-
Notifications
You must be signed in to change notification settings - Fork 112
/
zz_proxy_types.go
executable file
·335 lines (255 loc) · 20.1 KB
/
zz_proxy_types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
// SPDX-FileCopyrightText: 2024 The Crossplane Authors <https://crossplane.io>
//
// SPDX-License-Identifier: Apache-2.0
// Code generated by upjet. DO NOT EDIT.
package v1beta1
import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime/schema"
v1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
)
type AuthInitParameters struct {
// The type of authentication that the proxy uses for connections from the proxy to the underlying database. One of SECRETS.
AuthScheme *string `json:"authScheme,omitempty" tf:"auth_scheme,omitempty"`
// The type of authentication the proxy uses for connections from clients. Valid values are MYSQL_NATIVE_PASSWORD, POSTGRES_SCRAM_SHA_256, POSTGRES_MD5, and SQL_SERVER_AUTHENTICATION.
ClientPasswordAuthType *string `json:"clientPasswordAuthType,omitempty" tf:"client_password_auth_type,omitempty"`
// A user-specified description about the authentication used by a proxy to log in as a specific database user.
Description *string `json:"description,omitempty" tf:"description,omitempty"`
// Whether to require or disallow AWS Identity and Access Management (IAM) authentication for connections to the proxy. One of DISABLED, REQUIRED.
IAMAuth *string `json:"iamAuth,omitempty" tf:"iam_auth,omitempty"`
// The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.
// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/secretsmanager/v1beta1.Secret
// +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("arn",true)
SecretArn *string `json:"secretArn,omitempty" tf:"secret_arn,omitempty"`
// Reference to a Secret in secretsmanager to populate secretArn.
// +kubebuilder:validation:Optional
SecretArnRef *v1.Reference `json:"secretArnRef,omitempty" tf:"-"`
// Selector for a Secret in secretsmanager to populate secretArn.
// +kubebuilder:validation:Optional
SecretArnSelector *v1.Selector `json:"secretArnSelector,omitempty" tf:"-"`
// The name of the database user to which the proxy connects.
Username *string `json:"username,omitempty" tf:"username,omitempty"`
}
type AuthObservation struct {
// The type of authentication that the proxy uses for connections from the proxy to the underlying database. One of SECRETS.
AuthScheme *string `json:"authScheme,omitempty" tf:"auth_scheme,omitempty"`
// The type of authentication the proxy uses for connections from clients. Valid values are MYSQL_NATIVE_PASSWORD, POSTGRES_SCRAM_SHA_256, POSTGRES_MD5, and SQL_SERVER_AUTHENTICATION.
ClientPasswordAuthType *string `json:"clientPasswordAuthType,omitempty" tf:"client_password_auth_type,omitempty"`
// A user-specified description about the authentication used by a proxy to log in as a specific database user.
Description *string `json:"description,omitempty" tf:"description,omitempty"`
// Whether to require or disallow AWS Identity and Access Management (IAM) authentication for connections to the proxy. One of DISABLED, REQUIRED.
IAMAuth *string `json:"iamAuth,omitempty" tf:"iam_auth,omitempty"`
// The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.
SecretArn *string `json:"secretArn,omitempty" tf:"secret_arn,omitempty"`
// The name of the database user to which the proxy connects.
Username *string `json:"username,omitempty" tf:"username,omitempty"`
}
type AuthParameters struct {
// The type of authentication that the proxy uses for connections from the proxy to the underlying database. One of SECRETS.
// +kubebuilder:validation:Optional
AuthScheme *string `json:"authScheme,omitempty" tf:"auth_scheme,omitempty"`
// The type of authentication the proxy uses for connections from clients. Valid values are MYSQL_NATIVE_PASSWORD, POSTGRES_SCRAM_SHA_256, POSTGRES_MD5, and SQL_SERVER_AUTHENTICATION.
// +kubebuilder:validation:Optional
ClientPasswordAuthType *string `json:"clientPasswordAuthType,omitempty" tf:"client_password_auth_type,omitempty"`
// A user-specified description about the authentication used by a proxy to log in as a specific database user.
// +kubebuilder:validation:Optional
Description *string `json:"description,omitempty" tf:"description,omitempty"`
// Whether to require or disallow AWS Identity and Access Management (IAM) authentication for connections to the proxy. One of DISABLED, REQUIRED.
// +kubebuilder:validation:Optional
IAMAuth *string `json:"iamAuth,omitempty" tf:"iam_auth,omitempty"`
// The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager.
// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/secretsmanager/v1beta1.Secret
// +crossplane:generate:reference:extractor=github.com/crossplane/upjet/pkg/resource.ExtractParamPath("arn",true)
// +kubebuilder:validation:Optional
SecretArn *string `json:"secretArn,omitempty" tf:"secret_arn,omitempty"`
// Reference to a Secret in secretsmanager to populate secretArn.
// +kubebuilder:validation:Optional
SecretArnRef *v1.Reference `json:"secretArnRef,omitempty" tf:"-"`
// Selector for a Secret in secretsmanager to populate secretArn.
// +kubebuilder:validation:Optional
SecretArnSelector *v1.Selector `json:"secretArnSelector,omitempty" tf:"-"`
// The name of the database user to which the proxy connects.
// +kubebuilder:validation:Optional
Username *string `json:"username,omitempty" tf:"username,omitempty"`
}
type ProxyInitParameters struct {
// Configuration block(s) with authorization mechanisms to connect to the associated instances or clusters. Described below.
Auth []AuthInitParameters `json:"auth,omitempty" tf:"auth,omitempty"`
// Whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.
DebugLogging *bool `json:"debugLogging,omitempty" tf:"debug_logging,omitempty"`
// The kinds of databases that the proxy can connect to. This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify MYSQL. For Aurora PostgreSQL and RDS for PostgreSQL databases, specify POSTGRESQL. For RDS for Microsoft SQL Server, specify SQLSERVER. Valid values are MYSQL, POSTGRESQL, and SQLSERVER.
EngineFamily *string `json:"engineFamily,omitempty" tf:"engine_family,omitempty"`
// The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.
IdleClientTimeout *float64 `json:"idleClientTimeout,omitempty" tf:"idle_client_timeout,omitempty"`
// A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.
RequireTLS *bool `json:"requireTls,omitempty" tf:"require_tls,omitempty"`
// The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.
// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Role
// +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor()
RoleArn *string `json:"roleArn,omitempty" tf:"role_arn,omitempty"`
// Reference to a Role in iam to populate roleArn.
// +kubebuilder:validation:Optional
RoleArnRef *v1.Reference `json:"roleArnRef,omitempty" tf:"-"`
// Selector for a Role in iam to populate roleArn.
// +kubebuilder:validation:Optional
RoleArnSelector *v1.Selector `json:"roleArnSelector,omitempty" tf:"-"`
// Key-value map of resource tags.
// +mapType=granular
Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`
// References to SecurityGroup in ec2 to populate vpcSecurityGroupIds.
// +kubebuilder:validation:Optional
VPCSecurityGroupIDRefs []v1.Reference `json:"vpcSecurityGroupIdRefs,omitempty" tf:"-"`
// Selector for a list of SecurityGroup in ec2 to populate vpcSecurityGroupIds.
// +kubebuilder:validation:Optional
VPCSecurityGroupIDSelector *v1.Selector `json:"vpcSecurityGroupIdSelector,omitempty" tf:"-"`
// One or more VPC security group IDs to associate with the new proxy.
// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/ec2/v1beta1.SecurityGroup
// +crossplane:generate:reference:refFieldName=VPCSecurityGroupIDRefs
// +crossplane:generate:reference:selectorFieldName=VPCSecurityGroupIDSelector
// +listType=set
VPCSecurityGroupIds []*string `json:"vpcSecurityGroupIds,omitempty" tf:"vpc_security_group_ids,omitempty"`
// One or more VPC subnet IDs to associate with the new proxy.
// +listType=set
VPCSubnetIds []*string `json:"vpcSubnetIds,omitempty" tf:"vpc_subnet_ids,omitempty"`
}
type ProxyObservation struct {
// The Amazon Resource Name (ARN) for the proxy.
Arn *string `json:"arn,omitempty" tf:"arn,omitempty"`
// Configuration block(s) with authorization mechanisms to connect to the associated instances or clusters. Described below.
Auth []AuthObservation `json:"auth,omitempty" tf:"auth,omitempty"`
// Whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.
DebugLogging *bool `json:"debugLogging,omitempty" tf:"debug_logging,omitempty"`
// The endpoint that you can use to connect to the proxy. You include the endpoint value in the connection string for a database client application.
Endpoint *string `json:"endpoint,omitempty" tf:"endpoint,omitempty"`
// The kinds of databases that the proxy can connect to. This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify MYSQL. For Aurora PostgreSQL and RDS for PostgreSQL databases, specify POSTGRESQL. For RDS for Microsoft SQL Server, specify SQLSERVER. Valid values are MYSQL, POSTGRESQL, and SQLSERVER.
EngineFamily *string `json:"engineFamily,omitempty" tf:"engine_family,omitempty"`
// The Amazon Resource Name (ARN) for the proxy.
ID *string `json:"id,omitempty" tf:"id,omitempty"`
// The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.
IdleClientTimeout *float64 `json:"idleClientTimeout,omitempty" tf:"idle_client_timeout,omitempty"`
// A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.
RequireTLS *bool `json:"requireTls,omitempty" tf:"require_tls,omitempty"`
// The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.
RoleArn *string `json:"roleArn,omitempty" tf:"role_arn,omitempty"`
// Key-value map of resource tags.
// +mapType=granular
Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`
// A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
// +mapType=granular
TagsAll map[string]*string `json:"tagsAll,omitempty" tf:"tags_all,omitempty"`
// One or more VPC security group IDs to associate with the new proxy.
// +listType=set
VPCSecurityGroupIds []*string `json:"vpcSecurityGroupIds,omitempty" tf:"vpc_security_group_ids,omitempty"`
// One or more VPC subnet IDs to associate with the new proxy.
// +listType=set
VPCSubnetIds []*string `json:"vpcSubnetIds,omitempty" tf:"vpc_subnet_ids,omitempty"`
}
type ProxyParameters struct {
// Configuration block(s) with authorization mechanisms to connect to the associated instances or clusters. Described below.
// +kubebuilder:validation:Optional
Auth []AuthParameters `json:"auth,omitempty" tf:"auth,omitempty"`
// Whether the proxy includes detailed information about SQL statements in its logs. This information helps you to debug issues involving SQL behavior or the performance and scalability of the proxy connections. The debug information includes the text of SQL statements that you submit through the proxy. Thus, only enable this setting when needed for debugging, and only when you have security measures in place to safeguard any sensitive information that appears in the logs.
// +kubebuilder:validation:Optional
DebugLogging *bool `json:"debugLogging,omitempty" tf:"debug_logging,omitempty"`
// The kinds of databases that the proxy can connect to. This value determines which database network protocol the proxy recognizes when it interprets network traffic to and from the database. For Aurora MySQL, RDS for MariaDB, and RDS for MySQL databases, specify MYSQL. For Aurora PostgreSQL and RDS for PostgreSQL databases, specify POSTGRESQL. For RDS for Microsoft SQL Server, specify SQLSERVER. Valid values are MYSQL, POSTGRESQL, and SQLSERVER.
// +kubebuilder:validation:Optional
EngineFamily *string `json:"engineFamily,omitempty" tf:"engine_family,omitempty"`
// The number of seconds that a connection to the proxy can be inactive before the proxy disconnects it. You can set this value higher or lower than the connection timeout limit for the associated database.
// +kubebuilder:validation:Optional
IdleClientTimeout *float64 `json:"idleClientTimeout,omitempty" tf:"idle_client_timeout,omitempty"`
// Region is the region you'd like your resource to be created in.
// +upjet:crd:field:TFTag=-
// +kubebuilder:validation:Required
Region *string `json:"region" tf:"-"`
// A Boolean parameter that specifies whether Transport Layer Security (TLS) encryption is required for connections to the proxy. By enabling this setting, you can enforce encrypted TLS connections to the proxy.
// +kubebuilder:validation:Optional
RequireTLS *bool `json:"requireTls,omitempty" tf:"require_tls,omitempty"`
// The Amazon Resource Name (ARN) of the IAM role that the proxy uses to access secrets in AWS Secrets Manager.
// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Role
// +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor()
// +kubebuilder:validation:Optional
RoleArn *string `json:"roleArn,omitempty" tf:"role_arn,omitempty"`
// Reference to a Role in iam to populate roleArn.
// +kubebuilder:validation:Optional
RoleArnRef *v1.Reference `json:"roleArnRef,omitempty" tf:"-"`
// Selector for a Role in iam to populate roleArn.
// +kubebuilder:validation:Optional
RoleArnSelector *v1.Selector `json:"roleArnSelector,omitempty" tf:"-"`
// Key-value map of resource tags.
// +kubebuilder:validation:Optional
// +mapType=granular
Tags map[string]*string `json:"tags,omitempty" tf:"tags,omitempty"`
// References to SecurityGroup in ec2 to populate vpcSecurityGroupIds.
// +kubebuilder:validation:Optional
VPCSecurityGroupIDRefs []v1.Reference `json:"vpcSecurityGroupIdRefs,omitempty" tf:"-"`
// Selector for a list of SecurityGroup in ec2 to populate vpcSecurityGroupIds.
// +kubebuilder:validation:Optional
VPCSecurityGroupIDSelector *v1.Selector `json:"vpcSecurityGroupIdSelector,omitempty" tf:"-"`
// One or more VPC security group IDs to associate with the new proxy.
// +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/ec2/v1beta1.SecurityGroup
// +crossplane:generate:reference:refFieldName=VPCSecurityGroupIDRefs
// +crossplane:generate:reference:selectorFieldName=VPCSecurityGroupIDSelector
// +kubebuilder:validation:Optional
// +listType=set
VPCSecurityGroupIds []*string `json:"vpcSecurityGroupIds,omitempty" tf:"vpc_security_group_ids,omitempty"`
// One or more VPC subnet IDs to associate with the new proxy.
// +kubebuilder:validation:Optional
// +listType=set
VPCSubnetIds []*string `json:"vpcSubnetIds,omitempty" tf:"vpc_subnet_ids,omitempty"`
}
// ProxySpec defines the desired state of Proxy
type ProxySpec struct {
v1.ResourceSpec `json:",inline"`
ForProvider ProxyParameters `json:"forProvider"`
// THIS IS A BETA FIELD. It will be honored
// unless the Management Policies feature flag is disabled.
// InitProvider holds the same fields as ForProvider, with the exception
// of Identifier and other resource reference fields. The fields that are
// in InitProvider are merged into ForProvider when the resource is created.
// The same fields are also added to the terraform ignore_changes hook, to
// avoid updating them after creation. This is useful for fields that are
// required on creation, but we do not desire to update them after creation,
// for example because of an external controller is managing them, like an
// autoscaler.
InitProvider ProxyInitParameters `json:"initProvider,omitempty"`
}
// ProxyStatus defines the observed state of Proxy.
type ProxyStatus struct {
v1.ResourceStatus `json:",inline"`
AtProvider ProxyObservation `json:"atProvider,omitempty"`
}
// +kubebuilder:object:root=true
// +kubebuilder:subresource:status
// +kubebuilder:storageversion
// Proxy is the Schema for the Proxys API. Provides an RDS DB proxy resource.
// +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status"
// +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status"
// +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name"
// +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp"
// +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws}
type Proxy struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.auth) || (has(self.initProvider) && has(self.initProvider.auth))",message="spec.forProvider.auth is a required parameter"
// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.engineFamily) || (has(self.initProvider) && has(self.initProvider.engineFamily))",message="spec.forProvider.engineFamily is a required parameter"
// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.vpcSubnetIds) || (has(self.initProvider) && has(self.initProvider.vpcSubnetIds))",message="spec.forProvider.vpcSubnetIds is a required parameter"
Spec ProxySpec `json:"spec"`
Status ProxyStatus `json:"status,omitempty"`
}
// +kubebuilder:object:root=true
// ProxyList contains a list of Proxys
type ProxyList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []Proxy `json:"items"`
}
// Repository type metadata.
var (
Proxy_Kind = "Proxy"
Proxy_GroupKind = schema.GroupKind{Group: CRDGroup, Kind: Proxy_Kind}.String()
Proxy_KindAPIVersion = Proxy_Kind + "." + CRDGroupVersion.String()
Proxy_GroupVersionKind = CRDGroupVersion.WithKind(Proxy_Kind)
)
func init() {
SchemeBuilder.Register(&Proxy{}, &ProxyList{})
}