-
Notifications
You must be signed in to change notification settings - Fork 64
/
zz_accesslevel_types.go
executable file
·644 lines (508 loc) · 30 KB
/
zz_accesslevel_types.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
// SPDX-FileCopyrightText: 2024 The Crossplane Authors <https://crossplane.io>
//
// SPDX-License-Identifier: Apache-2.0
// Code generated by upjet. DO NOT EDIT.
package v1beta1
import (
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime/schema"
v1 "github.com/crossplane/crossplane-runtime/apis/common/v1"
)
type AccessLevelInitParameters struct {
// A set of predefined conditions for the access level and a combining function.
// Structure is documented below.
Basic []BasicInitParameters `json:"basic,omitempty" tf:"basic,omitempty"`
// Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request.
// See CEL spec at: https://github.com/google/cel-spec.
// Structure is documented below.
Custom []CustomInitParameters `json:"custom,omitempty" tf:"custom,omitempty"`
// Description of the AccessLevel and its use. Does not affect behavior.
Description *string `json:"description,omitempty" tf:"description,omitempty"`
// Resource name for the Access Level. The short_name component must begin
// with a letter and only include alphanumeric and '_'.
// Format: accessPolicies/{policy_id}/accessLevels/{short_name}
Name *string `json:"name,omitempty" tf:"name,omitempty"`
// The AccessPolicy this AccessLevel lives in.
// Format: accessPolicies/{policy_id}
Parent *string `json:"parent,omitempty" tf:"parent,omitempty"`
// Human readable title. Must be unique within the Policy.
Title *string `json:"title,omitempty" tf:"title,omitempty"`
}
type AccessLevelObservation struct {
// A set of predefined conditions for the access level and a combining function.
// Structure is documented below.
Basic []BasicObservation `json:"basic,omitempty" tf:"basic,omitempty"`
// Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request.
// See CEL spec at: https://github.com/google/cel-spec.
// Structure is documented below.
Custom []CustomObservation `json:"custom,omitempty" tf:"custom,omitempty"`
// Description of the AccessLevel and its use. Does not affect behavior.
Description *string `json:"description,omitempty" tf:"description,omitempty"`
// an identifier for the resource with format {{name}}
ID *string `json:"id,omitempty" tf:"id,omitempty"`
// Resource name for the Access Level. The short_name component must begin
// with a letter and only include alphanumeric and '_'.
// Format: accessPolicies/{policy_id}/accessLevels/{short_name}
Name *string `json:"name,omitempty" tf:"name,omitempty"`
// The AccessPolicy this AccessLevel lives in.
// Format: accessPolicies/{policy_id}
Parent *string `json:"parent,omitempty" tf:"parent,omitempty"`
// Human readable title. Must be unique within the Policy.
Title *string `json:"title,omitempty" tf:"title,omitempty"`
}
type AccessLevelParameters struct {
// A set of predefined conditions for the access level and a combining function.
// Structure is documented below.
// +kubebuilder:validation:Optional
Basic []BasicParameters `json:"basic,omitempty" tf:"basic,omitempty"`
// Custom access level conditions are set using the Cloud Common Expression Language to represent the necessary conditions for the level to apply to a request.
// See CEL spec at: https://github.com/google/cel-spec.
// Structure is documented below.
// +kubebuilder:validation:Optional
Custom []CustomParameters `json:"custom,omitempty" tf:"custom,omitempty"`
// Description of the AccessLevel and its use. Does not affect behavior.
// +kubebuilder:validation:Optional
Description *string `json:"description,omitempty" tf:"description,omitempty"`
// Resource name for the Access Level. The short_name component must begin
// with a letter and only include alphanumeric and '_'.
// Format: accessPolicies/{policy_id}/accessLevels/{short_name}
// +kubebuilder:validation:Optional
Name *string `json:"name,omitempty" tf:"name,omitempty"`
// The AccessPolicy this AccessLevel lives in.
// Format: accessPolicies/{policy_id}
// +kubebuilder:validation:Optional
Parent *string `json:"parent,omitempty" tf:"parent,omitempty"`
// Human readable title. Must be unique within the Policy.
// +kubebuilder:validation:Optional
Title *string `json:"title,omitempty" tf:"title,omitempty"`
}
type BasicInitParameters struct {
// How the conditions list should be combined to determine if a request
// is granted this AccessLevel. If AND is used, each Condition in
// conditions must be satisfied for the AccessLevel to be applied. If
// OR is used, at least one Condition in conditions must be satisfied
// for the AccessLevel to be applied.
// Default value is AND.
// Possible values are: AND, OR.
CombiningFunction *string `json:"combiningFunction,omitempty" tf:"combining_function,omitempty"`
// A set of requirements for the AccessLevel to be granted.
// Structure is documented below.
Conditions []ConditionsInitParameters `json:"conditions,omitempty" tf:"conditions,omitempty"`
}
type BasicObservation struct {
// How the conditions list should be combined to determine if a request
// is granted this AccessLevel. If AND is used, each Condition in
// conditions must be satisfied for the AccessLevel to be applied. If
// OR is used, at least one Condition in conditions must be satisfied
// for the AccessLevel to be applied.
// Default value is AND.
// Possible values are: AND, OR.
CombiningFunction *string `json:"combiningFunction,omitempty" tf:"combining_function,omitempty"`
// A set of requirements for the AccessLevel to be granted.
// Structure is documented below.
Conditions []ConditionsObservation `json:"conditions,omitempty" tf:"conditions,omitempty"`
}
type BasicParameters struct {
// How the conditions list should be combined to determine if a request
// is granted this AccessLevel. If AND is used, each Condition in
// conditions must be satisfied for the AccessLevel to be applied. If
// OR is used, at least one Condition in conditions must be satisfied
// for the AccessLevel to be applied.
// Default value is AND.
// Possible values are: AND, OR.
// +kubebuilder:validation:Optional
CombiningFunction *string `json:"combiningFunction,omitempty" tf:"combining_function,omitempty"`
// A set of requirements for the AccessLevel to be granted.
// Structure is documented below.
// +kubebuilder:validation:Optional
Conditions []ConditionsParameters `json:"conditions" tf:"conditions,omitempty"`
}
type ConditionsInitParameters struct {
// Device specific restrictions, all restrictions must hold for
// the Condition to be true. If not specified, all devices are
// allowed.
// Structure is documented below.
DevicePolicy []DevicePolicyInitParameters `json:"devicePolicy,omitempty" tf:"device_policy,omitempty"`
// A list of CIDR block IP subnetwork specification. May be IPv4
// or IPv6.
// Note that for a CIDR IP address block, the specified IP address
// portion must be properly truncated (i.e. all the host bits must
// be zero) or the input is considered malformed. For example,
// "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly,
// for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32"
// is not. The originating IP of a request must be in one of the
// listed subnets in order for this Condition to be true.
// If empty, all IP addresses are allowed.
IPSubnetworks []*string `json:"ipSubnetworks,omitempty" tf:"ip_subnetworks,omitempty"`
// An allowed list of members (users, service accounts).
// Using groups is not supported yet.
// The signed-in user originating the request must be a part of one
// of the provided members. If not specified, a request may come
// from any user (logged in/not logged in, not present in any
// groups, etc.).
// Formats: user:{emailid}, serviceAccount:{emailid}
Members []*string `json:"members,omitempty" tf:"members,omitempty"`
// Whether to negate the Condition. If true, the Condition becomes
// a NAND over its non-empty fields, each field must be false for
// the Condition overall to be satisfied. Defaults to false.
Negate *bool `json:"negate,omitempty" tf:"negate,omitempty"`
// The request must originate from one of the provided
// countries/regions.
// Format: A valid ISO 3166-1 alpha-2 code.
Regions []*string `json:"regions,omitempty" tf:"regions,omitempty"`
// A list of other access levels defined in the same Policy,
// referenced by resource name. Referencing an AccessLevel which
// does not exist is an error. All access levels listed must be
// granted for the Condition to be true.
// Format: accessPolicies/{policy_id}/accessLevels/{short_name}
RequiredAccessLevels []*string `json:"requiredAccessLevels,omitempty" tf:"required_access_levels,omitempty"`
// The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with ip_subnetworks.
// Structure is documented below.
VPCNetworkSources []VPCNetworkSourcesInitParameters `json:"vpcNetworkSources,omitempty" tf:"vpc_network_sources,omitempty"`
}
type ConditionsObservation struct {
// Device specific restrictions, all restrictions must hold for
// the Condition to be true. If not specified, all devices are
// allowed.
// Structure is documented below.
DevicePolicy []DevicePolicyObservation `json:"devicePolicy,omitempty" tf:"device_policy,omitempty"`
// A list of CIDR block IP subnetwork specification. May be IPv4
// or IPv6.
// Note that for a CIDR IP address block, the specified IP address
// portion must be properly truncated (i.e. all the host bits must
// be zero) or the input is considered malformed. For example,
// "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly,
// for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32"
// is not. The originating IP of a request must be in one of the
// listed subnets in order for this Condition to be true.
// If empty, all IP addresses are allowed.
IPSubnetworks []*string `json:"ipSubnetworks,omitempty" tf:"ip_subnetworks,omitempty"`
// An allowed list of members (users, service accounts).
// Using groups is not supported yet.
// The signed-in user originating the request must be a part of one
// of the provided members. If not specified, a request may come
// from any user (logged in/not logged in, not present in any
// groups, etc.).
// Formats: user:{emailid}, serviceAccount:{emailid}
Members []*string `json:"members,omitempty" tf:"members,omitempty"`
// Whether to negate the Condition. If true, the Condition becomes
// a NAND over its non-empty fields, each field must be false for
// the Condition overall to be satisfied. Defaults to false.
Negate *bool `json:"negate,omitempty" tf:"negate,omitempty"`
// The request must originate from one of the provided
// countries/regions.
// Format: A valid ISO 3166-1 alpha-2 code.
Regions []*string `json:"regions,omitempty" tf:"regions,omitempty"`
// A list of other access levels defined in the same Policy,
// referenced by resource name. Referencing an AccessLevel which
// does not exist is an error. All access levels listed must be
// granted for the Condition to be true.
// Format: accessPolicies/{policy_id}/accessLevels/{short_name}
RequiredAccessLevels []*string `json:"requiredAccessLevels,omitempty" tf:"required_access_levels,omitempty"`
// The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with ip_subnetworks.
// Structure is documented below.
VPCNetworkSources []VPCNetworkSourcesObservation `json:"vpcNetworkSources,omitempty" tf:"vpc_network_sources,omitempty"`
}
type ConditionsParameters struct {
// Device specific restrictions, all restrictions must hold for
// the Condition to be true. If not specified, all devices are
// allowed.
// Structure is documented below.
// +kubebuilder:validation:Optional
DevicePolicy []DevicePolicyParameters `json:"devicePolicy,omitempty" tf:"device_policy,omitempty"`
// A list of CIDR block IP subnetwork specification. May be IPv4
// or IPv6.
// Note that for a CIDR IP address block, the specified IP address
// portion must be properly truncated (i.e. all the host bits must
// be zero) or the input is considered malformed. For example,
// "192.0.2.0/24" is accepted but "192.0.2.1/24" is not. Similarly,
// for IPv6, "2001:db8::/32" is accepted whereas "2001:db8::1/32"
// is not. The originating IP of a request must be in one of the
// listed subnets in order for this Condition to be true.
// If empty, all IP addresses are allowed.
// +kubebuilder:validation:Optional
IPSubnetworks []*string `json:"ipSubnetworks,omitempty" tf:"ip_subnetworks,omitempty"`
// An allowed list of members (users, service accounts).
// Using groups is not supported yet.
// The signed-in user originating the request must be a part of one
// of the provided members. If not specified, a request may come
// from any user (logged in/not logged in, not present in any
// groups, etc.).
// Formats: user:{emailid}, serviceAccount:{emailid}
// +kubebuilder:validation:Optional
Members []*string `json:"members,omitempty" tf:"members,omitempty"`
// Whether to negate the Condition. If true, the Condition becomes
// a NAND over its non-empty fields, each field must be false for
// the Condition overall to be satisfied. Defaults to false.
// +kubebuilder:validation:Optional
Negate *bool `json:"negate,omitempty" tf:"negate,omitempty"`
// The request must originate from one of the provided
// countries/regions.
// Format: A valid ISO 3166-1 alpha-2 code.
// +kubebuilder:validation:Optional
Regions []*string `json:"regions,omitempty" tf:"regions,omitempty"`
// A list of other access levels defined in the same Policy,
// referenced by resource name. Referencing an AccessLevel which
// does not exist is an error. All access levels listed must be
// granted for the Condition to be true.
// Format: accessPolicies/{policy_id}/accessLevels/{short_name}
// +kubebuilder:validation:Optional
RequiredAccessLevels []*string `json:"requiredAccessLevels,omitempty" tf:"required_access_levels,omitempty"`
// The request must originate from one of the provided VPC networks in Google Cloud. Cannot specify this field together with ip_subnetworks.
// Structure is documented below.
// +kubebuilder:validation:Optional
VPCNetworkSources []VPCNetworkSourcesParameters `json:"vpcNetworkSources,omitempty" tf:"vpc_network_sources,omitempty"`
}
type CustomInitParameters struct {
// Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language.
// This page details the objects and attributes that are used to the build the CEL expressions for
// custom access levels - https://cloud.google.com/access-context-manager/docs/custom-access-level-spec.
// Structure is documented below.
Expr []ExprInitParameters `json:"expr,omitempty" tf:"expr,omitempty"`
}
type CustomObservation struct {
// Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language.
// This page details the objects and attributes that are used to the build the CEL expressions for
// custom access levels - https://cloud.google.com/access-context-manager/docs/custom-access-level-spec.
// Structure is documented below.
Expr []ExprObservation `json:"expr,omitempty" tf:"expr,omitempty"`
}
type CustomParameters struct {
// Represents a textual expression in the Common Expression Language (CEL) syntax. CEL is a C-like expression language.
// This page details the objects and attributes that are used to the build the CEL expressions for
// custom access levels - https://cloud.google.com/access-context-manager/docs/custom-access-level-spec.
// Structure is documented below.
// +kubebuilder:validation:Optional
Expr []ExprParameters `json:"expr" tf:"expr,omitempty"`
}
type DevicePolicyInitParameters struct {
// A list of allowed device management levels.
// An empty list allows all management levels.
// Each value may be one of: MANAGEMENT_UNSPECIFIED, NONE, BASIC, COMPLETE.
AllowedDeviceManagementLevels []*string `json:"allowedDeviceManagementLevels,omitempty" tf:"allowed_device_management_levels,omitempty"`
// A list of allowed encryptions statuses.
// An empty list allows all statuses.
// Each value may be one of: ENCRYPTION_UNSPECIFIED, ENCRYPTION_UNSUPPORTED, UNENCRYPTED, ENCRYPTED.
AllowedEncryptionStatuses []*string `json:"allowedEncryptionStatuses,omitempty" tf:"allowed_encryption_statuses,omitempty"`
// A list of allowed OS versions.
// An empty list allows all types and all versions.
// Structure is documented below.
OsConstraints []OsConstraintsInitParameters `json:"osConstraints,omitempty" tf:"os_constraints,omitempty"`
// Whether the device needs to be approved by the customer admin.
RequireAdminApproval *bool `json:"requireAdminApproval,omitempty" tf:"require_admin_approval,omitempty"`
// Whether the device needs to be corp owned.
RequireCorpOwned *bool `json:"requireCorpOwned,omitempty" tf:"require_corp_owned,omitempty"`
// Whether or not screenlock is required for the DevicePolicy
// to be true. Defaults to false.
RequireScreenLock *bool `json:"requireScreenLock,omitempty" tf:"require_screen_lock,omitempty"`
}
type DevicePolicyObservation struct {
// A list of allowed device management levels.
// An empty list allows all management levels.
// Each value may be one of: MANAGEMENT_UNSPECIFIED, NONE, BASIC, COMPLETE.
AllowedDeviceManagementLevels []*string `json:"allowedDeviceManagementLevels,omitempty" tf:"allowed_device_management_levels,omitempty"`
// A list of allowed encryptions statuses.
// An empty list allows all statuses.
// Each value may be one of: ENCRYPTION_UNSPECIFIED, ENCRYPTION_UNSUPPORTED, UNENCRYPTED, ENCRYPTED.
AllowedEncryptionStatuses []*string `json:"allowedEncryptionStatuses,omitempty" tf:"allowed_encryption_statuses,omitempty"`
// A list of allowed OS versions.
// An empty list allows all types and all versions.
// Structure is documented below.
OsConstraints []OsConstraintsObservation `json:"osConstraints,omitempty" tf:"os_constraints,omitempty"`
// Whether the device needs to be approved by the customer admin.
RequireAdminApproval *bool `json:"requireAdminApproval,omitempty" tf:"require_admin_approval,omitempty"`
// Whether the device needs to be corp owned.
RequireCorpOwned *bool `json:"requireCorpOwned,omitempty" tf:"require_corp_owned,omitempty"`
// Whether or not screenlock is required for the DevicePolicy
// to be true. Defaults to false.
RequireScreenLock *bool `json:"requireScreenLock,omitempty" tf:"require_screen_lock,omitempty"`
}
type DevicePolicyParameters struct {
// A list of allowed device management levels.
// An empty list allows all management levels.
// Each value may be one of: MANAGEMENT_UNSPECIFIED, NONE, BASIC, COMPLETE.
// +kubebuilder:validation:Optional
AllowedDeviceManagementLevels []*string `json:"allowedDeviceManagementLevels,omitempty" tf:"allowed_device_management_levels,omitempty"`
// A list of allowed encryptions statuses.
// An empty list allows all statuses.
// Each value may be one of: ENCRYPTION_UNSPECIFIED, ENCRYPTION_UNSUPPORTED, UNENCRYPTED, ENCRYPTED.
// +kubebuilder:validation:Optional
AllowedEncryptionStatuses []*string `json:"allowedEncryptionStatuses,omitempty" tf:"allowed_encryption_statuses,omitempty"`
// A list of allowed OS versions.
// An empty list allows all types and all versions.
// Structure is documented below.
// +kubebuilder:validation:Optional
OsConstraints []OsConstraintsParameters `json:"osConstraints,omitempty" tf:"os_constraints,omitempty"`
// Whether the device needs to be approved by the customer admin.
// +kubebuilder:validation:Optional
RequireAdminApproval *bool `json:"requireAdminApproval,omitempty" tf:"require_admin_approval,omitempty"`
// Whether the device needs to be corp owned.
// +kubebuilder:validation:Optional
RequireCorpOwned *bool `json:"requireCorpOwned,omitempty" tf:"require_corp_owned,omitempty"`
// Whether or not screenlock is required for the DevicePolicy
// to be true. Defaults to false.
// +kubebuilder:validation:Optional
RequireScreenLock *bool `json:"requireScreenLock,omitempty" tf:"require_screen_lock,omitempty"`
}
type ExprInitParameters struct {
// Description of the expression
Description *string `json:"description,omitempty" tf:"description,omitempty"`
// Textual representation of an expression in Common Expression Language syntax.
Expression *string `json:"expression,omitempty" tf:"expression,omitempty"`
// String indicating the location of the expression for error reporting, e.g. a file name and a position in the file
Location *string `json:"location,omitempty" tf:"location,omitempty"`
// Title for the expression, i.e. a short string describing its purpose.
Title *string `json:"title,omitempty" tf:"title,omitempty"`
}
type ExprObservation struct {
// Description of the expression
Description *string `json:"description,omitempty" tf:"description,omitempty"`
// Textual representation of an expression in Common Expression Language syntax.
Expression *string `json:"expression,omitempty" tf:"expression,omitempty"`
// String indicating the location of the expression for error reporting, e.g. a file name and a position in the file
Location *string `json:"location,omitempty" tf:"location,omitempty"`
// Title for the expression, i.e. a short string describing its purpose.
Title *string `json:"title,omitempty" tf:"title,omitempty"`
}
type ExprParameters struct {
// Description of the expression
// +kubebuilder:validation:Optional
Description *string `json:"description,omitempty" tf:"description,omitempty"`
// Textual representation of an expression in Common Expression Language syntax.
// +kubebuilder:validation:Optional
Expression *string `json:"expression" tf:"expression,omitempty"`
// String indicating the location of the expression for error reporting, e.g. a file name and a position in the file
// +kubebuilder:validation:Optional
Location *string `json:"location,omitempty" tf:"location,omitempty"`
// Title for the expression, i.e. a short string describing its purpose.
// +kubebuilder:validation:Optional
Title *string `json:"title,omitempty" tf:"title,omitempty"`
}
type OsConstraintsInitParameters struct {
// The minimum allowed OS version. If not set, any version
// of this OS satisfies the constraint.
// Format: "major.minor.patch" such as "10.5.301", "9.2.1".
MinimumVersion *string `json:"minimumVersion,omitempty" tf:"minimum_version,omitempty"`
// The operating system type of the device.
// Possible values are: OS_UNSPECIFIED, DESKTOP_MAC, DESKTOP_WINDOWS, DESKTOP_LINUX, DESKTOP_CHROME_OS, ANDROID, IOS.
OsType *string `json:"osType,omitempty" tf:"os_type,omitempty"`
// If you specify DESKTOP_CHROME_OS for osType, you can optionally include requireVerifiedChromeOs to require Chrome Verified Access.
RequireVerifiedChromeOs *bool `json:"requireVerifiedChromeOs,omitempty" tf:"require_verified_chrome_os,omitempty"`
}
type OsConstraintsObservation struct {
// The minimum allowed OS version. If not set, any version
// of this OS satisfies the constraint.
// Format: "major.minor.patch" such as "10.5.301", "9.2.1".
MinimumVersion *string `json:"minimumVersion,omitempty" tf:"minimum_version,omitempty"`
// The operating system type of the device.
// Possible values are: OS_UNSPECIFIED, DESKTOP_MAC, DESKTOP_WINDOWS, DESKTOP_LINUX, DESKTOP_CHROME_OS, ANDROID, IOS.
OsType *string `json:"osType,omitempty" tf:"os_type,omitempty"`
// If you specify DESKTOP_CHROME_OS for osType, you can optionally include requireVerifiedChromeOs to require Chrome Verified Access.
RequireVerifiedChromeOs *bool `json:"requireVerifiedChromeOs,omitempty" tf:"require_verified_chrome_os,omitempty"`
}
type OsConstraintsParameters struct {
// The minimum allowed OS version. If not set, any version
// of this OS satisfies the constraint.
// Format: "major.minor.patch" such as "10.5.301", "9.2.1".
// +kubebuilder:validation:Optional
MinimumVersion *string `json:"minimumVersion,omitempty" tf:"minimum_version,omitempty"`
// The operating system type of the device.
// Possible values are: OS_UNSPECIFIED, DESKTOP_MAC, DESKTOP_WINDOWS, DESKTOP_LINUX, DESKTOP_CHROME_OS, ANDROID, IOS.
// +kubebuilder:validation:Optional
OsType *string `json:"osType" tf:"os_type,omitempty"`
// If you specify DESKTOP_CHROME_OS for osType, you can optionally include requireVerifiedChromeOs to require Chrome Verified Access.
// +kubebuilder:validation:Optional
RequireVerifiedChromeOs *bool `json:"requireVerifiedChromeOs,omitempty" tf:"require_verified_chrome_os,omitempty"`
}
type VPCNetworkSourcesInitParameters struct {
// Sub networks within a VPC network.
// Structure is documented below.
VPCSubnetwork []VPCSubnetworkInitParameters `json:"vpcSubnetwork,omitempty" tf:"vpc_subnetwork,omitempty"`
}
type VPCNetworkSourcesObservation struct {
// Sub networks within a VPC network.
// Structure is documented below.
VPCSubnetwork []VPCSubnetworkObservation `json:"vpcSubnetwork,omitempty" tf:"vpc_subnetwork,omitempty"`
}
type VPCNetworkSourcesParameters struct {
// Sub networks within a VPC network.
// Structure is documented below.
// +kubebuilder:validation:Optional
VPCSubnetwork []VPCSubnetworkParameters `json:"vpcSubnetwork,omitempty" tf:"vpc_subnetwork,omitempty"`
}
type VPCSubnetworkInitParameters struct {
// Required. Network name to be allowed by this Access Level. Networks of foreign organizations requires compute.network.get permission to be granted to caller.
Network *string `json:"network,omitempty" tf:"network,omitempty"`
// CIDR block IP subnetwork specification. Must be IPv4.
VPCIPSubnetworks []*string `json:"vpcIpSubnetworks,omitempty" tf:"vpc_ip_subnetworks,omitempty"`
}
type VPCSubnetworkObservation struct {
// Required. Network name to be allowed by this Access Level. Networks of foreign organizations requires compute.network.get permission to be granted to caller.
Network *string `json:"network,omitempty" tf:"network,omitempty"`
// CIDR block IP subnetwork specification. Must be IPv4.
VPCIPSubnetworks []*string `json:"vpcIpSubnetworks,omitempty" tf:"vpc_ip_subnetworks,omitempty"`
}
type VPCSubnetworkParameters struct {
// Required. Network name to be allowed by this Access Level. Networks of foreign organizations requires compute.network.get permission to be granted to caller.
// +kubebuilder:validation:Optional
Network *string `json:"network" tf:"network,omitempty"`
// CIDR block IP subnetwork specification. Must be IPv4.
// +kubebuilder:validation:Optional
VPCIPSubnetworks []*string `json:"vpcIpSubnetworks,omitempty" tf:"vpc_ip_subnetworks,omitempty"`
}
// AccessLevelSpec defines the desired state of AccessLevel
type AccessLevelSpec struct {
v1.ResourceSpec `json:",inline"`
ForProvider AccessLevelParameters `json:"forProvider"`
// THIS IS A BETA FIELD. It will be honored
// unless the Management Policies feature flag is disabled.
// InitProvider holds the same fields as ForProvider, with the exception
// of Identifier and other resource reference fields. The fields that are
// in InitProvider are merged into ForProvider when the resource is created.
// The same fields are also added to the terraform ignore_changes hook, to
// avoid updating them after creation. This is useful for fields that are
// required on creation, but we do not desire to update them after creation,
// for example because of an external controller is managing them, like an
// autoscaler.
InitProvider AccessLevelInitParameters `json:"initProvider,omitempty"`
}
// AccessLevelStatus defines the observed state of AccessLevel.
type AccessLevelStatus struct {
v1.ResourceStatus `json:",inline"`
AtProvider AccessLevelObservation `json:"atProvider,omitempty"`
}
// +kubebuilder:object:root=true
// +kubebuilder:subresource:status
// +kubebuilder:storageversion
// AccessLevel is the Schema for the AccessLevels API. An AccessLevel is a label that can be applied to requests to GCP services, along with a list of requirements necessary for the label to be applied.
// +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status"
// +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status"
// +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name"
// +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp"
// +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,gcp}
type AccessLevel struct {
metav1.TypeMeta `json:",inline"`
metav1.ObjectMeta `json:"metadata,omitempty"`
// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.name) || (has(self.initProvider) && has(self.initProvider.name))",message="spec.forProvider.name is a required parameter"
// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.parent) || (has(self.initProvider) && has(self.initProvider.parent))",message="spec.forProvider.parent is a required parameter"
// +kubebuilder:validation:XValidation:rule="!('*' in self.managementPolicies || 'Create' in self.managementPolicies || 'Update' in self.managementPolicies) || has(self.forProvider.title) || (has(self.initProvider) && has(self.initProvider.title))",message="spec.forProvider.title is a required parameter"
Spec AccessLevelSpec `json:"spec"`
Status AccessLevelStatus `json:"status,omitempty"`
}
// +kubebuilder:object:root=true
// AccessLevelList contains a list of AccessLevels
type AccessLevelList struct {
metav1.TypeMeta `json:",inline"`
metav1.ListMeta `json:"metadata,omitempty"`
Items []AccessLevel `json:"items"`
}
// Repository type metadata.
var (
AccessLevel_Kind = "AccessLevel"
AccessLevel_GroupKind = schema.GroupKind{Group: CRDGroup, Kind: AccessLevel_Kind}.String()
AccessLevel_KindAPIVersion = AccessLevel_Kind + "." + CRDGroupVersion.String()
AccessLevel_GroupVersionKind = CRDGroupVersion.WithKind(AccessLevel_Kind)
)
func init() {
SchemeBuilder.Register(&AccessLevel{}, &AccessLevelList{})
}