-
Notifications
You must be signed in to change notification settings - Fork 113
/
zz_detector_types.go
executable file
·325 lines (245 loc) · 13.7 KB
/
zz_detector_types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
// SPDX-FileCopyrightText: 2024 The Crossplane Authors <https://crossplane.io>
//
// SPDX-License-Identifier: Apache-2.0
// Code generated by upjet. DO NOT EDIT.
package v1beta1
import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime/schema"
v1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
)
type AuditLogsInitParameters struct {
// If true, enables Malware Protection as data source for the detector.
// Defaults to true.
Enable *bool `json:"enable,omitempty" tf:"enable,omitempty"`
}
type AuditLogsObservation struct {
// If true, enables Malware Protection as data source for the detector.
// Defaults to true.
Enable *bool `json:"enable,omitempty" tf:"enable,omitempty"`
}
type AuditLogsParameters struct {
// If true, enables Malware Protection as data source for the detector.
// Defaults to true.
// +kubebuilder:validation:Optional
Enable *bool `json:"enable" tf:"enable,omitempty"`
}
type DatasourcesInitParameters struct {
// Configures Kubernetes protection.
// See Kubernetes and Kubernetes Audit Logs below for more details.
Kubernetes []KubernetesInitParameters `json:"kubernetes,omitempty" tf:"kubernetes,omitempty"`
// Configures Malware Protection.
// See Malware Protection, Scan EC2 instance with findings and EBS volumes below for more details.
MalwareProtection []MalwareProtectionInitParameters `json:"malwareProtection,omitempty" tf:"malware_protection,omitempty"`
// Configures S3 protection.
// See S3 Logs below for more details.
S3Logs []S3LogsInitParameters `json:"s3Logs,omitempty" tf:"s3_logs,omitempty"`
}
type DatasourcesObservation struct {
// Configures Kubernetes protection.
// See Kubernetes and Kubernetes Audit Logs below for more details.
Kubernetes []KubernetesObservation `json:"kubernetes,omitempty" tf:"kubernetes,omitempty"`
// Configures Malware Protection.
// See Malware Protection, Scan EC2 instance with findings and EBS volumes below for more details.
MalwareProtection []MalwareProtectionObservation `json:"malwareProtection,omitempty" tf:"malware_protection,omitempty"`
// Configures S3 protection.
// See S3 Logs below for more details.
S3Logs []S3LogsObservation `json:"s3Logs,omitempty" tf:"s3_logs,omitempty"`
}
type DatasourcesParameters struct {
// Configures Kubernetes protection.
// See Kubernetes and Kubernetes Audit Logs below for more details.
// +kubebuilder:validation:Optional
Kubernetes []KubernetesParameters `json:"kubernetes,omitempty" tf:"kubernetes,omitempty"`
// Configures Malware Protection.
// See Malware Protection, Scan EC2 instance with findings and EBS volumes below for more details.
// +kubebuilder:validation:Optional
MalwareProtection []MalwareProtectionParameters `json:"malwareProtection,omitempty" tf:"malware_protection,omitempty"`
// Configures S3 protection.
// See S3 Logs below for more details.
// +kubebuilder:validation:Optional
S3Logs []S3LogsParameters `json:"s3Logs,omitempty" tf:"s3_logs,omitempty"`
}
type DetectorInitParameters struct {
// Describes which data sources will be enabled for the detector. See Data Sources below for more details. Deprecated in favor of aws_guardduty_detector_feature resources.
Datasources []DatasourcesInitParameters `json:"datasources,omitempty" tf:"datasources,omitempty"`
// Enable monitoring and feedback reporting. Setting to false is equivalent to "suspending" GuardDuty. Defaults to true.
Enable *bool `json:"enable,omitempty" tf:"enable,omitempty"`
// Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty primary account and cannot be modified, otherwise defaults to SIX_HOURS. Valid values for standalone and primary accounts: FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS. See AWS Documentation for more information.
FindingPublishingFrequency *string `json:"findingPublishingFrequency,omitempty" tf:"finding_publishing_frequency,omitempty"`
// Key-value map of resource tags.
// +mapType=granular
Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`
}
type DetectorObservation struct {
// The AWS account ID of the GuardDuty detector
AccountID *string `json:"accountId,omitempty" tf:"account_id,omitempty"`
// Amazon Resource Name (ARN) of the GuardDuty detector
Arn *string `json:"arn,omitempty" tf:"arn,omitempty"`
// Describes which data sources will be enabled for the detector. See Data Sources below for more details. Deprecated in favor of aws_guardduty_detector_feature resources.
Datasources []DatasourcesObservation `json:"datasources,omitempty" tf:"datasources,omitempty"`
// Enable monitoring and feedback reporting. Setting to false is equivalent to "suspending" GuardDuty. Defaults to true.
Enable *bool `json:"enable,omitempty" tf:"enable,omitempty"`
// Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty primary account and cannot be modified, otherwise defaults to SIX_HOURS. Valid values for standalone and primary accounts: FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS. See AWS Documentation for more information.
FindingPublishingFrequency *string `json:"findingPublishingFrequency,omitempty" tf:"finding_publishing_frequency,omitempty"`
// The ID of the GuardDuty detector
ID *string `json:"id,omitempty" tf:"id,omitempty"`
// Key-value map of resource tags.
// +mapType=granular
Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`
// A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
// +mapType=granular
TagsAll map[string]*string `json:"tagsAll,omitempty" tf:"tags_all,omitempty"`
}
type DetectorParameters struct {
// Describes which data sources will be enabled for the detector. See Data Sources below for more details. Deprecated in favor of aws_guardduty_detector_feature resources.
// +kubebuilder:validation:Optional
Datasources []DatasourcesParameters `json:"datasources,omitempty" tf:"datasources,omitempty"`
// Enable monitoring and feedback reporting. Setting to false is equivalent to "suspending" GuardDuty. Defaults to true.
// +kubebuilder:validation:Optional
Enable *bool `json:"enable,omitempty" tf:"enable,omitempty"`
// Specifies the frequency of notifications sent for subsequent finding occurrences. If the detector is a GuardDuty member account, the value is determined by the GuardDuty primary account and cannot be modified, otherwise defaults to SIX_HOURS. Valid values for standalone and primary accounts: FIFTEEN_MINUTES, ONE_HOUR, SIX_HOURS. See AWS Documentation for more information.
// +kubebuilder:validation:Optional
FindingPublishingFrequency *string `json:"findingPublishingFrequency,omitempty" tf:"finding_publishing_frequency,omitempty"`
// Region is the region you'd like your resource to be created in.
// +upjet:crd:field:TFTag=-
// +kubebuilder:validation:Required
Region *string `json:"region" tf:"-"`
// Key-value map of resource tags.
// +kubebuilder:validation:Optional
// +mapType=granular
Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`
}
type EBSVolumesInitParameters struct {
// If true, enables Malware Protection as data source for the detector.
// Defaults to true.
Enable *bool `json:"enable,omitempty" tf:"enable,omitempty"`
}
type EBSVolumesObservation struct {
// If true, enables Malware Protection as data source for the detector.
// Defaults to true.
Enable *bool `json:"enable,omitempty" tf:"enable,omitempty"`
}
type EBSVolumesParameters struct {
// If true, enables Malware Protection as data source for the detector.
// Defaults to true.
// +kubebuilder:validation:Optional
Enable *bool `json:"enable" tf:"enable,omitempty"`
}
type KubernetesInitParameters struct {
// Configures Kubernetes audit logs as a data source for Kubernetes protection.
// See Kubernetes Audit Logs below for more details.
AuditLogs []AuditLogsInitParameters `json:"auditLogs,omitempty" tf:"audit_logs,omitempty"`
}
type KubernetesObservation struct {
// Configures Kubernetes audit logs as a data source for Kubernetes protection.
// See Kubernetes Audit Logs below for more details.
AuditLogs []AuditLogsObservation `json:"auditLogs,omitempty" tf:"audit_logs,omitempty"`
}
type KubernetesParameters struct {
// Configures Kubernetes audit logs as a data source for Kubernetes protection.
// See Kubernetes Audit Logs below for more details.
// +kubebuilder:validation:Optional
AuditLogs []AuditLogsParameters `json:"auditLogs" tf:"audit_logs,omitempty"`
}
type MalwareProtectionInitParameters struct {
// Configure whether Malware Protection is enabled as data source for EC2 instances with findings for the detector.
// See Scan EC2 instance with findings below for more details.
ScanEC2InstanceWithFindings []ScanEC2InstanceWithFindingsInitParameters `json:"scanEc2InstanceWithFindings,omitempty" tf:"scan_ec2_instance_with_findings,omitempty"`
}
type MalwareProtectionObservation struct {
// Configure whether Malware Protection is enabled as data source for EC2 instances with findings for the detector.
// See Scan EC2 instance with findings below for more details.
ScanEC2InstanceWithFindings []ScanEC2InstanceWithFindingsObservation `json:"scanEc2InstanceWithFindings,omitempty" tf:"scan_ec2_instance_with_findings,omitempty"`
}
type MalwareProtectionParameters struct {
// Configure whether Malware Protection is enabled as data source for EC2 instances with findings for the detector.
// See Scan EC2 instance with findings below for more details.
// +kubebuilder:validation:Optional
ScanEC2InstanceWithFindings []ScanEC2InstanceWithFindingsParameters `json:"scanEc2InstanceWithFindings" tf:"scan_ec2_instance_with_findings,omitempty"`
}
type S3LogsInitParameters struct {
// If true, enables S3 protection.
// Defaults to true.
Enable *bool `json:"enable,omitempty" tf:"enable,omitempty"`
}
type S3LogsObservation struct {
// If true, enables S3 protection.
// Defaults to true.
Enable *bool `json:"enable,omitempty" tf:"enable,omitempty"`
}
type S3LogsParameters struct {
// If true, enables S3 protection.
// Defaults to true.
// +kubebuilder:validation:Optional
Enable *bool `json:"enable" tf:"enable,omitempty"`
}
type ScanEC2InstanceWithFindingsInitParameters struct {
// Configure whether scanning EBS volumes is enabled as data source for the detector for instances with findings.
// See EBS volumes below for more details.
EBSVolumes []EBSVolumesInitParameters `json:"ebsVolumes,omitempty" tf:"ebs_volumes,omitempty"`
}
type ScanEC2InstanceWithFindingsObservation struct {
// Configure whether scanning EBS volumes is enabled as data source for the detector for instances with findings.
// See EBS volumes below for more details.
EBSVolumes []EBSVolumesObservation `json:"ebsVolumes,omitempty" tf:"ebs_volumes,omitempty"`
}
type ScanEC2InstanceWithFindingsParameters struct {
// Configure whether scanning EBS volumes is enabled as data source for the detector for instances with findings.
// See EBS volumes below for more details.
// +kubebuilder:validation:Optional
EBSVolumes []EBSVolumesParameters `json:"ebsVolumes" tf:"ebs_volumes,omitempty"`
}
// DetectorSpec defines the desired state of Detector
type DetectorSpec struct {
v1.ResourceSpec `json:",inline"`
ForProvider DetectorParameters `json:"forProvider"`
// THIS IS A BETA FIELD. It will be honored
// unless the Management Policies feature flag is disabled.
// InitProvider holds the same fields as ForProvider, with the exception
// of Identifier and other resource reference fields. The fields that are
// in InitProvider are merged into ForProvider when the resource is created.
// The same fields are also added to the terraform ignore_changes hook, to
// avoid updating them after creation. This is useful for fields that are
// required on creation, but we do not desire to update them after creation,
// for example because of an external controller is managing them, like an
// autoscaler.
InitProvider DetectorInitParameters `json:"initProvider,omitempty"`
}
// DetectorStatus defines the observed state of Detector.
type DetectorStatus struct {
v1.ResourceStatus `json:",inline"`
AtProvider DetectorObservation `json:"atProvider,omitempty"`
}
// +kubebuilder:object:root=true
// +kubebuilder:subresource:status
// +kubebuilder:storageversion
// Detector is the Schema for the Detectors API. Provides a resource to manage an Amazon GuardDuty detector
// +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status"
// +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status"
// +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name"
// +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp"
// +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}
type Detector struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
Spec DetectorSpec `json:"spec"`
Status DetectorStatus `json:"status,omitempty"`
}
// +kubebuilder:object:root=true
// DetectorList contains a list of Detectors
type DetectorList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []Detector `json:"items"`
}
// Repository type metadata.
var (
Detector_Kind = "Detector"
Detector_GroupKind = schema.GroupKind{Group: CRDGroup, Kind: Detector_Kind}.String()
Detector_KindAPIVersion = Detector_Kind + "." + CRDGroupVersion.String()
Detector_GroupVersionKind = CRDGroupVersion.WithKind(Detector_Kind)
)
func init() {
SchemeBuilder.Register(&Detector{}, &DetectorList{})
}