-
Notifications
You must be signed in to change notification settings - Fork 121
/
zz_webacl_types.go
executable file
·404 lines (298 loc) · 20.3 KB
/
zz_webacl_types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
// SPDX-FileCopyrightText: 2023 The Crossplane Authors <https://crossplane.io>
//
// SPDX-License-Identifier: Apache-2.0
/*
Copyright 2022 Upbound Inc.
*/
// Code generated by upjet. DO NOT EDIT.
package v1beta1
import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime/schema"
v1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
)
type ActionInitParameters struct {
// Specifies how you want AWS WAF Regional to respond to requests that match the settings in a rule. Valid values for action are ALLOW, BLOCK or COUNT. Valid values for override_action are COUNT and NONE.
Type *string `json:"type,omitempty" tf:"type,omitempty"`
}
type ActionObservation struct {
// Specifies how you want AWS WAF Regional to respond to requests that match the settings in a rule. Valid values for action are ALLOW, BLOCK or COUNT. Valid values for override_action are COUNT and NONE.
Type *string `json:"type,omitempty" tf:"type,omitempty"`
}
type ActionParameters struct {
// Specifies how you want AWS WAF Regional to respond to requests that match the settings in a rule. Valid values for action are ALLOW, BLOCK or COUNT. Valid values for override_action are COUNT and NONE.
// +kubebuilder:validation:Optional
Type *string `json:"type" tf:"type,omitempty"`
}
type DefaultActionInitParameters struct {
// Specifies how you want AWS WAF Regional to respond to requests that match the settings in a ruleE.g., ALLOW, BLOCK or COUNT
Type *string `json:"type,omitempty" tf:"type,omitempty"`
}
type DefaultActionObservation struct {
// Specifies how you want AWS WAF Regional to respond to requests that match the settings in a ruleE.g., ALLOW, BLOCK or COUNT
Type *string `json:"type,omitempty" tf:"type,omitempty"`
}
type DefaultActionParameters struct {
// Specifies how you want AWS WAF Regional to respond to requests that match the settings in a ruleE.g., ALLOW, BLOCK or COUNT
// +kubebuilder:validation:Optional
Type *string `json:"type" tf:"type,omitempty"`
}
type LoggingConfigurationInitParameters struct {
// Amazon Resource Name (ARN) of Kinesis Firehose Delivery Stream
// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/firehose/v1beta1.DeliveryStream
// +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("arn",false)
LogDestination *string `json:"logDestination,omitempty" tf:"log_destination,omitempty"`
// Reference to a DeliveryStream in firehose to populate logDestination.
// +kubebuilder:validation:Optional
LogDestinationRef *v1.Reference `json:"logDestinationRef,omitempty" tf:"-"`
// Selector for a DeliveryStream in firehose to populate logDestination.
// +kubebuilder:validation:Optional
LogDestinationSelector *v1.Selector `json:"logDestinationSelector,omitempty" tf:"-"`
// Configuration block containing parts of the request that you want redacted from the logs. Detailed below.
RedactedFields []RedactedFieldsInitParameters `json:"redactedFields,omitempty" tf:"redacted_fields,omitempty"`
}
type LoggingConfigurationObservation struct {
// Amazon Resource Name (ARN) of Kinesis Firehose Delivery Stream
LogDestination *string `json:"logDestination,omitempty" tf:"log_destination,omitempty"`
// Configuration block containing parts of the request that you want redacted from the logs. Detailed below.
RedactedFields []RedactedFieldsObservation `json:"redactedFields,omitempty" tf:"redacted_fields,omitempty"`
}
type LoggingConfigurationParameters struct {
// Amazon Resource Name (ARN) of Kinesis Firehose Delivery Stream
// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/firehose/v1beta1.DeliveryStream
// +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("arn",false)
// +kubebuilder:validation:Optional
LogDestination *string `json:"logDestination,omitempty" tf:"log_destination,omitempty"`
// Reference to a DeliveryStream in firehose to populate logDestination.
// +kubebuilder:validation:Optional
LogDestinationRef *v1.Reference `json:"logDestinationRef,omitempty" tf:"-"`
// Selector for a DeliveryStream in firehose to populate logDestination.
// +kubebuilder:validation:Optional
LogDestinationSelector *v1.Selector `json:"logDestinationSelector,omitempty" tf:"-"`
// Configuration block containing parts of the request that you want redacted from the logs. Detailed below.
// +kubebuilder:validation:Optional
RedactedFields []RedactedFieldsParameters `json:"redactedFields,omitempty" tf:"redacted_fields,omitempty"`
}
type OverrideActionInitParameters struct {
// Specifies how you want AWS WAF Regional to respond to requests that match the settings in a rule. Valid values for action are ALLOW, BLOCK or COUNT. Valid values for override_action are COUNT and NONE.
Type *string `json:"type,omitempty" tf:"type,omitempty"`
}
type OverrideActionObservation struct {
// Specifies how you want AWS WAF Regional to respond to requests that match the settings in a rule. Valid values for action are ALLOW, BLOCK or COUNT. Valid values for override_action are COUNT and NONE.
Type *string `json:"type,omitempty" tf:"type,omitempty"`
}
type OverrideActionParameters struct {
// Specifies how you want AWS WAF Regional to respond to requests that match the settings in a rule. Valid values for action are ALLOW, BLOCK or COUNT. Valid values for override_action are COUNT and NONE.
// +kubebuilder:validation:Optional
Type *string `json:"type" tf:"type,omitempty"`
}
type RedactedFieldsFieldToMatchInitParameters struct {
// When the value of type is HEADER, enter the name of the header that you want the WAF to search, for example, User-Agent or Referer. If the value of type is any other value, omit data.
Data *string `json:"data,omitempty" tf:"data,omitempty"`
// Specifies how you want AWS WAF Regional to respond to requests that match the settings in a rule. Valid values for action are ALLOW, BLOCK or COUNT. Valid values for override_action are COUNT and NONE.
Type *string `json:"type,omitempty" tf:"type,omitempty"`
}
type RedactedFieldsFieldToMatchObservation struct {
// When the value of type is HEADER, enter the name of the header that you want the WAF to search, for example, User-Agent or Referer. If the value of type is any other value, omit data.
Data *string `json:"data,omitempty" tf:"data,omitempty"`
// Specifies how you want AWS WAF Regional to respond to requests that match the settings in a rule. Valid values for action are ALLOW, BLOCK or COUNT. Valid values for override_action are COUNT and NONE.
Type *string `json:"type,omitempty" tf:"type,omitempty"`
}
type RedactedFieldsFieldToMatchParameters struct {
// When the value of type is HEADER, enter the name of the header that you want the WAF to search, for example, User-Agent or Referer. If the value of type is any other value, omit data.
// +kubebuilder:validation:Optional
Data *string `json:"data,omitempty" tf:"data,omitempty"`
// Specifies how you want AWS WAF Regional to respond to requests that match the settings in a rule. Valid values for action are ALLOW, BLOCK or COUNT. Valid values for override_action are COUNT and NONE.
// +kubebuilder:validation:Optional
Type *string `json:"type" tf:"type,omitempty"`
}
type RedactedFieldsInitParameters struct {
// Set of configuration blocks for fields to redact. Detailed below.
FieldToMatch []RedactedFieldsFieldToMatchInitParameters `json:"fieldToMatch,omitempty" tf:"field_to_match,omitempty"`
}
type RedactedFieldsObservation struct {
// Set of configuration blocks for fields to redact. Detailed below.
FieldToMatch []RedactedFieldsFieldToMatchObservation `json:"fieldToMatch,omitempty" tf:"field_to_match,omitempty"`
}
type RedactedFieldsParameters struct {
// Set of configuration blocks for fields to redact. Detailed below.
// +kubebuilder:validation:Optional
FieldToMatch []RedactedFieldsFieldToMatchParameters `json:"fieldToMatch" tf:"field_to_match,omitempty"`
}
type WebACLInitParameters struct {
// The action that you want AWS WAF Regional to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL.
DefaultAction []DefaultActionInitParameters `json:"defaultAction,omitempty" tf:"default_action,omitempty"`
// Configuration block to enable WAF logging. Detailed below.
LoggingConfiguration []LoggingConfigurationInitParameters `json:"loggingConfiguration,omitempty" tf:"logging_configuration,omitempty"`
// The name or description for the Amazon CloudWatch metric of this web ACL.
MetricName *string `json:"metricName,omitempty" tf:"metric_name,omitempty"`
// The name or description of the web ACL.
Name *string `json:"name,omitempty" tf:"name,omitempty"`
// Set of configuration blocks containing rules for the web ACL. Detailed below.
Rule []WebACLRuleInitParameters `json:"rule,omitempty" tf:"rule,omitempty"`
// Key-value map of resource tags.
// +mapType=granular
Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`
}
type WebACLObservation struct {
// Amazon Resource Name (ARN) of the WAF Regional WebACL.
Arn *string `json:"arn,omitempty" tf:"arn,omitempty"`
// The action that you want AWS WAF Regional to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL.
DefaultAction []DefaultActionObservation `json:"defaultAction,omitempty" tf:"default_action,omitempty"`
// The ID of the WAF Regional WebACL.
ID *string `json:"id,omitempty" tf:"id,omitempty"`
// Configuration block to enable WAF logging. Detailed below.
LoggingConfiguration []LoggingConfigurationObservation `json:"loggingConfiguration,omitempty" tf:"logging_configuration,omitempty"`
// The name or description for the Amazon CloudWatch metric of this web ACL.
MetricName *string `json:"metricName,omitempty" tf:"metric_name,omitempty"`
// The name or description of the web ACL.
Name *string `json:"name,omitempty" tf:"name,omitempty"`
// Set of configuration blocks containing rules for the web ACL. Detailed below.
Rule []WebACLRuleObservation `json:"rule,omitempty" tf:"rule,omitempty"`
// Key-value map of resource tags.
// +mapType=granular
Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`
// A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
// +mapType=granular
TagsAll map[string]*string `json:"tagsAll,omitempty" tf:"tags_all,omitempty"`
}
type WebACLParameters struct {
// The action that you want AWS WAF Regional to take when a request doesn't match the criteria in any of the rules that are associated with the web ACL.
// +kubebuilder:validation:Optional
DefaultAction []DefaultActionParameters `json:"defaultAction,omitempty" tf:"default_action,omitempty"`
// Configuration block to enable WAF logging. Detailed below.
// +kubebuilder:validation:Optional
LoggingConfiguration []LoggingConfigurationParameters `json:"loggingConfiguration,omitempty" tf:"logging_configuration,omitempty"`
// The name or description for the Amazon CloudWatch metric of this web ACL.
// +kubebuilder:validation:Optional
MetricName *string `json:"metricName,omitempty" tf:"metric_name,omitempty"`
// The name or description of the web ACL.
// +kubebuilder:validation:Optional
Name *string `json:"name,omitempty" tf:"name,omitempty"`
// Region is the region you'd like your resource to be created in.
// +upjet:crd:field:TFTag=-
// +kubebuilder:validation:Required
Region *string `json:"region" tf:"-"`
// Set of configuration blocks containing rules for the web ACL. Detailed below.
// +kubebuilder:validation:Optional
Rule []WebACLRuleParameters `json:"rule,omitempty" tf:"rule,omitempty"`
// Key-value map of resource tags.
// +kubebuilder:validation:Optional
// +mapType=granular
Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`
}
type WebACLRuleInitParameters struct {
// Configuration block of the action that CloudFront or AWS WAF takes when a web request matches the conditions in the rule. Not used if type is GROUP. Detailed below.
Action []ActionInitParameters `json:"action,omitempty" tf:"action,omitempty"`
// Configuration block of the override the action that a group requests CloudFront or AWS WAF takes when a web request matches the conditions in the rule. Only used if type is GROUP. Detailed below.
OverrideAction []OverrideActionInitParameters `json:"overrideAction,omitempty" tf:"override_action,omitempty"`
// Specifies the order in which the rules in a WebACL are evaluated.
// Rules with a lower value are evaluated before rules with a higher value.
Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"`
// ID of the associated WAF (Regional) rule (e.g., aws_wafregional_rule). WAF (Global) rules cannot be used.
// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/wafregional/v1beta1.Rule
// +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID()
RuleID *string `json:"ruleId,omitempty" tf:"rule_id,omitempty"`
// Reference to a Rule in wafregional to populate ruleId.
// +kubebuilder:validation:Optional
RuleIDRef *v1.Reference `json:"ruleIdRef,omitempty" tf:"-"`
// Selector for a Rule in wafregional to populate ruleId.
// +kubebuilder:validation:Optional
RuleIDSelector *v1.Selector `json:"ruleIdSelector,omitempty" tf:"-"`
// The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined by RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. If you add a RATE_BASED rule, you need to set type as RATE_BASED. If you add a GROUP rule, you need to set type as GROUP.
Type *string `json:"type,omitempty" tf:"type,omitempty"`
}
type WebACLRuleObservation struct {
// Configuration block of the action that CloudFront or AWS WAF takes when a web request matches the conditions in the rule. Not used if type is GROUP. Detailed below.
Action []ActionObservation `json:"action,omitempty" tf:"action,omitempty"`
// Configuration block of the override the action that a group requests CloudFront or AWS WAF takes when a web request matches the conditions in the rule. Only used if type is GROUP. Detailed below.
OverrideAction []OverrideActionObservation `json:"overrideAction,omitempty" tf:"override_action,omitempty"`
// Specifies the order in which the rules in a WebACL are evaluated.
// Rules with a lower value are evaluated before rules with a higher value.
Priority *float64 `json:"priority,omitempty" tf:"priority,omitempty"`
// ID of the associated WAF (Regional) rule (e.g., aws_wafregional_rule). WAF (Global) rules cannot be used.
RuleID *string `json:"ruleId,omitempty" tf:"rule_id,omitempty"`
// The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined by RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. If you add a RATE_BASED rule, you need to set type as RATE_BASED. If you add a GROUP rule, you need to set type as GROUP.
Type *string `json:"type,omitempty" tf:"type,omitempty"`
}
type WebACLRuleParameters struct {
// Configuration block of the action that CloudFront or AWS WAF takes when a web request matches the conditions in the rule. Not used if type is GROUP. Detailed below.
// +kubebuilder:validation:Optional
Action []ActionParameters `json:"action,omitempty" tf:"action,omitempty"`
// Configuration block of the override the action that a group requests CloudFront or AWS WAF takes when a web request matches the conditions in the rule. Only used if type is GROUP. Detailed below.
// +kubebuilder:validation:Optional
OverrideAction []OverrideActionParameters `json:"overrideAction,omitempty" tf:"override_action,omitempty"`
// Specifies the order in which the rules in a WebACL are evaluated.
// Rules with a lower value are evaluated before rules with a higher value.
// +kubebuilder:validation:Optional
Priority *float64 `json:"priority" tf:"priority,omitempty"`
// ID of the associated WAF (Regional) rule (e.g., aws_wafregional_rule). WAF (Global) rules cannot be used.
// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/wafregional/v1beta1.Rule
// +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractResourceID()
// +kubebuilder:validation:Optional
RuleID *string `json:"ruleId,omitempty" tf:"rule_id,omitempty"`
// Reference to a Rule in wafregional to populate ruleId.
// +kubebuilder:validation:Optional
RuleIDRef *v1.Reference `json:"ruleIdRef,omitempty" tf:"-"`
// Selector for a Rule in wafregional to populate ruleId.
// +kubebuilder:validation:Optional
RuleIDSelector *v1.Selector `json:"ruleIdSelector,omitempty" tf:"-"`
// The rule type, either REGULAR, as defined by Rule, RATE_BASED, as defined by RateBasedRule, or GROUP, as defined by RuleGroup. The default is REGULAR. If you add a RATE_BASED rule, you need to set type as RATE_BASED. If you add a GROUP rule, you need to set type as GROUP.
// +kubebuilder:validation:Optional
Type *string `json:"type,omitempty" tf:"type,omitempty"`
}
// WebACLSpec defines the desired state of WebACL
type WebACLSpec struct {
v1.ResourceSpec `json:",inline"`
ForProvider WebACLParameters `json:"forProvider"`
// THIS IS A BETA FIELD. It will be honored
// unless the Management Policies feature flag is disabled.
// InitProvider holds the same fields as ForProvider, with the exception
// of Identifier and other resource reference fields. The fields that are
// in InitProvider are merged into ForProvider when the resource is created.
// The same fields are also added to the terraform ignore_changes hook, to
// avoid updating them after creation. This is useful for fields that are
// required on creation, but we do not desire to update them after creation,
// for example because of an external controller is managing them, like an
// autoscaler.
InitProvider WebACLInitParameters `json:"initProvider,omitempty"`
}
// WebACLStatus defines the observed state of WebACL.
type WebACLStatus struct {
v1.ResourceStatus `json:",inline"`
AtProvider WebACLObservation `json:"atProvider,omitempty"`
}
// +kubebuilder:object:root=true
// WebACL is the Schema for the WebACLs API. Provides a AWS WAF Regional web access control group (ACL) resource for use with ALB.
// +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status"
// +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status"
// +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name"
// +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp"
// +kubebuilder:subresource:status
// +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}
type WebACL struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.defaultAction) || (has(self.initProvider) && has(self.initProvider.defaultAction))",message="spec.forProvider.defaultAction is a required parameter"
// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.metricName) || (has(self.initProvider) && has(self.initProvider.metricName))",message="spec.forProvider.metricName is a required parameter"
// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter"
Spec WebACLSpec `json:"spec"`
Status WebACLStatus `json:"status,omitempty"`
}
// +kubebuilder:object:root=true
// WebACLList contains a list of WebACLs
type WebACLList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []WebACL `json:"items"`
}
// Repository type metadata.
var (
WebACL_Kind = "WebACL"
WebACL_GroupKind = schema.GroupKind{Group: CRDGroup, Kind: WebACL_Kind}.String()
WebACL_KindAPIVersion = WebACL_Kind + "." + CRDGroupVersion.String()
WebACL_GroupVersionKind = CRDGroupVersion.WithKind(WebACL_Kind)
)
func init() {
SchemeBuilder.Register(&WebACL{}, &WebACLList{})
}