forked from cloud-toolkit/cloud-toolkit-aws
/
irsa.go
255 lines (208 loc) · 8.04 KB
/
irsa.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
// Code generated by Pulumi SDK Generator DO NOT EDIT.
// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! ***
package kubernetes
import (
"context"
"reflect"
"github.com/pkg/errors"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/iam"
"github.com/pulumi/pulumi-kubernetes/sdk/v3/go/kubernetes"
corev1 "github.com/pulumi/pulumi-kubernetes/sdk/v3/go/kubernetes/core/v1"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
// The Irsa component create an IAM roles for service accounts on AWS and Kubernetes.
type Irsa struct {
pulumi.ResourceState
Name pulumi.StringOutput `pulumi:"name"`
// The list of IAM Policies.
Policies iam.PolicyArrayOutput `pulumi:"policies"`
// The IAM Role.
Role iam.RoleOutput `pulumi:"role"`
// The list of IAM Policy Attachments to associate the Roles and Policies.
RolePolicyAttachments iam.RolePolicyAttachmentArrayOutput `pulumi:"rolePolicyAttachments"`
// The ServiceAccount created in Kubernetes.
ServiceAccount corev1.ServiceAccountOutput `pulumi:"serviceAccount"`
}
// NewIrsa registers a new resource with the given unique name, arguments, and options.
func NewIrsa(ctx *pulumi.Context,
name string, args *IrsaArgs, opts ...pulumi.ResourceOption) (*Irsa, error) {
if args == nil {
return nil, errors.New("missing one or more required arguments")
}
if args.IdentityProvidersArn == nil {
return nil, errors.New("invalid value for required argument 'IdentityProvidersArn'")
}
if args.IssuerUrl == nil {
return nil, errors.New("invalid value for required argument 'IssuerUrl'")
}
if args.K8sProvider == nil {
return nil, errors.New("invalid value for required argument 'K8sProvider'")
}
if args.Namespace == nil {
return nil, errors.New("invalid value for required argument 'Namespace'")
}
if args.Policies == nil {
return nil, errors.New("invalid value for required argument 'Policies'")
}
if args.ServiceAccountName == nil {
return nil, errors.New("invalid value for required argument 'ServiceAccountName'")
}
opts = pkgResourceDefaultOpts(opts)
var resource Irsa
err := ctx.RegisterRemoteComponentResource("cloud-toolkit-aws:kubernetes:Irsa", name, args, &resource, opts...)
if err != nil {
return nil, err
}
return &resource, nil
}
type irsaArgs struct {
// The OIDC Identity Provider arn used by the IRSA.
IdentityProvidersArn []string `pulumi:"identityProvidersArn"`
// The OIDC Identity Provider url used by the IRSA.
IssuerUrl string `pulumi:"issuerUrl"`
// Kubernetes provider used by Pulumi.
K8sProvider *kubernetes.Provider `pulumi:"k8sProvider"`
// The Namespace name where the addon will be installed.
Namespace string `pulumi:"namespace"`
// The list of Policies to be associated to the Irsa.
Policies []string `pulumi:"policies"`
// The Service Account name used in Kubernetes.
ServiceAccountName string `pulumi:"serviceAccountName"`
}
// The set of arguments for constructing a Irsa resource.
type IrsaArgs struct {
// The OIDC Identity Provider arn used by the IRSA.
IdentityProvidersArn pulumi.StringArrayInput
// The OIDC Identity Provider url used by the IRSA.
IssuerUrl pulumi.StringInput
// Kubernetes provider used by Pulumi.
K8sProvider kubernetes.ProviderInput
// The Namespace name where the addon will be installed.
Namespace pulumi.StringInput
// The list of Policies to be associated to the Irsa.
Policies pulumi.StringArrayInput
// The Service Account name used in Kubernetes.
ServiceAccountName pulumi.StringInput
}
func (IrsaArgs) ElementType() reflect.Type {
return reflect.TypeOf((*irsaArgs)(nil)).Elem()
}
type IrsaInput interface {
pulumi.Input
ToIrsaOutput() IrsaOutput
ToIrsaOutputWithContext(ctx context.Context) IrsaOutput
}
func (*Irsa) ElementType() reflect.Type {
return reflect.TypeOf((**Irsa)(nil)).Elem()
}
func (i *Irsa) ToIrsaOutput() IrsaOutput {
return i.ToIrsaOutputWithContext(context.Background())
}
func (i *Irsa) ToIrsaOutputWithContext(ctx context.Context) IrsaOutput {
return pulumi.ToOutputWithContext(ctx, i).(IrsaOutput)
}
// IrsaArrayInput is an input type that accepts IrsaArray and IrsaArrayOutput values.
// You can construct a concrete instance of `IrsaArrayInput` via:
//
// IrsaArray{ IrsaArgs{...} }
type IrsaArrayInput interface {
pulumi.Input
ToIrsaArrayOutput() IrsaArrayOutput
ToIrsaArrayOutputWithContext(context.Context) IrsaArrayOutput
}
type IrsaArray []IrsaInput
func (IrsaArray) ElementType() reflect.Type {
return reflect.TypeOf((*[]*Irsa)(nil)).Elem()
}
func (i IrsaArray) ToIrsaArrayOutput() IrsaArrayOutput {
return i.ToIrsaArrayOutputWithContext(context.Background())
}
func (i IrsaArray) ToIrsaArrayOutputWithContext(ctx context.Context) IrsaArrayOutput {
return pulumi.ToOutputWithContext(ctx, i).(IrsaArrayOutput)
}
// IrsaMapInput is an input type that accepts IrsaMap and IrsaMapOutput values.
// You can construct a concrete instance of `IrsaMapInput` via:
//
// IrsaMap{ "key": IrsaArgs{...} }
type IrsaMapInput interface {
pulumi.Input
ToIrsaMapOutput() IrsaMapOutput
ToIrsaMapOutputWithContext(context.Context) IrsaMapOutput
}
type IrsaMap map[string]IrsaInput
func (IrsaMap) ElementType() reflect.Type {
return reflect.TypeOf((*map[string]*Irsa)(nil)).Elem()
}
func (i IrsaMap) ToIrsaMapOutput() IrsaMapOutput {
return i.ToIrsaMapOutputWithContext(context.Background())
}
func (i IrsaMap) ToIrsaMapOutputWithContext(ctx context.Context) IrsaMapOutput {
return pulumi.ToOutputWithContext(ctx, i).(IrsaMapOutput)
}
type IrsaOutput struct{ *pulumi.OutputState }
func (IrsaOutput) ElementType() reflect.Type {
return reflect.TypeOf((**Irsa)(nil)).Elem()
}
func (o IrsaOutput) ToIrsaOutput() IrsaOutput {
return o
}
func (o IrsaOutput) ToIrsaOutputWithContext(ctx context.Context) IrsaOutput {
return o
}
func (o IrsaOutput) Name() pulumi.StringOutput {
return o.ApplyT(func(v *Irsa) pulumi.StringOutput { return v.Name }).(pulumi.StringOutput)
}
// The list of IAM Policies.
func (o IrsaOutput) Policies() iam.PolicyArrayOutput {
return o.ApplyT(func(v *Irsa) iam.PolicyArrayOutput { return v.Policies }).(iam.PolicyArrayOutput)
}
// The IAM Role.
func (o IrsaOutput) Role() iam.RoleOutput {
return o.ApplyT(func(v *Irsa) iam.RoleOutput { return v.Role }).(iam.RoleOutput)
}
// The list of IAM Policy Attachments to associate the Roles and Policies.
func (o IrsaOutput) RolePolicyAttachments() iam.RolePolicyAttachmentArrayOutput {
return o.ApplyT(func(v *Irsa) iam.RolePolicyAttachmentArrayOutput { return v.RolePolicyAttachments }).(iam.RolePolicyAttachmentArrayOutput)
}
// The ServiceAccount created in Kubernetes.
func (o IrsaOutput) ServiceAccount() corev1.ServiceAccountOutput {
return o.ApplyT(func(v *Irsa) corev1.ServiceAccountOutput { return v.ServiceAccount }).(corev1.ServiceAccountOutput)
}
type IrsaArrayOutput struct{ *pulumi.OutputState }
func (IrsaArrayOutput) ElementType() reflect.Type {
return reflect.TypeOf((*[]*Irsa)(nil)).Elem()
}
func (o IrsaArrayOutput) ToIrsaArrayOutput() IrsaArrayOutput {
return o
}
func (o IrsaArrayOutput) ToIrsaArrayOutputWithContext(ctx context.Context) IrsaArrayOutput {
return o
}
func (o IrsaArrayOutput) Index(i pulumi.IntInput) IrsaOutput {
return pulumi.All(o, i).ApplyT(func(vs []interface{}) *Irsa {
return vs[0].([]*Irsa)[vs[1].(int)]
}).(IrsaOutput)
}
type IrsaMapOutput struct{ *pulumi.OutputState }
func (IrsaMapOutput) ElementType() reflect.Type {
return reflect.TypeOf((*map[string]*Irsa)(nil)).Elem()
}
func (o IrsaMapOutput) ToIrsaMapOutput() IrsaMapOutput {
return o
}
func (o IrsaMapOutput) ToIrsaMapOutputWithContext(ctx context.Context) IrsaMapOutput {
return o
}
func (o IrsaMapOutput) MapIndex(k pulumi.StringInput) IrsaOutput {
return pulumi.All(o, k).ApplyT(func(vs []interface{}) *Irsa {
return vs[0].(map[string]*Irsa)[vs[1].(string)]
}).(IrsaOutput)
}
func init() {
pulumi.RegisterInputType(reflect.TypeOf((*IrsaInput)(nil)).Elem(), &Irsa{})
pulumi.RegisterInputType(reflect.TypeOf((*IrsaArrayInput)(nil)).Elem(), IrsaArray{})
pulumi.RegisterInputType(reflect.TypeOf((*IrsaMapInput)(nil)).Elem(), IrsaMap{})
pulumi.RegisterOutputType(IrsaOutput{})
pulumi.RegisterOutputType(IrsaArrayOutput{})
pulumi.RegisterOutputType(IrsaMapOutput{})
}