: + description: Type is a type of resource that the user has access + to. + enum: + - CLUSTER + - DATA_LAKE + type: string + required: + - name + - type + type: object + type: array + username: + description: Username is a username for authenticating to MongoDB. + type: string + required: + - passwordSecretRef + - projectRef + - roles + - username + type: object + status: + description: AtlasDatabaseUserStatus defines the observed state of AtlasProject + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + connectionSecrets: + additionalProperties: + type: string + type: object + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] From 07bbfc61e76574027f30c7be4b834ccc22f01469 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 9 Mar 2021 11:07:39 +0000 Subject: [PATCH 14/26] Pushing deploy/clusterwide/clusterwide-config.yaml using GitHub API --- deploy/clusterwide/clusterwide-config.yaml | 265 +++++++++++++++++++++ 1 file changed, 265 insertions(+) create mode 100644 deploy/clusterwide/clusterwide-config.yaml diff --git a/deploy/clusterwide/clusterwide-config.yaml b/deploy/clusterwide/clusterwide-config.yaml new file mode 100644 index 0000000000..1bd2506aa7 --- /dev/null +++ b/deploy/clusterwide/clusterwide-config.yaml @@ -0,0 +1,265 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + name: mongodb-atlas-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: mongodb-atlas-leader-election-role + namespace: mongodb-atlas-system +rules: +- apiGroups: + - "" + - coordination.k8s.io + resources: + - configmaps + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: mongodb-atlas-manager-role +rules: +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch +- apiGroups: + - atlas.mongodb.com + resources: + - atlasclusters + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - atlas.mongodb.com + resources: + - atlasclusters/status + verbs: + - get + - patch + - update +- apiGroups: + - atlas.mongodb.com + resources: + - atlasdatabaseusers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - atlas.mongodb.com + resources: + - atlasdatabaseusers/status + verbs: + - get + - patch + - update +- apiGroups: + - atlas.mongodb.com + resources: + - atlasprojects + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - atlas.mongodb.com + resources: + - atlasprojects/status + verbs: + - get + - patch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: mongodb-atlas-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: mongodb-atlas-proxy-role +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: mongodb-atlas-leader-election-rolebinding + namespace: mongodb-atlas-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: mongodb-atlas-leader-election-role +subjects: +- kind: ServiceAccount + name: default + namespace: mongodb-atlas-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: mongodb-atlas-manager-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: mongodb-atlas-manager-role +subjects: +- kind: ServiceAccount + name: default + namespace: mongodb-atlas-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + name: mongodb-atlas-proxy-rolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: mongodb-atlas-proxy-role +subjects: +- kind: ServiceAccount + name: default + namespace: mongodb-atlas-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: mongodb-atlas-controller-manager-metrics-service + namespace: mongodb-atlas-system +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + control-plane: controller-manager +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + control-plane: operator + name: mongodb-atlas-operator + namespace: mongodb-atlas-system +spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + template: + metadata: + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + - args: + - --atlas-domain=https://cloud.mongodb.com + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + command: + - /manager + env: + - name: OPERATOR_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: mongodb/mongodb-atlas-kubernetes-operator:0.21.0 + imagePullPolicy: Always + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 100m + memory: 20Mi + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + runAsUser: 2000 + terminationGracePeriodSeconds: 10 From 5f256ec32d777babb98eaa6931e81b7ab2e31028 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 9 Mar 2021 11:07:39 +0000 Subject: [PATCH 15/26] Pushing deploy/clusterwide/crds.yaml using GitHub API --- deploy/clusterwide/crds.yaml | 848 +++++++++++++++++++++++++++++++++++ 1 file changed, 848 insertions(+) create mode 100644 deploy/clusterwide/crds.yaml diff --git a/deploy/clusterwide/crds.yaml b/deploy/clusterwide/crds.yaml new file mode 100644 index 0000000000..ba6c28948a --- /dev/null +++ b/deploy/clusterwide/crds.yaml @@ -0,0 +1,848 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: atlasclusters.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasCluster + listKind: AtlasClusterList + plural: atlasclusters + singular: atlascluster + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: AtlasCluster is the Schema for the atlasclusters API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasClusterSpec defines the desired state of AtlasCluster + properties: + autoScaling: + description: Collection of settings that configures auto-scaling information + for the cluster. If you specify the autoScaling object, you must + also specify the providerSettings.autoScaling object. + properties: + autoIndexingEnabled: + description: Flag that indicates whether autopilot mode for Performance + Advisor is enabled. The default is false. + type: boolean + compute: + description: Collection of settings that configure how a cluster + might scale its cluster tier and whether the cluster can scale + down. + properties: + enabled: + description: Flag that indicates whether cluster tier auto-scaling + is enabled. The default is false. + type: boolean + maxInstanceSize: + description: 'Maximum instance size to which your cluster + can automatically scale (such as M40). Atlas requires this + parameter if "autoScaling.compute.enabled" : true.' + type: string + minInstanceSize: + description: 'Minimum instance size to which your cluster + can automatically scale (such as M10). Atlas requires this + parameter if "autoScaling.compute.scaleDownEnabled" : true.' + type: string + scaleDownEnabled: + description: 'Flag that indicates whether the cluster tier + may scale down. Atlas requires this parameter if "autoScaling.compute.enabled" + : true.' + type: boolean + type: object + diskGBEnabled: + description: Flag that indicates whether disk auto-scaling is + enabled. The default is true. + type: boolean + type: object + biConnector: + description: Configuration of BI Connector for Atlas on this cluster. + The MongoDB Connector for Business Intelligence for Atlas (BI Connector) + is only available for M10 and larger clusters. + properties: + enabled: + description: Flag that indicates whether or not BI Connector for + Atlas is enabled on the cluster. + type: boolean + readPreference: + description: Source from which the BI Connector for Atlas reads + data. Each BI Connector for Atlas read preference contains a + distinct combination of readPreference and readPreferenceTags + options. + type: string + type: object + clusterType: + description: Type of the cluster that you want to create. The parameter + is required if replicationSpecs are set or if Global Clusters are + deployed. + enum: + - REPLICASET + - SHARDED + - GEOSHARDED + type: string + diskSizeGB: + description: Capacity, in gigabytes, of the host's root volume. Increase + this number to add capacity, up to a maximum possible value of 4096 + (i.e., 4 TB). This value must be a positive integer. The parameter + is required if replicationSpecs are configured. + maximum: 4096 + minimum: 0 + type: integer + encryptionAtRestProvider: + description: Cloud service provider that offers Encryption at Rest. + enum: + - AWS + - GCP + - AZURE + - NONE + type: string + labels: + description: Collection of key-value pairs that tag and categorize + the cluster. Each key and value has a maximum length of 255 characters. + items: + description: LabelSpec contains key-value pairs that tag and categorize + the Cluster/DBUser + properties: + key: + maxLength: 255 + type: string + value: + type: string + required: + - key + - value + type: object + type: array + mongoDBMajorVersion: + description: Version of the cluster to deploy. + type: string + name: + description: Name of the cluster as it appears in Atlas. After Atlas + creates the cluster, you can't change its name. + type: string + numShards: + description: Positive integer that specifies the number of shards + to deploy for a sharded cluster. The parameter is required if replicationSpecs + are configured + maximum: 50 + minimum: 1 + type: integer + paused: + description: Flag that indicates whether the cluster should be paused. + type: boolean + pitEnabled: + description: Flag that indicates the cluster uses continuous cloud + backups. + type: boolean + projectRef: + description: Project is a reference to AtlasProject resource the cluster + belongs to + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + providerBackupEnabled: + description: Applicable only for M10+ clusters. Flag that indicates + if the cluster uses Cloud Backups for backups. + type: boolean + providerSettings: + description: Configuration for the provisioned hosts on which MongoDB + runs. The available options are specific to the cloud service provider. + properties: + autoScaling: + description: Range of instance sizes to which your cluster can + scale. + properties: + autoIndexingEnabled: + description: Flag that indicates whether autopilot mode for + Performance Advisor is enabled. The default is false. + type: boolean + compute: + description: Collection of settings that configure how a cluster + might scale its cluster tier and whether the cluster can + scale down. + properties: + enabled: + description: Flag that indicates whether cluster tier + auto-scaling is enabled. The default is false. + type: boolean + maxInstanceSize: + description: 'Maximum instance size to which your cluster + can automatically scale (such as M40). Atlas requires + this parameter if "autoScaling.compute.enabled" : true.' + type: string + minInstanceSize: + description: 'Minimum instance size to which your cluster + can automatically scale (such as M10). Atlas requires + this parameter if "autoScaling.compute.scaleDownEnabled" + : true.' + type: string + scaleDownEnabled: + description: 'Flag that indicates whether the cluster + tier may scale down. Atlas requires this parameter if + "autoScaling.compute.enabled" : true.' + type: boolean + type: object + diskGBEnabled: + description: Flag that indicates whether disk auto-scaling + is enabled. The default is true. + type: boolean + type: object + backingProviderName: + description: 'Cloud service provider on which the host for a multi-tenant + cluster is provisioned. This setting only works when "providerSetting.providerName" + : "TENANT" and "providerSetting.instanceSizeName" : M2 or M5.' + enum: + - AWS + - GCP + - AZURE + type: string + diskIOPS: + description: Disk IOPS setting for AWS storage. Set only if you + selected AWS as your cloud service provider. + format: int64 + type: integer + diskTypeName: + description: Type of disk if you selected Azure as your cloud + service provider. + type: string + encryptEBSVolume: + description: Flag that indicates whether the Amazon EBS encryption + feature encrypts the host's root volume for both data at rest + within the volume and for data moving between the volume and + the cluster. + type: boolean + instanceSizeName: + description: Atlas provides different cluster tiers, each with + a default storage capacity and RAM size. The cluster you select + is used for all the data-bearing hosts in your cluster tier. + type: string + providerName: + description: Cloud service provider on which Atlas provisions + the hosts. + enum: + - AWS + - GCP + - AZURE + - TENANT + type: string + regionName: + description: Physical location of your MongoDB cluster. The region + you choose can affect network latency for clients accessing + your databases. + type: string + volumeType: + description: Disk IOPS setting for AWS storage. Set only if you + selected AWS as your cloud service provider. + enum: + - STANDARD + - PROVISIONED + type: string + required: + - instanceSizeName + - providerName + type: object + replicationSpecs: + description: Configuration for cluster regions. + items: + description: ReplicationSpec represents a configuration for cluster + regions + properties: + numShards: + description: Number of shards to deploy in each specified zone. + The default value is 1. + format: int64 + type: integer + regionsConfig: + additionalProperties: + description: RegionsConfig describes the region’s priority + in elections and the number and type of MongoDB nodes Atlas + deploys to the region. + properties: + analyticsNodes: + description: The number of analytics nodes for Atlas to + deploy to the region. Analytics nodes are useful for + handling analytic data such as reporting queries from + BI Connector for Atlas. Analytics nodes are read-only, + and can never become the primary. If you do not specify + this option, no analytics nodes are deployed to the + region. + format: int64 + type: integer + electableNodes: + description: Number of electable nodes for Atlas to deploy + to the region. Electable nodes can become the primary + and can facilitate local reads. + format: int64 + type: integer + priority: + description: Election priority of the region. For regions + with only replicationSpecs[n].regionsConfig..readOnlyNodes, + set this value to 0. + format: int64 + type: integer + readOnlyNodes: + description: Number of read-only nodes for Atlas to deploy + to the region. Read-only nodes can never become the + primary, but can facilitate local-reads. + format: int64 + type: integer + type: object + description: Configuration for a region. Each regionsConfig + object describes the region's priority in elections and the + number and type of MongoDB nodes that Atlas deploys to the + region. + type: object + zoneName: + description: Name for the zone in a Global Cluster. Don't provide + this value if clusterType is not GEOSHARDED. + type: string + type: object + type: array + required: + - name + - projectRef + - providerSettings + type: object + status: + description: AtlasClusterStatus defines the observed state of AtlasCluster. + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + connectionStrings: + description: ConnectionStrings is a set of connection strings that + your applications use to connect to this cluster. + properties: + private: + description: Network-peering-endpoint-aware mongodb:// connection + strings for each interface VPC endpoint you configured to connect + to this cluster. Atlas returns this parameter only if you created + a network peering connection to this cluster. + type: string + privateEndpoint: + description: Private endpoint connection strings. Each object + describes the connection strings you can use to connect to this + cluster through a private endpoint. Atlas returns this parameter + only if you deployed a private endpoint to all regions to which + you deployed this cluster's nodes. + items: + description: PrivateEndpoint connection strings. Each object + describes the connection strings you can use to connect to + this cluster through a private endpoint. Atlas returns this + parameter only if you deployed a private endpoint to all regions + to which you deployed this cluster's nodes. + properties: + connectionString: + description: Private-endpoint-aware mongodb:// connection + string for this private endpoint. + type: string + endpoints: + description: Private endpoint through which you connect + to Atlas when you use connectionStrings.privateEndpoint[n].connectionString + or connectionStrings.privateEndpoint[n].srvConnectionString. + items: + description: Endpoint through which you connect to Atlas + properties: + endpointId: + description: Unique identifier of the private endpoint. + type: string + providerName: + description: Cloud provider to which you deployed + the private endpoint. Atlas returns AWS or AZURE. + type: string + region: + description: Region to which you deployed the private + endpoint. + type: string + type: object + type: array + srvConnectionString: + description: Private-endpoint-aware mongodb+srv:// connection + string for this private endpoint. + type: string + type: + description: "Type of MongoDB process that you connect to + with the connection strings \n Atlas returns: \n • MONGOD + for replica sets, or \n • MONGOS for sharded clusters" + type: string + type: object + type: array + privateSrv: + description: Network-peering-endpoint-aware mongodb+srv:// connection + strings for each interface VPC endpoint you configured to connect + to this cluster. Atlas returns this parameter only if you created + a network peering connection to this cluster. Use this URI format + if your driver supports it. If it doesn't, use connectionStrings.private. + type: string + standard: + description: Public mongodb:// connection string for this cluster. + type: string + standardSrv: + description: Public mongodb+srv:// connection string for this + cluster. + type: string + type: object + mongoDBVersion: + description: MongoDBVersion is the version of MongoDB the cluster + runs, in . format. + type: string + mongoURIUpdated: + description: MongoURIUpdated is a timestamp in ISO 8601 date and time + format in UTC when the connection string was last updated. The connection + string changes if you update any of the other values. + type: string + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + stateName: + description: 'StateName is the current state of the cluster. The possible + states are: IDLE, CREATING, UPDATING, DELETING, DELETED, REPAIRING' + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: atlasdatabaseusers.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasDatabaseUser + listKind: AtlasDatabaseUserList + plural: atlasdatabaseusers + singular: atlasdatabaseuser + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.name + name: Name + type: string + name: v1 + schema: + openAPIV3Schema: + description: AtlasDatabaseUser is the Schema for the Atlas Database User API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasDatabaseUserSpec defines the desired state of Database + User in Atlas + properties: + databaseName: + default: admin + description: DatabaseName is a Database against which Atlas authenticates + the user. Default value is 'admin'. + type: string + deleteAfterDate: + description: DeleteAfterDate is a timestamp in ISO 8601 date and time + format in UTC after which Atlas deletes the user. The specified + date must be in the future and within one week. + type: string + labels: + description: Labels is an array containing key-value pairs that tag + and categorize the database user. Each key and value has a maximum + length of 255 characters. + items: + description: LabelSpec contains key-value pairs that tag and categorize + the Cluster/DBUser + properties: + key: + maxLength: 255 + type: string + value: + type: string + required: + - key + - value + type: object + type: array + passwordSecretRef: + description: PasswordSecret is a reference to the Secret keeping the + user password. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + projectRef: + description: Project is a reference to AtlasProject resource the user + belongs to + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + roles: + description: Roles is an array of this user's roles and the databases + / collections on which the roles apply. A role allows the user to + perform particular actions on the specified database. + items: + description: RoleSpec allows the user to perform particular actions + on the specified database. A role on the admin database can include + privileges that apply to the other databases as well. + properties: + collectionName: + description: CollectionName is a collection for which the role + applies. + type: string + databaseName: + description: DatabaseName is a database on which the user has + the specified role. A role on the admin database can include + privileges that apply to the other databases. + type: string + roleName: + description: RoleName is a name of the role. This value can + either be a built-in role or a custom role. + type: string + required: + - databaseName + - roleName + type: object + minItems: 1 + type: array + scopes: + description: Scopes is an array of clusters and Atlas Data Lakes that + this user has access to. + items: + description: ScopeSpec if present a database user only have access + to the indicated resource (Cluster or Atlas Data Lake) if none + is given then it has access to all. It's highly recommended to + restrict the access of the database users only to a limited set + of resources. + properties: + name: + description: Name is a name of the cluster or Atlas Data Lake + that the user has access to. + type: string + type: + description: Type is a type of resource that the user has access + to. + enum: + - CLUSTER + - DATA_LAKE + type: string + required: + - name + - type + type: object + type: array + username: + description: Username is a username for authenticating to MongoDB. + type: string + required: + - passwordSecretRef + - projectRef + - roles + - username + type: object + status: + description: AtlasDatabaseUserStatus defines the observed state of AtlasProject + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + connectionSecrets: + additionalProperties: + type: string + type: object + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: atlasprojects.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasProject + listKind: AtlasProjectList + plural: atlasprojects + singular: atlasproject + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.name + name: Name + type: string + name: v1 + schema: + openAPIV3Schema: + description: AtlasProject is the Schema for the atlasprojects API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasProjectSpec defines the desired state of Project in + Atlas + properties: + connectionSecretRef: + description: ConnectionSecret is the name of the Kubernetes Secret + which contains the information about the way to connect to Atlas + (organization ID, API keys). The default Operator connection configuration + will be used if not provided. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + name: + description: Name is the name of the Project that is created in Atlas + by the Operator if it doesn't exist yet. + type: string + projectIpAccessList: + description: ProjectIPAccessList allows to enable the IP Access List + for the Project. See more information at https://docs.atlas.mongodb.com/reference/api/ip-access-list/add-entries-to-access-list/ + items: + properties: + awsSecurityGroup: + description: Unique identifier of AWS security group in this + access list entry. + type: string + cidrBlock: + description: Range of IP addresses in CIDR notation in this + access list entry. + type: string + comment: + description: Comment associated with this access list entry. + type: string + deleteAfterDate: + description: Timestamp in ISO 8601 date and time format in UTC + after which Atlas deletes the temporary access list entry. + type: string + ipAddress: + description: Entry using an IP address in this access list entry. + type: string + type: object + type: array + required: + - name + type: object + status: + description: AtlasProjectStatus defines the observed state of AtlasProject + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + expiredIpAccessList: + description: The list of IP Access List entries that are expired due + to 'deleteAfterDate' being less than the current date. Note, that + this field is updated by the Atlas Operator only after specification + changes + items: + properties: + awsSecurityGroup: + description: Unique identifier of AWS security group in this + access list entry. + type: string + cidrBlock: + description: Range of IP addresses in CIDR notation in this + access list entry. + type: string + comment: + description: Comment associated with this access list entry. + type: string + deleteAfterDate: + description: Timestamp in ISO 8601 date and time format in UTC + after which Atlas deletes the temporary access list entry. + type: string + ipAddress: + description: Entry using an IP address in this access list entry. + type: string + type: object + type: array + id: + description: The ID of the Atlas Project + type: string + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] From 8ddf8efed2d103322518f9ae977df88394b6124c Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 9 Mar 2021 11:07:40 +0000 Subject: [PATCH 16/26] Pushing deploy/namespaced/namespaced-config.yaml using GitHub API --- deploy/namespaced/namespaced-config.yaml | 273 +++++++++++++++++++++++ 1 file changed, 273 insertions(+) create mode 100644 deploy/namespaced/namespaced-config.yaml diff --git a/deploy/namespaced/namespaced-config.yaml b/deploy/namespaced/namespaced-config.yaml new file mode 100644 index 0000000000..bc18fcc0ec --- /dev/null +++ b/deploy/namespaced/namespaced-config.yaml @@ -0,0 +1,273 @@ +apiVersion: v1 +kind: Namespace +metadata: + labels: + control-plane: controller-manager + name: mongodb-atlas-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: mongodb-atlas-leader-election-role + namespace: mongodb-atlas-system +rules: +- apiGroups: + - "" + - coordination.k8s.io + resources: + - configmaps + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete +- apiGroups: + - "" + resources: + - events + verbs: + - create + - patch +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: mongodb-atlas-manager-role + namespace: mongodb-atlas-system +rules: +- apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch +- apiGroups: + - atlas.mongodb.com + resources: + - atlasclusters + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - atlas.mongodb.com + resources: + - atlasclusters/status + verbs: + - get + - patch + - update +- apiGroups: + - atlas.mongodb.com + resources: + - atlasdatabaseusers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - atlas.mongodb.com + resources: + - atlasdatabaseusers/status + verbs: + - get + - patch + - update +- apiGroups: + - atlas.mongodb.com + resources: + - atlasprojects + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - atlas.mongodb.com + resources: + - atlasprojects/status + verbs: + - get + - patch + - update +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + name: mongodb-atlas-proxy-role + namespace: mongodb-atlas-system +rules: +- apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create +- apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + name: mongodb-atlas-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: mongodb-atlas-leader-election-rolebinding + namespace: mongodb-atlas-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: mongodb-atlas-leader-election-role +subjects: +- kind: ServiceAccount + name: default + namespace: mongodb-atlas-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: mongodb-atlas-manager-rolebinding + namespace: mongodb-atlas-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: mongodb-atlas-manager-role +subjects: +- kind: ServiceAccount + name: default + namespace: mongodb-atlas-system +--- +apiVersion: rbac.authorization.k8s.io/v1 +kind: RoleBinding +metadata: + name: mongodb-atlas-proxy-rolebinding + namespace: mongodb-atlas-system +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: Role + name: mongodb-atlas-proxy-role +subjects: +- kind: ServiceAccount + name: default + namespace: mongodb-atlas-system +--- +apiVersion: v1 +kind: Service +metadata: + labels: + control-plane: controller-manager + name: mongodb-atlas-controller-manager-metrics-service + namespace: mongodb-atlas-system +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + control-plane: controller-manager +--- +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + control-plane: operator + name: mongodb-atlas-operator + namespace: mongodb-atlas-system +spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + template: + metadata: + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + - args: + - --atlas-domain=https://cloud.mongodb.com + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + command: + - /manager + env: + - name: WATCHED_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: OPERATOR_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: mongodb/mongodb-atlas-kubernetes-operator:0.21.0 + imagePullPolicy: Always + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 100m + memory: 20Mi + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + runAsUser: 2000 + terminationGracePeriodSeconds: 10 From ba9f072733af4a8febd229624ae4cbc50c4fe0bf Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 9 Mar 2021 11:07:40 +0000 Subject: [PATCH 17/26] Pushing deploy/namespaced/crds.yaml using GitHub API --- deploy/namespaced/crds.yaml | 848 ++++++++++++++++++++++++++++++++++++ 1 file changed, 848 insertions(+) create mode 100644 deploy/namespaced/crds.yaml diff --git a/deploy/namespaced/crds.yaml b/deploy/namespaced/crds.yaml new file mode 100644 index 0000000000..ba6c28948a --- /dev/null +++ b/deploy/namespaced/crds.yaml @@ -0,0 +1,848 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: atlasclusters.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasCluster + listKind: AtlasClusterList + plural: atlasclusters + singular: atlascluster + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: AtlasCluster is the Schema for the atlasclusters API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasClusterSpec defines the desired state of AtlasCluster + properties: + autoScaling: + description: Collection of settings that configures auto-scaling information + for the cluster. If you specify the autoScaling object, you must + also specify the providerSettings.autoScaling object. + properties: + autoIndexingEnabled: + description: Flag that indicates whether autopilot mode for Performance + Advisor is enabled. The default is false. + type: boolean + compute: + description: Collection of settings that configure how a cluster + might scale its cluster tier and whether the cluster can scale + down. + properties: + enabled: + description: Flag that indicates whether cluster tier auto-scaling + is enabled. The default is false. + type: boolean + maxInstanceSize: + description: 'Maximum instance size to which your cluster + can automatically scale (such as M40). Atlas requires this + parameter if "autoScaling.compute.enabled" : true.' + type: string + minInstanceSize: + description: 'Minimum instance size to which your cluster + can automatically scale (such as M10). Atlas requires this + parameter if "autoScaling.compute.scaleDownEnabled" : true.' + type: string + scaleDownEnabled: + description: 'Flag that indicates whether the cluster tier + may scale down. Atlas requires this parameter if "autoScaling.compute.enabled" + : true.' + type: boolean + type: object + diskGBEnabled: + description: Flag that indicates whether disk auto-scaling is + enabled. The default is true. + type: boolean + type: object + biConnector: + description: Configuration of BI Connector for Atlas on this cluster. + The MongoDB Connector for Business Intelligence for Atlas (BI Connector) + is only available for M10 and larger clusters. + properties: + enabled: + description: Flag that indicates whether or not BI Connector for + Atlas is enabled on the cluster. + type: boolean + readPreference: + description: Source from which the BI Connector for Atlas reads + data. Each BI Connector for Atlas read preference contains a + distinct combination of readPreference and readPreferenceTags + options. + type: string + type: object + clusterType: + description: Type of the cluster that you want to create. The parameter + is required if replicationSpecs are set or if Global Clusters are + deployed. + enum: + - REPLICASET + - SHARDED + - GEOSHARDED + type: string + diskSizeGB: + description: Capacity, in gigabytes, of the host's root volume. Increase + this number to add capacity, up to a maximum possible value of 4096 + (i.e., 4 TB). This value must be a positive integer. The parameter + is required if replicationSpecs are configured. + maximum: 4096 + minimum: 0 + type: integer + encryptionAtRestProvider: + description: Cloud service provider that offers Encryption at Rest. + enum: + - AWS + - GCP + - AZURE + - NONE + type: string + labels: + description: Collection of key-value pairs that tag and categorize + the cluster. Each key and value has a maximum length of 255 characters. + items: + description: LabelSpec contains key-value pairs that tag and categorize + the Cluster/DBUser + properties: + key: + maxLength: 255 + type: string + value: + type: string + required: + - key + - value + type: object + type: array + mongoDBMajorVersion: + description: Version of the cluster to deploy. + type: string + name: + description: Name of the cluster as it appears in Atlas. After Atlas + creates the cluster, you can't change its name. + type: string + numShards: + description: Positive integer that specifies the number of shards + to deploy for a sharded cluster. The parameter is required if replicationSpecs + are configured + maximum: 50 + minimum: 1 + type: integer + paused: + description: Flag that indicates whether the cluster should be paused. + type: boolean + pitEnabled: + description: Flag that indicates the cluster uses continuous cloud + backups. + type: boolean + projectRef: + description: Project is a reference to AtlasProject resource the cluster + belongs to + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + providerBackupEnabled: + description: Applicable only for M10+ clusters. Flag that indicates + if the cluster uses Cloud Backups for backups. + type: boolean + providerSettings: + description: Configuration for the provisioned hosts on which MongoDB + runs. The available options are specific to the cloud service provider. + properties: + autoScaling: + description: Range of instance sizes to which your cluster can + scale. + properties: + autoIndexingEnabled: + description: Flag that indicates whether autopilot mode for + Performance Advisor is enabled. The default is false. + type: boolean + compute: + description: Collection of settings that configure how a cluster + might scale its cluster tier and whether the cluster can + scale down. + properties: + enabled: + description: Flag that indicates whether cluster tier + auto-scaling is enabled. The default is false. + type: boolean + maxInstanceSize: + description: 'Maximum instance size to which your cluster + can automatically scale (such as M40). Atlas requires + this parameter if "autoScaling.compute.enabled" : true.' + type: string + minInstanceSize: + description: 'Minimum instance size to which your cluster + can automatically scale (such as M10). Atlas requires + this parameter if "autoScaling.compute.scaleDownEnabled" + : true.' + type: string + scaleDownEnabled: + description: 'Flag that indicates whether the cluster + tier may scale down. Atlas requires this parameter if + "autoScaling.compute.enabled" : true.' + type: boolean + type: object + diskGBEnabled: + description: Flag that indicates whether disk auto-scaling + is enabled. The default is true. + type: boolean + type: object + backingProviderName: + description: 'Cloud service provider on which the host for a multi-tenant + cluster is provisioned. This setting only works when "providerSetting.providerName" + : "TENANT" and "providerSetting.instanceSizeName" : M2 or M5.' + enum: + - AWS + - GCP + - AZURE + type: string + diskIOPS: + description: Disk IOPS setting for AWS storage. Set only if you + selected AWS as your cloud service provider. + format: int64 + type: integer + diskTypeName: + description: Type of disk if you selected Azure as your cloud + service provider. + type: string + encryptEBSVolume: + description: Flag that indicates whether the Amazon EBS encryption + feature encrypts the host's root volume for both data at rest + within the volume and for data moving between the volume and + the cluster. + type: boolean + instanceSizeName: + description: Atlas provides different cluster tiers, each with + a default storage capacity and RAM size. The cluster you select + is used for all the data-bearing hosts in your cluster tier. + type: string + providerName: + description: Cloud service provider on which Atlas provisions + the hosts. + enum: + - AWS + - GCP + - AZURE + - TENANT + type: string + regionName: + description: Physical location of your MongoDB cluster. The region + you choose can affect network latency for clients accessing + your databases. + type: string + volumeType: + description: Disk IOPS setting for AWS storage. Set only if you + selected AWS as your cloud service provider. + enum: + - STANDARD + - PROVISIONED + type: string + required: + - instanceSizeName + - providerName + type: object + replicationSpecs: + description: Configuration for cluster regions. + items: + description: ReplicationSpec represents a configuration for cluster + regions + properties: + numShards: + description: Number of shards to deploy in each specified zone. + The default value is 1. + format: int64 + type: integer + regionsConfig: + additionalProperties: + description: RegionsConfig describes the region’s priority + in elections and the number and type of MongoDB nodes Atlas + deploys to the region. + properties: + analyticsNodes: + description: The number of analytics nodes for Atlas to + deploy to the region. Analytics nodes are useful for + handling analytic data such as reporting queries from + BI Connector for Atlas. Analytics nodes are read-only, + and can never become the primary. If you do not specify + this option, no analytics nodes are deployed to the + region. + format: int64 + type: integer + electableNodes: + description: Number of electable nodes for Atlas to deploy + to the region. Electable nodes can become the primary + and can facilitate local reads. + format: int64 + type: integer + priority: + description: Election priority of the region. For regions + with only replicationSpecs[n].regionsConfig..readOnlyNodes, + set this value to 0. + format: int64 + type: integer + readOnlyNodes: + description: Number of read-only nodes for Atlas to deploy + to the region. Read-only nodes can never become the + primary, but can facilitate local-reads. + format: int64 + type: integer + type: object + description: Configuration for a region. Each regionsConfig + object describes the region's priority in elections and the + number and type of MongoDB nodes that Atlas deploys to the + region. + type: object + zoneName: + description: Name for the zone in a Global Cluster. Don't provide + this value if clusterType is not GEOSHARDED. + type: string + type: object + type: array + required: + - name + - projectRef + - providerSettings + type: object + status: + description: AtlasClusterStatus defines the observed state of AtlasCluster. + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + connectionStrings: + description: ConnectionStrings is a set of connection strings that + your applications use to connect to this cluster. + properties: + private: + description: Network-peering-endpoint-aware mongodb:// connection + strings for each interface VPC endpoint you configured to connect + to this cluster. Atlas returns this parameter only if you created + a network peering connection to this cluster. + type: string + privateEndpoint: + description: Private endpoint connection strings. Each object + describes the connection strings you can use to connect to this + cluster through a private endpoint. Atlas returns this parameter + only if you deployed a private endpoint to all regions to which + you deployed this cluster's nodes. + items: + description: PrivateEndpoint connection strings. Each object + describes the connection strings you can use to connect to + this cluster through a private endpoint. Atlas returns this + parameter only if you deployed a private endpoint to all regions + to which you deployed this cluster's nodes. + properties: + connectionString: + description: Private-endpoint-aware mongodb:// connection + string for this private endpoint. + type: string + endpoints: + description: Private endpoint through which you connect + to Atlas when you use connectionStrings.privateEndpoint[n].connectionString + or connectionStrings.privateEndpoint[n].srvConnectionString. + items: + description: Endpoint through which you connect to Atlas + properties: + endpointId: + description: Unique identifier of the private endpoint. + type: string + providerName: + description: Cloud provider to which you deployed + the private endpoint. Atlas returns AWS or AZURE. + type: string + region: + description: Region to which you deployed the private + endpoint. + type: string + type: object + type: array + srvConnectionString: + description: Private-endpoint-aware mongodb+srv:// connection + string for this private endpoint. + type: string + type: + description: "Type of MongoDB process that you connect to + with the connection strings \n Atlas returns: \n • MONGOD + for replica sets, or \n • MONGOS for sharded clusters" + type: string + type: object + type: array + privateSrv: + description: Network-peering-endpoint-aware mongodb+srv:// connection + strings for each interface VPC endpoint you configured to connect + to this cluster. Atlas returns this parameter only if you created + a network peering connection to this cluster. Use this URI format + if your driver supports it. If it doesn't, use connectionStrings.private. + type: string + standard: + description: Public mongodb:// connection string for this cluster. + type: string + standardSrv: + description: Public mongodb+srv:// connection string for this + cluster. + type: string + type: object + mongoDBVersion: + description: MongoDBVersion is the version of MongoDB the cluster + runs, in . format. + type: string + mongoURIUpdated: + description: MongoURIUpdated is a timestamp in ISO 8601 date and time + format in UTC when the connection string was last updated. The connection + string changes if you update any of the other values. + type: string + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + stateName: + description: 'StateName is the current state of the cluster. The possible + states are: IDLE, CREATING, UPDATING, DELETING, DELETED, REPAIRING' + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: atlasdatabaseusers.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasDatabaseUser + listKind: AtlasDatabaseUserList + plural: atlasdatabaseusers + singular: atlasdatabaseuser + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.name + name: Name + type: string + name: v1 + schema: + openAPIV3Schema: + description: AtlasDatabaseUser is the Schema for the Atlas Database User API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasDatabaseUserSpec defines the desired state of Database + User in Atlas + properties: + databaseName: + default: admin + description: DatabaseName is a Database against which Atlas authenticates + the user. Default value is 'admin'. + type: string + deleteAfterDate: + description: DeleteAfterDate is a timestamp in ISO 8601 date and time + format in UTC after which Atlas deletes the user. The specified + date must be in the future and within one week. + type: string + labels: + description: Labels is an array containing key-value pairs that tag + and categorize the database user. Each key and value has a maximum + length of 255 characters. + items: + description: LabelSpec contains key-value pairs that tag and categorize + the Cluster/DBUser + properties: + key: + maxLength: 255 + type: string + value: + type: string + required: + - key + - value + type: object + type: array + passwordSecretRef: + description: PasswordSecret is a reference to the Secret keeping the + user password. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + projectRef: + description: Project is a reference to AtlasProject resource the user + belongs to + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + roles: + description: Roles is an array of this user's roles and the databases + / collections on which the roles apply. A role allows the user to + perform particular actions on the specified database. + items: + description: RoleSpec allows the user to perform particular actions + on the specified database. A role on the admin database can include + privileges that apply to the other databases as well. + properties: + collectionName: + description: CollectionName is a collection for which the role + applies. + type: string + databaseName: + description: DatabaseName is a database on which the user has + the specified role. A role on the admin database can include + privileges that apply to the other databases. + type: string + roleName: + description: RoleName is a name of the role. This value can + either be a built-in role or a custom role. + type: string + required: + - databaseName + - roleName + type: object + minItems: 1 + type: array + scopes: + description: Scopes is an array of clusters and Atlas Data Lakes that + this user has access to. + items: + description: ScopeSpec if present a database user only have access + to the indicated resource (Cluster or Atlas Data Lake) if none + is given then it has access to all. It's highly recommended to + restrict the access of the database users only to a limited set + of resources. + properties: + name: + description: Name is a name of the cluster or Atlas Data Lake + that the user has access to. + type: string + type: + description: Type is a type of resource that the user has access + to. + enum: + - CLUSTER + - DATA_LAKE + type: string + required: + - name + - type + type: object + type: array + username: + description: Username is a username for authenticating to MongoDB. + type: string + required: + - passwordSecretRef + - projectRef + - roles + - username + type: object + status: + description: AtlasDatabaseUserStatus defines the observed state of AtlasProject + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + connectionSecrets: + additionalProperties: + type: string + type: object + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: atlasprojects.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasProject + listKind: AtlasProjectList + plural: atlasprojects + singular: atlasproject + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.name + name: Name + type: string + name: v1 + schema: + openAPIV3Schema: + description: AtlasProject is the Schema for the atlasprojects API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasProjectSpec defines the desired state of Project in + Atlas + properties: + connectionSecretRef: + description: ConnectionSecret is the name of the Kubernetes Secret + which contains the information about the way to connect to Atlas + (organization ID, API keys). The default Operator connection configuration + will be used if not provided. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + name: + description: Name is the name of the Project that is created in Atlas + by the Operator if it doesn't exist yet. + type: string + projectIpAccessList: + description: ProjectIPAccessList allows to enable the IP Access List + for the Project. See more information at https://docs.atlas.mongodb.com/reference/api/ip-access-list/add-entries-to-access-list/ + items: + properties: + awsSecurityGroup: + description: Unique identifier of AWS security group in this + access list entry. + type: string + cidrBlock: + description: Range of IP addresses in CIDR notation in this + access list entry. + type: string + comment: + description: Comment associated with this access list entry. + type: string + deleteAfterDate: + description: Timestamp in ISO 8601 date and time format in UTC + after which Atlas deletes the temporary access list entry. + type: string + ipAddress: + description: Entry using an IP address in this access list entry. + type: string + type: object + type: array + required: + - name + type: object + status: + description: AtlasProjectStatus defines the observed state of AtlasProject + properties: + conditions: + description: Conditions is the list of statuses showing the current + state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource + at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + expiredIpAccessList: + description: The list of IP Access List entries that are expired due + to 'deleteAfterDate' being less than the current date. Note, that + this field is updated by the Atlas Operator only after specification + changes + items: + properties: + awsSecurityGroup: + description: Unique identifier of AWS security group in this + access list entry. + type: string + cidrBlock: + description: Range of IP addresses in CIDR notation in this + access list entry. + type: string + comment: + description: Comment associated with this access list entry. + type: string + deleteAfterDate: + description: Timestamp in ISO 8601 date and time format in UTC + after which Atlas deletes the temporary access list entry. + type: string + ipAddress: + description: Entry using an IP address in this access list entry. + type: string + type: object + type: array + id: + description: The ID of the Atlas Project + type: string + observedGeneration: + description: ObservedGeneration indicates the generation of the resource + specification that the Atlas Operator is aware of. The Atlas Operator + updates this field to the 'metadata.generation' as soon as it starts + reconciliation of the resource. + format: int64 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] From 8626ca7e1281fde6d1da5c0ea15940e49a349276 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 9 Mar 2021 11:07:41 +0000 Subject: [PATCH 18/26] Pushing bundle/tests/scorecard/config.yaml using GitHub API --- bundle/tests/scorecard/config.yaml | 49 ++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 bundle/tests/scorecard/config.yaml diff --git a/bundle/tests/scorecard/config.yaml b/bundle/tests/scorecard/config.yaml new file mode 100644 index 0000000000..e39a5d88b5 --- /dev/null +++ b/bundle/tests/scorecard/config.yaml @@ -0,0 +1,49 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: basic + test: basic-check-spec-test + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: olm + test: olm-bundle-validation-test + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: olm + test: olm-crds-have-validation-test + - entrypoint: + - scorecard-test + - olm-crds-have-resources + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: olm + test: olm-crds-have-resources-test + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: olm + test: olm-spec-descriptors-test + - entrypoint: + - scorecard-test + - olm-status-descriptors + image: quay.io/operator-framework/scorecard-test:v1.2.0 + labels: + suite: olm + test: olm-status-descriptors-test From 31cf62938726242467da6541983dabb683473753 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 9 Mar 2021 11:07:42 +0000 Subject: [PATCH 19/26] Pushing bundle/metadata/annotations.yaml using GitHub API --- bundle/metadata/annotations.yaml | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 bundle/metadata/annotations.yaml diff --git a/bundle/metadata/annotations.yaml b/bundle/metadata/annotations.yaml new file mode 100644 index 0000000000..ab3bf37f48 --- /dev/null +++ b/bundle/metadata/annotations.yaml @@ -0,0 +1,11 @@ +annotations: + operators.operatorframework.io.bundle.channels.v1: alpha + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: mongodb-atlas-kubernetes + operators.operatorframework.io.metrics.builder: operator-sdk-v1.4.2 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v3 + operators.operatorframework.io.test.config.v1: tests/scorecard/ + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 From d77607e9d530cfde781c2320b15043141a80cc7b Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 9 Mar 2021 11:07:42 +0000 Subject: [PATCH 20/26] Pushing bundle/manifests/atlas.mongodb.com_atlasprojects.yaml using GitHub API --- .../atlas.mongodb.com_atlasprojects.yaml | 143 ++++++++++++++++++ 1 file changed, 143 insertions(+) create mode 100644 bundle/manifests/atlas.mongodb.com_atlasprojects.yaml diff --git a/bundle/manifests/atlas.mongodb.com_atlasprojects.yaml b/bundle/manifests/atlas.mongodb.com_atlasprojects.yaml new file mode 100644 index 0000000000..97e0d87aa3 --- /dev/null +++ b/bundle/manifests/atlas.mongodb.com_atlasprojects.yaml @@ -0,0 +1,143 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: atlasprojects.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasProject + listKind: AtlasProjectList + plural: atlasprojects + singular: atlasproject + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.name + name: Name + type: string + name: v1 + schema: + openAPIV3Schema: + description: AtlasProject is the Schema for the atlasprojects API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasProjectSpec defines the desired state of Project in Atlas + properties: + connectionSecretRef: + description: ConnectionSecret is the name of the Kubernetes Secret which contains the information about the way to connect to Atlas (organization ID, API keys). The default Operator connection configuration will be used if not provided. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + name: + description: Name is the name of the Project that is created in Atlas by the Operator if it doesn't exist yet. + type: string + projectIpAccessList: + description: ProjectIPAccessList allows to enable the IP Access List for the Project. See more information at https://docs.atlas.mongodb.com/reference/api/ip-access-list/add-entries-to-access-list/ + items: + properties: + awsSecurityGroup: + description: Unique identifier of AWS security group in this access list entry. + type: string + cidrBlock: + description: Range of IP addresses in CIDR notation in this access list entry. + type: string + comment: + description: Comment associated with this access list entry. + type: string + deleteAfterDate: + description: Timestamp in ISO 8601 date and time format in UTC after which Atlas deletes the temporary access list entry. + type: string + ipAddress: + description: Entry using an IP address in this access list entry. + type: string + type: object + type: array + required: + - name + type: object + status: + description: AtlasProjectStatus defines the observed state of AtlasProject + properties: + conditions: + description: Conditions is the list of statuses showing the current state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + expiredIpAccessList: + description: The list of IP Access List entries that are expired due to 'deleteAfterDate' being less than the current date. Note, that this field is updated by the Atlas Operator only after specification changes + items: + properties: + awsSecurityGroup: + description: Unique identifier of AWS security group in this access list entry. + type: string + cidrBlock: + description: Range of IP addresses in CIDR notation in this access list entry. + type: string + comment: + description: Comment associated with this access list entry. + type: string + deleteAfterDate: + description: Timestamp in ISO 8601 date and time format in UTC after which Atlas deletes the temporary access list entry. + type: string + ipAddress: + description: Entry using an IP address in this access list entry. + type: string + type: object + type: array + id: + description: The ID of the Atlas Project + type: string + observedGeneration: + description: ObservedGeneration indicates the generation of the resource specification that the Atlas Operator is aware of. The Atlas Operator updates this field to the 'metadata.generation' as soon as it starts reconciliation of the resource. + format: int64 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] From 949680f3b13be404b727adc44f4e187826955c57 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 9 Mar 2021 11:07:44 +0000 Subject: [PATCH 21/26] Pushing bundle/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml using GitHub API --- ...tlas-kubernetes.clusterserviceversion.yaml | 306 ++++++++++++++++++ 1 file changed, 306 insertions(+) create mode 100644 bundle/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml diff --git a/bundle/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml b/bundle/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml new file mode 100644 index 0000000000..ad3d256342 --- /dev/null +++ b/bundle/manifests/mongodb-atlas-kubernetes.clusterserviceversion.yaml @@ -0,0 +1,306 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "atlas.mongodb.com/v1", + "kind": "AtlasCluster", + "metadata": { + "name": "my-atlas-cluster" + }, + "spec": { + "name": "test-cluster", + "projectRef": { + "name": "my-project" + }, + "providerSettings": { + "instanceSizeName": "M10", + "providerName": "AWS", + "regionName": "US_EAST_1" + } + } + }, + { + "apiVersion": "atlas.mongodb.com/v1", + "kind": "AtlasDatabaseUser", + "metadata": { + "name": "my-database-user" + }, + "spec": { + "databaseName": "admin", + "passwordSecretRef": { + "name": "my-database-user-password" + }, + "projectRef": { + "name": "my-project" + }, + "roles": [ + { + "databaseName": "admin", + "roleName": "readWriteAnyDatabase" + } + ], + "username": "david" + } + }, + { + "apiVersion": "atlas.mongodb.com/v1", + "kind": "AtlasProject", + "metadata": { + "name": "my-project" + }, + "spec": { + "connectionSecretRef": { + "name": "my-atlas-key" + }, + "name": "Test Atlas Operator Project", + "projectIpAccessList": [ + { + "comment": "IP address for Application Server A", + "ipAddress": "192.0.2.15" + }, + { + "comment": "CIDR block for Application Server B - D", + "ipAddress": "203.0.113.0/24" + }, + { + "awsSecurityGroup": "sg-0026348ec11780bd1", + "comment": "Access Listed AWS Security Group" + } + ] + } + } + ] + capabilities: Basic Install + operators.operatorframework.io/builder: operator-sdk-v1.4.2 + operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 + name: mongodb-atlas-kubernetes.v0.21.0 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: AtlasCluster is the Schema for the atlasclusters API + displayName: Atlas Cluster + kind: AtlasCluster + name: atlasclusters.atlas.mongodb.com + version: v1 + - description: AtlasDatabaseUser is the Schema for the Atlas Database User API + displayName: Atlas Database User + kind: AtlasDatabaseUser + name: atlasdatabaseusers.atlas.mongodb.com + version: v1 + - description: AtlasProject is the Schema for the atlasprojects API + displayName: Atlas Project + kind: AtlasProject + name: atlasprojects.atlas.mongodb.com + version: v1 + description: Kubernetes Operator which manages MongoDB Atlas Clusters from Kubernetes. + displayName: MongoDB Atlas Operator + icon: + - base64data: "" + mediatype: "" + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - atlas.mongodb.com + resources: + - atlasclusters + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - atlas.mongodb.com + resources: + - atlasclusters/status + verbs: + - get + - patch + - update + - apiGroups: + - atlas.mongodb.com + resources: + - atlasdatabaseusers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - atlas.mongodb.com + resources: + - atlasdatabaseusers/status + verbs: + - get + - patch + - update + - apiGroups: + - atlas.mongodb.com + resources: + - atlasprojects + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - atlas.mongodb.com + resources: + - atlasprojects/status + verbs: + - get + - patch + - update + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + serviceAccountName: default + deployments: + - name: mongodb-atlas-operator + spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + strategy: {} + template: + metadata: + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --secure-listen-address=0.0.0.0:8443 + - --upstream=http://127.0.0.1:8080/ + - --logtostderr=true + - --v=10 + image: gcr.io/kubebuilder/kube-rbac-proxy:v0.5.0 + name: kube-rbac-proxy + ports: + - containerPort: 8443 + name: https + resources: {} + - args: + - --atlas-domain=https://cloud.mongodb.com + - --health-probe-bind-address=:8081 + - --metrics-bind-address=127.0.0.1:8080 + - --leader-elect + command: + - /manager + env: + - name: OPERATOR_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: OPERATOR_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + image: mongodb/mongodb-atlas-kubernetes-operator:0.21.0 + imagePullPolicy: Always + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 100m + memory: 100Mi + requests: + cpu: 100m + memory: 20Mi + securityContext: + allowPrivilegeEscalation: false + securityContext: + runAsNonRoot: true + runAsUser: 2000 + terminationGracePeriodSeconds: 10 + permissions: + - rules: + - apiGroups: + - "" + - coordination.k8s.io + resources: + - configmaps + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + serviceAccountName: default + strategy: deployment + installModes: + - supported: false + type: OwnNamespace + - supported: false + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - MongoDB + - Atlas + - Database + - Replica Set + - Cluster + links: + - name: Mongodb Atlas Kubernetes + url: https://mongodb-atlas-kubernetes.domain + maturity: alpha + provider: + name: MongoDB, Inc + url: https://github.com/mongodb/mongodb-atlas-kubernetes + version: 0.21.0 From df9f3c4526e82a1b7f8b3236f98130e5cf00b877 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 9 Mar 2021 11:07:44 +0000 Subject: [PATCH 22/26] Pushing bundle/manifests/atlas.mongodb.com_atlasclusters.yaml using GitHub API --- .../atlas.mongodb.com_atlasclusters.yaml | 348 ++++++++++++++++++ 1 file changed, 348 insertions(+) create mode 100644 bundle/manifests/atlas.mongodb.com_atlasclusters.yaml diff --git a/bundle/manifests/atlas.mongodb.com_atlasclusters.yaml b/bundle/manifests/atlas.mongodb.com_atlasclusters.yaml new file mode 100644 index 0000000000..3ec879ca47 --- /dev/null +++ b/bundle/manifests/atlas.mongodb.com_atlasclusters.yaml @@ -0,0 +1,348 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: atlasclusters.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasCluster + listKind: AtlasClusterList + plural: atlasclusters + singular: atlascluster + scope: Namespaced + versions: + - name: v1 + schema: + openAPIV3Schema: + description: AtlasCluster is the Schema for the atlasclusters API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasClusterSpec defines the desired state of AtlasCluster + properties: + autoScaling: + description: Collection of settings that configures auto-scaling information for the cluster. If you specify the autoScaling object, you must also specify the providerSettings.autoScaling object. + properties: + autoIndexingEnabled: + description: Flag that indicates whether autopilot mode for Performance Advisor is enabled. The default is false. + type: boolean + compute: + description: Collection of settings that configure how a cluster might scale its cluster tier and whether the cluster can scale down. + properties: + enabled: + description: Flag that indicates whether cluster tier auto-scaling is enabled. The default is false. + type: boolean + maxInstanceSize: + description: 'Maximum instance size to which your cluster can automatically scale (such as M40). Atlas requires this parameter if "autoScaling.compute.enabled" : true.' + type: string + minInstanceSize: + description: 'Minimum instance size to which your cluster can automatically scale (such as M10). Atlas requires this parameter if "autoScaling.compute.scaleDownEnabled" : true.' + type: string + scaleDownEnabled: + description: 'Flag that indicates whether the cluster tier may scale down. Atlas requires this parameter if "autoScaling.compute.enabled" : true.' + type: boolean + type: object + diskGBEnabled: + description: Flag that indicates whether disk auto-scaling is enabled. The default is true. + type: boolean + type: object + biConnector: + description: Configuration of BI Connector for Atlas on this cluster. The MongoDB Connector for Business Intelligence for Atlas (BI Connector) is only available for M10 and larger clusters. + properties: + enabled: + description: Flag that indicates whether or not BI Connector for Atlas is enabled on the cluster. + type: boolean + readPreference: + description: Source from which the BI Connector for Atlas reads data. Each BI Connector for Atlas read preference contains a distinct combination of readPreference and readPreferenceTags options. + type: string + type: object + clusterType: + description: Type of the cluster that you want to create. The parameter is required if replicationSpecs are set or if Global Clusters are deployed. + enum: + - REPLICASET + - SHARDED + - GEOSHARDED + type: string + diskSizeGB: + description: Capacity, in gigabytes, of the host's root volume. Increase this number to add capacity, up to a maximum possible value of 4096 (i.e., 4 TB). This value must be a positive integer. The parameter is required if replicationSpecs are configured. + maximum: 4096 + minimum: 0 + type: integer + encryptionAtRestProvider: + description: Cloud service provider that offers Encryption at Rest. + enum: + - AWS + - GCP + - AZURE + - NONE + type: string + labels: + description: Collection of key-value pairs that tag and categorize the cluster. Each key and value has a maximum length of 255 characters. + items: + description: LabelSpec contains key-value pairs that tag and categorize the Cluster/DBUser + properties: + key: + maxLength: 255 + type: string + value: + type: string + required: + - key + - value + type: object + type: array + mongoDBMajorVersion: + description: Version of the cluster to deploy. + type: string + name: + description: Name of the cluster as it appears in Atlas. After Atlas creates the cluster, you can't change its name. + type: string + numShards: + description: Positive integer that specifies the number of shards to deploy for a sharded cluster. The parameter is required if replicationSpecs are configured + maximum: 50 + minimum: 1 + type: integer + paused: + description: Flag that indicates whether the cluster should be paused. + type: boolean + pitEnabled: + description: Flag that indicates the cluster uses continuous cloud backups. + type: boolean + projectRef: + description: Project is a reference to AtlasProject resource the cluster belongs to + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + providerBackupEnabled: + description: Applicable only for M10+ clusters. Flag that indicates if the cluster uses Cloud Backups for backups. + type: boolean + providerSettings: + description: Configuration for the provisioned hosts on which MongoDB runs. The available options are specific to the cloud service provider. + properties: + autoScaling: + description: Range of instance sizes to which your cluster can scale. + properties: + autoIndexingEnabled: + description: Flag that indicates whether autopilot mode for Performance Advisor is enabled. The default is false. + type: boolean + compute: + description: Collection of settings that configure how a cluster might scale its cluster tier and whether the cluster can scale down. + properties: + enabled: + description: Flag that indicates whether cluster tier auto-scaling is enabled. The default is false. + type: boolean + maxInstanceSize: + description: 'Maximum instance size to which your cluster can automatically scale (such as M40). Atlas requires this parameter if "autoScaling.compute.enabled" : true.' + type: string + minInstanceSize: + description: 'Minimum instance size to which your cluster can automatically scale (such as M10). Atlas requires this parameter if "autoScaling.compute.scaleDownEnabled" : true.' + type: string + scaleDownEnabled: + description: 'Flag that indicates whether the cluster tier may scale down. Atlas requires this parameter if "autoScaling.compute.enabled" : true.' + type: boolean + type: object + diskGBEnabled: + description: Flag that indicates whether disk auto-scaling is enabled. The default is true. + type: boolean + type: object + backingProviderName: + description: 'Cloud service provider on which the host for a multi-tenant cluster is provisioned. This setting only works when "providerSetting.providerName" : "TENANT" and "providerSetting.instanceSizeName" : M2 or M5.' + enum: + - AWS + - GCP + - AZURE + type: string + diskIOPS: + description: Disk IOPS setting for AWS storage. Set only if you selected AWS as your cloud service provider. + format: int64 + type: integer + diskTypeName: + description: Type of disk if you selected Azure as your cloud service provider. + type: string + encryptEBSVolume: + description: Flag that indicates whether the Amazon EBS encryption feature encrypts the host's root volume for both data at rest within the volume and for data moving between the volume and the cluster. + type: boolean + instanceSizeName: + description: Atlas provides different cluster tiers, each with a default storage capacity and RAM size. The cluster you select is used for all the data-bearing hosts in your cluster tier. + type: string + providerName: + description: Cloud service provider on which Atlas provisions the hosts. + enum: + - AWS + - GCP + - AZURE + - TENANT + type: string + regionName: + description: Physical location of your MongoDB cluster. The region you choose can affect network latency for clients accessing your databases. + type: string + volumeType: + description: Disk IOPS setting for AWS storage. Set only if you selected AWS as your cloud service provider. + enum: + - STANDARD + - PROVISIONED + type: string + required: + - instanceSizeName + - providerName + type: object + replicationSpecs: + description: Configuration for cluster regions. + items: + description: ReplicationSpec represents a configuration for cluster regions + properties: + numShards: + description: Number of shards to deploy in each specified zone. The default value is 1. + format: int64 + type: integer + regionsConfig: + additionalProperties: + description: RegionsConfig describes the region’s priority in elections and the number and type of MongoDB nodes Atlas deploys to the region. + properties: + analyticsNodes: + description: The number of analytics nodes for Atlas to deploy to the region. Analytics nodes are useful for handling analytic data such as reporting queries from BI Connector for Atlas. Analytics nodes are read-only, and can never become the primary. If you do not specify this option, no analytics nodes are deployed to the region. + format: int64 + type: integer + electableNodes: + description: Number of electable nodes for Atlas to deploy to the region. Electable nodes can become the primary and can facilitate local reads. + format: int64 + type: integer + priority: + description: Election priority of the region. For regions with only replicationSpecs[n].regionsConfig..readOnlyNodes, set this value to 0. + format: int64 + type: integer + readOnlyNodes: + description: Number of read-only nodes for Atlas to deploy to the region. Read-only nodes can never become the primary, but can facilitate local-reads. + format: int64 + type: integer + type: object + description: Configuration for a region. Each regionsConfig object describes the region's priority in elections and the number and type of MongoDB nodes that Atlas deploys to the region. + type: object + zoneName: + description: Name for the zone in a Global Cluster. Don't provide this value if clusterType is not GEOSHARDED. + type: string + type: object + type: array + required: + - name + - projectRef + - providerSettings + type: object + status: + description: AtlasClusterStatus defines the observed state of AtlasCluster. + properties: + conditions: + description: Conditions is the list of statuses showing the current state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + connectionStrings: + description: ConnectionStrings is a set of connection strings that your applications use to connect to this cluster. + properties: + private: + description: Network-peering-endpoint-aware mongodb:// connection strings for each interface VPC endpoint you configured to connect to this cluster. Atlas returns this parameter only if you created a network peering connection to this cluster. + type: string + privateEndpoint: + description: Private endpoint connection strings. Each object describes the connection strings you can use to connect to this cluster through a private endpoint. Atlas returns this parameter only if you deployed a private endpoint to all regions to which you deployed this cluster's nodes. + items: + description: PrivateEndpoint connection strings. Each object describes the connection strings you can use to connect to this cluster through a private endpoint. Atlas returns this parameter only if you deployed a private endpoint to all regions to which you deployed this cluster's nodes. + properties: + connectionString: + description: Private-endpoint-aware mongodb:// connection string for this private endpoint. + type: string + endpoints: + description: Private endpoint through which you connect to Atlas when you use connectionStrings.privateEndpoint[n].connectionString or connectionStrings.privateEndpoint[n].srvConnectionString. + items: + description: Endpoint through which you connect to Atlas + properties: + endpointId: + description: Unique identifier of the private endpoint. + type: string + providerName: + description: Cloud provider to which you deployed the private endpoint. Atlas returns AWS or AZURE. + type: string + region: + description: Region to which you deployed the private endpoint. + type: string + type: object + type: array + srvConnectionString: + description: Private-endpoint-aware mongodb+srv:// connection string for this private endpoint. + type: string + type: + description: "Type of MongoDB process that you connect to with the connection strings \n Atlas returns: \n • MONGOD for replica sets, or \n • MONGOS for sharded clusters" + type: string + type: object + type: array + privateSrv: + description: Network-peering-endpoint-aware mongodb+srv:// connection strings for each interface VPC endpoint you configured to connect to this cluster. Atlas returns this parameter only if you created a network peering connection to this cluster. Use this URI format if your driver supports it. If it doesn't, use connectionStrings.private. + type: string + standard: + description: Public mongodb:// connection string for this cluster. + type: string + standardSrv: + description: Public mongodb+srv:// connection string for this cluster. + type: string + type: object + mongoDBVersion: + description: MongoDBVersion is the version of MongoDB the cluster runs, in . format. + type: string + mongoURIUpdated: + description: MongoURIUpdated is a timestamp in ISO 8601 date and time format in UTC when the connection string was last updated. The connection string changes if you update any of the other values. + type: string + observedGeneration: + description: ObservedGeneration indicates the generation of the resource specification that the Atlas Operator is aware of. The Atlas Operator updates this field to the 'metadata.generation' as soon as it starts reconciliation of the resource. + format: int64 + type: integer + stateName: + description: 'StateName is the current state of the cluster. The possible states are: IDLE, CREATING, UPDATING, DELETING, DELETED, REPAIRING' + type: string + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] From 42482daed334a08a09630d422f763e37a9eb3e7f Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 9 Mar 2021 11:07:45 +0000 Subject: [PATCH 23/26] Pushing bundle/manifests/atlas.mongodb.com_atlasdatabaseusers.yaml using GitHub API --- .../atlas.mongodb.com_atlasdatabaseusers.yaml | 175 ++++++++++++++++++ 1 file changed, 175 insertions(+) create mode 100644 bundle/manifests/atlas.mongodb.com_atlasdatabaseusers.yaml diff --git a/bundle/manifests/atlas.mongodb.com_atlasdatabaseusers.yaml b/bundle/manifests/atlas.mongodb.com_atlasdatabaseusers.yaml new file mode 100644 index 0000000000..63771fc7b3 --- /dev/null +++ b/bundle/manifests/atlas.mongodb.com_atlasdatabaseusers.yaml @@ -0,0 +1,175 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.4.1 + creationTimestamp: null + name: atlasdatabaseusers.atlas.mongodb.com +spec: + group: atlas.mongodb.com + names: + kind: AtlasDatabaseUser + listKind: AtlasDatabaseUserList + plural: atlasdatabaseusers + singular: atlasdatabaseuser + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .spec.name + name: Name + type: string + name: v1 + schema: + openAPIV3Schema: + description: AtlasDatabaseUser is the Schema for the Atlas Database User API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation of an object. Servers should convert recognized schemas to the latest internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this object represents. Servers may infer this from the endpoint the client submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: AtlasDatabaseUserSpec defines the desired state of Database User in Atlas + properties: + databaseName: + default: admin + description: DatabaseName is a Database against which Atlas authenticates the user. Default value is 'admin'. + type: string + deleteAfterDate: + description: DeleteAfterDate is a timestamp in ISO 8601 date and time format in UTC after which Atlas deletes the user. The specified date must be in the future and within one week. + type: string + labels: + description: Labels is an array containing key-value pairs that tag and categorize the database user. Each key and value has a maximum length of 255 characters. + items: + description: LabelSpec contains key-value pairs that tag and categorize the Cluster/DBUser + properties: + key: + maxLength: 255 + type: string + value: + type: string + required: + - key + - value + type: object + type: array + passwordSecretRef: + description: PasswordSecret is a reference to the Secret keeping the user password. + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + projectRef: + description: Project is a reference to AtlasProject resource the user belongs to + properties: + name: + description: Name is the name of the Kubernetes Resource + type: string + required: + - name + type: object + roles: + description: Roles is an array of this user's roles and the databases / collections on which the roles apply. A role allows the user to perform particular actions on the specified database. + items: + description: RoleSpec allows the user to perform particular actions on the specified database. A role on the admin database can include privileges that apply to the other databases as well. + properties: + collectionName: + description: CollectionName is a collection for which the role applies. + type: string + databaseName: + description: DatabaseName is a database on which the user has the specified role. A role on the admin database can include privileges that apply to the other databases. + type: string + roleName: + description: RoleName is a name of the role. This value can either be a built-in role or a custom role. + type: string + required: + - databaseName + - roleName + type: object + minItems: 1 + type: array + scopes: + description: Scopes is an array of clusters and Atlas Data Lakes that this user has access to. + items: + description: ScopeSpec if present a database user only have access to the indicated resource (Cluster or Atlas Data Lake) if none is given then it has access to all. It's highly recommended to restrict the access of the database users only to a limited set of resources. + properties: + name: + description: Name is a name of the cluster or Atlas Data Lake that the user has access to. + type: string + type: + description: Type is a type of resource that the user has access to. + enum: + - CLUSTER + - DATA_LAKE + type: string + required: + - name + - type + type: object + type: array + username: + description: Username is a username for authenticating to MongoDB. + type: string + required: + - passwordSecretRef + - projectRef + - roles + - username + type: object + status: + description: AtlasDatabaseUserStatus defines the observed state of AtlasProject + properties: + conditions: + description: Conditions is the list of statuses showing the current state of the Atlas Custom Resource + items: + description: Condition describes the state of an Atlas Custom Resource at a certain point. + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status to another. + format: date-time + type: string + message: + description: A human readable message indicating details about the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type of Atlas Custom Resource condition. + type: string + required: + - status + - type + type: object + type: array + connectionSecrets: + additionalProperties: + type: string + type: object + observedGeneration: + description: ObservedGeneration indicates the generation of the resource specification that the Atlas Operator is aware of. The Atlas Operator updates this field to the 'metadata.generation' as soon as it starts reconciliation of the resource. + format: int64 + type: integer + required: + - conditions + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] From dcd51fa4426c6547f49d56d55f77764b8b5dac88 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 9 Mar 2021 11:07:45 +0000 Subject: [PATCH 24/26] Pushing bundle/manifests/mongodb-atlas-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml using GitHub API --- ...eader_rbac.authorization.k8s.io_v1_clusterrole.yaml | 10 ++++++++++ 1 file changed, 10 insertions(+) create mode 100644 bundle/manifests/mongodb-atlas-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml diff --git a/bundle/manifests/mongodb-atlas-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml b/bundle/manifests/mongodb-atlas-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml new file mode 100644 index 0000000000..764c59c9c6 --- /dev/null +++ b/bundle/manifests/mongodb-atlas-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml @@ -0,0 +1,10 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + creationTimestamp: null + name: mongodb-atlas-metrics-reader +rules: +- nonResourceURLs: + - /metrics + verbs: + - get From 18c3d2436666783f72d550efc3e47291ed141696 Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 9 Mar 2021 11:07:46 +0000 Subject: [PATCH 25/26] Pushing bundle/manifests/mongodb-atlas-controller-manager-metrics-service_v1_service.yaml using GitHub API --- ...oller-manager-metrics-service_v1_service.yaml | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) create mode 100644 bundle/manifests/mongodb-atlas-controller-manager-metrics-service_v1_service.yaml diff --git a/bundle/manifests/mongodb-atlas-controller-manager-metrics-service_v1_service.yaml b/bundle/manifests/mongodb-atlas-controller-manager-metrics-service_v1_service.yaml new file mode 100644 index 0000000000..afdf6a4e7f --- /dev/null +++ b/bundle/manifests/mongodb-atlas-controller-manager-metrics-service_v1_service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + control-plane: controller-manager + name: mongodb-atlas-controller-manager-metrics-service +spec: + ports: + - name: https + port: 8443 + targetPort: https + selector: + control-plane: controller-manager +status: + loadBalancer: {} From a9348c039b048b58f12ba14d6af484e68517739b Mon Sep 17 00:00:00 2001 From: "github-actions[bot]" <41898282+github-actions[bot]@users.noreply.github.com> Date: Tue, 9 Mar 2021 11:07:47 +0000 Subject: [PATCH 26/26] Pushing bundle.Dockerfile using GitHub API --- bundle.Dockerfile | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 bundle.Dockerfile diff --git a/bundle.Dockerfile b/bundle.Dockerfile new file mode 100644 index 0000000000..7db88a660f --- /dev/null +++ b/bundle.Dockerfile @@ -0,0 +1,15 @@ +FROM scratch + +LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 +LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ +LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ +LABEL operators.operatorframework.io.bundle.package.v1=mongodb-atlas-kubernetes +LABEL operators.operatorframework.io.bundle.channels.v1=alpha +LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.4.2 +LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 +LABEL operators.operatorframework.io.metrics.project_layout=go.kubebuilder.io/v3 +LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/ +LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1 +COPY bundle/manifests /manifests/ +COPY bundle/metadata /metadata/ +COPY bundle/tests/scorecard /tests/scorecard/