-
Notifications
You must be signed in to change notification settings - Fork 117
/
zz_accountassignment_types.go
executable file
·155 lines (122 loc) · 7.48 KB
/
zz_accountassignment_types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
// SPDX-FileCopyrightText: 2024 The Crossplane Authors <https://crossplane.io>
//
// SPDX-License-Identifier: Apache-2.0
// Code generated by upjet. DO NOT EDIT.
package v1beta1
import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime/schema"
v1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
)
type AccountAssignmentInitParameters struct {
}
type AccountAssignmentObservation struct {
// The identifier of the Account Assignment i.e., principal_id, principal_type, target_id, target_type, permission_set_arn, instance_arn separated by commas (,).
ID *string `json:"id,omitempty" tf:"id,omitempty"`
// The Amazon Resource Name (ARN) of the SSO Instance.
InstanceArn *string `json:"instanceArn,omitempty" tf:"instance_arn,omitempty"`
// The Amazon Resource Name (ARN) of the Permission Set that the admin wants to grant the principal access to.
PermissionSetArn *string `json:"permissionSetArn,omitempty" tf:"permission_set_arn,omitempty"`
// An identifier for an object in SSO, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). This can be set to the crossplane external-name of either a Group or User in the identitystore api group, but the Ref and Selector fields will only work with a Group.
PrincipalID *string `json:"principalId,omitempty" tf:"principal_id,omitempty"`
// The entity type for which the assignment will be created. Valid values: USER, GROUP.
PrincipalType *string `json:"principalType,omitempty" tf:"principal_type,omitempty"`
// An AWS account identifier, typically a 10-12 digit string.
TargetID *string `json:"targetId,omitempty" tf:"target_id,omitempty"`
// The entity type for which the assignment will be created. Valid values: AWS_ACCOUNT.
TargetType *string `json:"targetType,omitempty" tf:"target_type,omitempty"`
}
type AccountAssignmentParameters struct {
// The Amazon Resource Name (ARN) of the SSO Instance.
// +kubebuilder:validation:Required
InstanceArn *string `json:"instanceArn" tf:"instance_arn,omitempty"`
// The Amazon Resource Name (ARN) of the Permission Set that the admin wants to grant the principal access to.
// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/ssoadmin/v1beta1.PermissionSet
// +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor()
// +kubebuilder:validation:Optional
PermissionSetArn *string `json:"permissionSetArn,omitempty" tf:"permission_set_arn,omitempty"`
// Reference to a PermissionSet in ssoadmin to populate permissionSetArn.
// +kubebuilder:validation:Optional
PermissionSetArnRef *v1.Reference `json:"permissionSetArnRef,omitempty" tf:"-"`
// Selector for a PermissionSet in ssoadmin to populate permissionSetArn.
// +kubebuilder:validation:Optional
PermissionSetArnSelector *v1.Selector `json:"permissionSetArnSelector,omitempty" tf:"-"`
// An identifier for an object in SSO, such as a user or group. PrincipalIds are GUIDs (For example, f81d4fae-7dec-11d0-a765-00a0c91e6bf6). This can be set to the crossplane external-name of either a Group or User in the identitystore api group, but the Ref and Selector fields will only work with a Group.
// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/identitystore/v1beta1.Group
// +crossplane:generate:reference:refFieldName=PrincipalIDFromGroupRef
// +crossplane:generate:reference:selectorFieldName=PrincipalIDFromGroupSelector
// +kubebuilder:validation:Optional
PrincipalID *string `json:"principalId,omitempty" tf:"principal_id,omitempty"`
// Reference to a Group in identitystore to populate principalId.
// +kubebuilder:validation:Optional
PrincipalIDFromGroupRef *v1.Reference `json:"principalIdFromGroupRef,omitempty" tf:"-"`
// Selector for a Group in identitystore to populate principalId.
// +kubebuilder:validation:Optional
PrincipalIDFromGroupSelector *v1.Selector `json:"principalIdFromGroupSelector,omitempty" tf:"-"`
// The entity type for which the assignment will be created. Valid values: USER, GROUP.
// +kubebuilder:validation:Required
PrincipalType *string `json:"principalType" tf:"principal_type,omitempty"`
// Region is the region you'd like your resource to be created in.
// +upjet:crd:field:TFTag=-
// +kubebuilder:validation:Required
Region *string `json:"region" tf:"-"`
// An AWS account identifier, typically a 10-12 digit string.
// +kubebuilder:validation:Required
TargetID *string `json:"targetId" tf:"target_id,omitempty"`
// The entity type for which the assignment will be created. Valid values: AWS_ACCOUNT.
// +kubebuilder:validation:Optional
TargetType *string `json:"targetType,omitempty" tf:"target_type,omitempty"`
}
// AccountAssignmentSpec defines the desired state of AccountAssignment
type AccountAssignmentSpec struct {
v1.ResourceSpec `json:",inline"`
ForProvider AccountAssignmentParameters `json:"forProvider"`
// THIS IS A BETA FIELD. It will be honored
// unless the Management Policies feature flag is disabled.
// InitProvider holds the same fields as ForProvider, with the exception
// of Identifier and other resource reference fields. The fields that are
// in InitProvider are merged into ForProvider when the resource is created.
// The same fields are also added to the terraform ignore_changes hook, to
// avoid updating them after creation. This is useful for fields that are
// required on creation, but we do not desire to update them after creation,
// for example because of an external controller is managing them, like an
// autoscaler.
InitProvider AccountAssignmentInitParameters `json:"initProvider,omitempty"`
}
// AccountAssignmentStatus defines the observed state of AccountAssignment.
type AccountAssignmentStatus struct {
v1.ResourceStatus `json:",inline"`
AtProvider AccountAssignmentObservation `json:"atProvider,omitempty"`
}
// +kubebuilder:object:root=true
// +kubebuilder:subresource:status
// +kubebuilder:storageversion
// AccountAssignment is the Schema for the AccountAssignments API. Manages a Single Sign-On (SSO) Account Assignment
// +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status"
// +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status"
// +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name"
// +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp"
// +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}
type AccountAssignment struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec AccountAssignmentSpec `json:"spec"`
Status AccountAssignmentStatus `json:"status,omitempty"`
}
// +kubebuilder:object:root=true
// AccountAssignmentList contains a list of AccountAssignments
type AccountAssignmentList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []AccountAssignment `json:"items"`
}
// Repository type metadata.
var (
AccountAssignment_Kind = "AccountAssignment"
AccountAssignment_GroupKind = schema.GroupKind{Group: CRDGroup, Kind: AccountAssignment_Kind}.String()
AccountAssignment_KindAPIVersion = AccountAssignment_Kind + "." + CRDGroupVersion.String()
AccountAssignment_GroupVersionKind = CRDGroupVersion.WithKind(AccountAssignment_Kind)
)
func init() {
SchemeBuilder.Register(&AccountAssignment{}, &AccountAssignmentList{})
}