apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: certificates.acm.aws.crossplane.io
spec:
group: acm.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Certificate
listKind: CertificateList
plural: certificates
singular: certificate
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .spec.forProvider.domainName
name: DOMAINNAME
type: string
- jsonPath: .status.atProvider.status
name: STATUS
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: 'Certificate is a managed resource that represents an AWS Certificate
Manager. Deprecated: Please use v1beta1 version of this resource.'
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: CertificateSpec defines the desired state of Certificate
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: CertificateParameters defines the desired state of an
AWS Certificate.
properties:
certificateAuthorityARN:
description: The Amazon Resource Name (ARN) of the private certificate
authority (CA)that will be used to issue the certificate.
type: string
certificateAuthorityARNRef:
description: CertificateAuthorityARNRef references an AWS ACMPCA
CertificateAuthority to retrieve its Arn
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
certificateAuthorityARNSelector:
description: CertificateAuthorityARNSelector selects a reference
to an AWS ACMPCA CertificateAuthority to retrieve its Arn
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
certificateTransparencyLoggingPreference:
description: Parameter add the certificate to a certificate transparency
log.
enum:
- ENABLED
- DISABLED
type: string
domainName:
description: Fully qualified domain name (FQDN),that to secure
with an ACM certificate.
type: string
domainValidationOptions:
description: The domain name that you want ACM to use to send
you emails so that you can validate domain ownership.
items:
description: DomainValidationOption validate domain ownership.
properties:
domainName:
description: Additinal Fully qualified domain name (FQDN),that
to secure with an ACM certificate.
type: string
validationDomain:
description: Method to validate certificate
type: string
required:
- domainName
- validationDomain
type: object
type: array
region:
description: Region is the region you'd like your Certificate
to be created in.
type: string
renewCertificate:
description: Flag to renew the certificate
type: boolean
subjectAlternativeNames:
description: Subject Alternative Name extension of the ACM certificate.
items:
type: string
type: array
tags:
description: One or more resource tags to associate with the certificate.
items:
description: Tag represents user-provided metadata that can
be associated
properties:
key:
description: The key name that can be used to look up or
retrieve the associated value.
type: string
value:
description: The value associated with this tag.
type: string
required:
- key
- value
type: object
type: array
validationMethod:
description: Method to validate certificate.
enum:
- DNS
- EMAIL
type: string
required:
- domainName
- region
- tags
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An CertificateStatus represents the observed state of an
Certificate manager.
properties:
atProvider:
description: CertificateExternalStatus keeps the state of external
resource
properties:
certificateARN:
description: String that contains the ARN of the issued certificate.
This must be of the
type: string
renewalEligibility:
description: Flag to check eligibility for renewal status
enum:
- ELIGIBLE
- INELIGIBLE
type: string
resourceRecord:
description: 'Contains the CNAME record that you add to your DNS
database for domain validation. For more information, see Use
DNS to Validate Domain Ownership (https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html).
Note: The CNAME information that you need does not include the
name of your domain. If you include your domain name in the
DNS database CNAME record, validation fails. For example, if
the name is "_a79865eb4cd1a6ab990a45779b4e0b96.yourdomain.com",
only "_a79865eb4cd1a6ab990a45779b4e0b96" must be used.'
properties:
name:
description: The name of the DNS record to create in your
domain. This is supplied by ACM.
type: string
type:
description: The type of DNS record. Currently this can be
CNAME.
enum:
- CNAME
type: string
value:
description: The value of the CNAME record to add to your
DNS database.
type: string
type: object
status:
description: Status of the certificate
enum:
- PENDING_VALIDATION
- ISSUED
- INACTIVE
- EXPIRED
- VALIDATION_TIMED_OUT
- REVOKED
- FAILED
type: string
type:
description: Type of the certificate
enum:
- IMPORTED
- AMAZON_ISSUED
- PRIVATE
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .spec.forProvider.domainName
name: DOMAINNAME
type: string
- jsonPath: .status.atProvider.status
name: STATUS
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: Certificate is a managed resource that represents an AWS Certificate
Manager.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: CertificateSpec defines the desired state of Certificate
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: CertificateParameters defines the desired state of an
AWS Certificate.
properties:
certificateAuthorityARN:
description: The Amazon Resource Name (ARN) of the private certificate
authority (CA)that will be used to issue the certificate.
type: string
certificateAuthorityARNRef:
description: CertificateAuthorityARNRef references an AWS ACMPCA
CertificateAuthority to retrieve its Arn
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
certificateAuthorityARNSelector:
description: CertificateAuthorityARNSelector selects a reference
to an AWS ACMPCA CertificateAuthority to retrieve its Arn
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
domainName:
description: Fully qualified domain name (FQDN),that to secure
with an ACM certificate.
type: string
domainValidationOptions:
description: The domain name that you want ACM to use to send
you emails so that you can validate domain ownership.
items:
description: DomainValidationOption validate domain ownership.
properties:
domainName:
description: Additinal Fully qualified domain name (FQDN),that
to secure with an ACM certificate.
type: string
validationDomain:
description: Method to validate certificate
type: string
required:
- domainName
- validationDomain
type: object
type: array
options:
description: Currently, you can use this parameter to specify
whether to add the certificate to a certificate transparency
log. Certificate transparency makes it possible to detect SSL/TLS
certificates that have been mistakenly or maliciously issued.
Certificates that have not been logged typically produce an
error message in a browser. For more information, see Opting
Out of Certificate Transparency Logging (https://docs.aws.amazon.com/acm/latest/userguide/acm-bestpractices.html#best-practices-transparency).
properties:
certificateTransparencyLoggingPreference:
description: You can opt out of certificate transparency logging
by specifying the DISABLED option. Opt in by specifying
ENABLED.
enum:
- ENABLED
- DISABLED
type: string
required:
- certificateTransparencyLoggingPreference
type: object
region:
description: Region is the region you'd like your Certificate
to be created in.
type: string
subjectAlternativeNames:
description: Subject Alternative Name extension of the ACM certificate.
items:
type: string
type: array
tags:
description: One or more resource tags to associate with the certificate.
items:
description: Tag represents user-provided metadata that can
be associated
properties:
key:
description: The key name that can be used to look up or
retrieve the associated value.
type: string
value:
description: The value associated with this tag.
type: string
required:
- key
- value
type: object
type: array
validationMethod:
description: Method to validate certificate.
enum:
- DNS
- EMAIL
type: string
required:
- domainName
- region
- tags
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An CertificateStatus represents the observed state of an
Certificate manager.
properties:
atProvider:
description: CertificateExternalStatus keeps the state of external
resource
properties:
certificateARN:
description: String that contains the ARN of the issued certificate.
This must be of the
type: string
renewalEligibility:
description: Flag to check eligibility for renewal status
enum:
- ELIGIBLE
- INELIGIBLE
type: string
resourceRecord:
description: 'Contains the CNAME record that you add to your DNS
database for domain validation. For more information, see Use
DNS to Validate Domain Ownership (https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-validate-dns.html).
Note: The CNAME information that you need does not include the
name of your domain. If you include your domain name in the
DNS database CNAME record, validation fails. For example, if
the name is "_a79865eb4cd1a6ab990a45779b4e0b96.yourdomain.com",
only "_a79865eb4cd1a6ab990a45779b4e0b96" must be used.'
properties:
name:
description: The name of the DNS record to create in your
domain. This is supplied by ACM.
type: string
type:
description: The type of DNS record. Currently this can be
CNAME.
enum:
- CNAME
type: string
value:
description: The value of the CNAME record to add to your
DNS database.
type: string
type: object
status:
description: Status of the certificate
enum:
- PENDING_VALIDATION
- ISSUED
- INACTIVE
- EXPIRED
- VALIDATION_TIMED_OUT
- REVOKED
- FAILED
type: string
type:
description: Type of the certificate
enum:
- IMPORTED
- AMAZON_ISSUED
- PRIVATE
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: certificateauthorities.acmpca.aws.crossplane.io
spec:
group: acmpca.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: CertificateAuthority
listKind: CertificateAuthorityList
plural: certificateauthorities
singular: certificateauthority
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .spec.forProvider.type
name: TYPE
type: string
- jsonPath: .spec.forProvider.status
name: STATUS
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: 'CertificateAuthority is a managed resource that represents an
AWS CertificateAuthority Manager. Deprecated: Please use v1beta1 version
of this resource.'
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: CertificateAuthoritySpec defines the desired state of CertificateAuthority
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: CertificateAuthorityParameters defines the desired state
of an AWS CertificateAuthority.
properties:
certificateAuthorityConfiguration:
description: CertificateAuthorityConfiguration to associate with
the certificateAuthority.
properties:
keyAlgorithm:
description: Type of the public key algorithm
enum:
- RSA_2048
- EC_secp384r1
- EC_prime256v1
- RSA_4096
type: string
signingAlgorithm:
description: Algorithm that private CA uses to sign certificate
requests
enum:
- SHA512WITHECDSA
- SHA256WITHECDSA
- SHA384WITHECDSA
- SHA512WITHRSA
- SHA256WITHRSA
- SHA384WITHRSA
type: string
subject:
description: Subject is information of Certificate Authority
properties:
commonName:
description: FQDN associated with the certificate subject
type: string
country:
description: Two-digit code that specifies the country
type: string
distinguishedNameQualifier:
description: Disambiguating information for the certificate
subject.
type: string
generationQualifier:
description: Typically a qualifier appended to the name
of an individual
type: string
givenName:
description: First name
type: string
initials:
description: Concatenation of first letter of the GivenName,
Middle name and SurName.
type: string
locality:
description: The locality such as a city or town
type: string
organization:
description: Organization legal name
type: string
organizationalUnit:
description: Organization's subdivision or unit
type: string
pseudonym:
description: Shortened version of a longer GivenName
type: string
serialNumber:
description: The certificate serial number.
type: string
state:
description: State in which the subject of the certificate
is located
type: string
surname:
description: Surname
type: string
title:
description: Title
type: string
required:
- commonName
- country
- locality
- organization
- organizationalUnit
- state
type: object
required:
- keyAlgorithm
- signingAlgorithm
- subject
type: object
permanentDeletionTimeInDays:
description: The number of days to make a CA restorable after
it has been deleted
format: int32
type: integer
region:
description: Region is the region you'd like your CertificateAuthority
to be created in.
type: string
revocationConfiguration:
description: RevocationConfiguration to associate with the certificateAuthority.
properties:
customCname:
description: Alias for the CRL distribution point
type: string
enabled:
description: Boolean value that specifies certificate revocation
type: boolean
expirationInDays:
description: Number of days until a certificate expires
format: int32
type: integer
s3BucketName:
description: Name of the S3 bucket that contains the CRL
type: string
required:
- enabled
type: object
status:
description: Status of the certificate authority. This value cannot
be configured at creation, but can be updated to set a CA to
ACTIVE or DISABLED.
enum:
- ACTIVE
- DISABLED
type: string
tags:
description: One or more resource tags to associate with the certificateAuthority.
items:
description: Tag represents user-provided metadata that can
be associated
properties:
key:
description: The key name that can be used to look up or
retrieve the associated value.
type: string
value:
description: The value associated with this tag.
type: string
required:
- key
- value
type: object
type: array
type:
description: Type of the certificate authority
enum:
- ROOT
- SUBORDINATE
type: string
required:
- certificateAuthorityConfiguration
- region
- tags
- type
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An CertificateAuthorityStatus represents the observed state
of an CertificateAuthority manager.
properties:
atProvider:
description: CertificateAuthorityExternalStatus keeps the state of
external resource
properties:
certificateAuthorityARN:
description: String that contains the ARN of the issued certificate
Authority
type: string
serial:
description: Serial of the Certificate Authority
type: string
status:
description: Status is the current status of the CertificateAuthority.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .spec.forProvider.type
name: TYPE
type: string
- jsonPath: .spec.forProvider.status
name: STATUS
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: CertificateAuthority is a managed resource that represents an
AWS CertificateAuthority Manager.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: CertificateAuthoritySpec defines the desired state of CertificateAuthority
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: CertificateAuthorityParameters defines the desired state
of an AWS CertificateAuthority.
properties:
certificateAuthorityConfiguration:
description: CertificateAuthorityConfiguration to associate with
the certificateAuthority.
properties:
keyAlgorithm:
description: Type of the public key algorithm
enum:
- RSA_2048
- EC_secp384r1
- EC_prime256v1
- RSA_4096
type: string
signingAlgorithm:
description: Algorithm that private CA uses to sign certificate
requests
enum:
- SHA512WITHECDSA
- SHA256WITHECDSA
- SHA384WITHECDSA
- SHA512WITHRSA
- SHA256WITHRSA
- SHA384WITHRSA
type: string
subject:
description: Subject is information of Certificate Authority
properties:
commonName:
description: FQDN associated with the certificate subject
type: string
country:
description: Two-digit code that specifies the country
type: string
distinguishedNameQualifier:
description: Disambiguating information for the certificate
subject.
type: string
generationQualifier:
description: Typically a qualifier appended to the name
of an individual
type: string
givenName:
description: First name
type: string
initials:
description: Concatenation of first letter of the GivenName,
Middle name and SurName.
type: string
locality:
description: The locality such as a city or town
type: string
organization:
description: Organization legal name
type: string
organizationalUnit:
description: Organization's subdivision or unit
type: string
pseudonym:
description: Shortened version of a longer GivenName
type: string
serialNumber:
description: The certificate serial number.
type: string
state:
description: State in which the subject of the certificate
is located
type: string
surname:
description: Surname
type: string
title:
description: Title
type: string
required:
- commonName
- country
- locality
- organization
- organizationalUnit
- state
type: object
required:
- keyAlgorithm
- signingAlgorithm
- subject
type: object
permanentDeletionTimeInDays:
description: The number of days to make a CA restorable after
it has been deleted
format: int32
type: integer
region:
description: Region is the region you'd like your CertificateAuthority
to be created in.
type: string
revocationConfiguration:
description: RevocationConfiguration to associate with the certificateAuthority.
properties:
customCname:
description: Alias for the CRL distribution point
type: string
enabled:
description: Boolean value that specifies certificate revocation
type: boolean
expirationInDays:
description: Number of days until a certificate expires
format: int32
type: integer
s3BucketName:
description: Name of the S3 bucket that contains the CRL
type: string
required:
- enabled
type: object
status:
description: Status of the certificate authority. This value cannot
be configured at creation, but can be updated to set a CA to
ACTIVE or DISABLED.
enum:
- ACTIVE
- DISABLED
type: string
tags:
description: One or more resource tags to associate with the certificateAuthority.
items:
description: Tag represents user-provided metadata that can
be associated
properties:
key:
description: The key name that can be used to look up or
retrieve the associated value.
type: string
value:
description: The value associated with this tag.
type: string
required:
- key
- value
type: object
type: array
type:
description: Type of the certificate authority
enum:
- ROOT
- SUBORDINATE
type: string
required:
- certificateAuthorityConfiguration
- region
- tags
- type
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An CertificateAuthorityStatus represents the observed state
of an CertificateAuthority manager.
properties:
atProvider:
description: CertificateAuthorityExternalStatus keeps the state of
external resource
properties:
certificateAuthorityARN:
description: String that contains the ARN of the issued certificate
Authority
type: string
serial:
description: Serial of the Certificate Authority
type: string
status:
description: Status is the current status of the CertificateAuthority.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: certificateauthoritypermissions.acmpca.aws.crossplane.io
spec:
group: acmpca.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: CertificateAuthorityPermission
listKind: CertificateAuthorityPermissionList
plural: certificateauthoritypermissions
singular: certificateauthoritypermission
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: CertificateAuthorityPermission is a managed resource that represents
an AWS CertificateAuthorityPermission Manager.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: CertificateAuthorityPermissionSpec defines the desired state
of CertificateAuthorityPermission
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: CertificateAuthorityPermissionParameters defines the
desired state of an AWS CertificateAuthority.
properties:
actions:
description: The actions that the specified AWS service principal
can use.
items:
type: string
type: array
certificateAuthorityARN:
description: The Amazon Resource Name (ARN) of the private certificate
authority (CA)that will be used to issue the certificate.
type: string
certificateAuthorityARNRef:
description: CertificateAuthorityARNRef references an CertificateAuthority
to retrieve its Arn
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
certificateAuthorityARNSelector:
description: CertificateAuthorityARNSelector selects a reference
to an CertificateAuthority to retrieve its Arn
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
principal:
default: acm.amazonaws.com
description: The AWS service or identity that receives the permission.
At this time, the only valid principal is acm.amazonaws.com.
type: string
region:
description: Region is the region of CertificateAuthorityPermission.
type: string
sourceAccount:
description: Calling Account ID
type: string
required:
- principal
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An CertificateAuthorityPermissionStatus represents the observed
state of an Certificate Authority Permission manager.
properties:
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: CertificateAuthorityPermission is a managed resource that represents
an AWS CertificateAuthorityPermission Manager.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: CertificateAuthorityPermissionSpec defines the desired state
of CertificateAuthorityPermission
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: CertificateAuthorityPermissionParameters defines the
desired state of an AWS CertificateAuthority.
properties:
actions:
description: The actions that the specified AWS service principal
can use.
items:
type: string
type: array
certificateAuthorityARN:
description: The Amazon Resource Name (ARN) of the private certificate
authority (CA)that will be used to issue the certificate.
type: string
certificateAuthorityARNRef:
description: CertificateAuthorityARNRef references an CertificateAuthority
to retrieve its Arn
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
certificateAuthorityARNSelector:
description: CertificateAuthorityARNSelector selects a reference
to an CertificateAuthority to retrieve its Arn
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
principal:
default: acm.amazonaws.com
description: The AWS service or identity that receives the permission.
At this time, the only valid principal is acm.amazonaws.com.
type: string
region:
description: Region is the region of CertificateAuthorityPermission.
type: string
sourceAccount:
description: Calling Account ID
type: string
required:
- principal
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An CertificateAuthorityPermissionStatus represents the observed
state of an Certificate Authority Permission manager.
properties:
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: apis.apigatewayv2.aws.crossplane.io
spec:
group: apigatewayv2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: API
listKind: APIList
plural: apis
singular: api
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: API is the Schema for the APIS API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: APISpec defines the desired state of API
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: APIParameters defines the desired state of API
properties:
apiKeySelectionExpression:
type: string
corsConfiguration:
properties:
allowCredentials:
type: boolean
allowHeaders:
description: Represents a collection of allowed headers. Supported
only for HTTP APIs.
items:
type: string
type: array
allowMethods:
description: Represents a collection of methods. Supported
only for HTTP APIs.
items:
type: string
type: array
allowOrigins:
description: Represents a collection of origins. Supported
only for HTTP APIs.
items:
type: string
type: array
exposeHeaders:
description: Represents a collection of allowed headers. Supported
only for HTTP APIs.
items:
type: string
type: array
maxAge:
description: An integer with a value between -1 and 86400.
Supported only for HTTP APIs.
format: int64
type: integer
type: object
credentialsARN:
type: string
description:
type: string
disableExecuteAPIEndpoint:
type: boolean
disableSchemaValidation:
type: boolean
name:
type: string
protocolType:
type: string
region:
description: Region is which region the API will be created.
type: string
routeKey:
type: string
routeSelectionExpression:
type: string
tags:
additionalProperties:
type: string
type: object
target:
type: string
version:
type: string
required:
- name
- protocolType
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: APIStatus defines the observed state of API.
properties:
atProvider:
description: APIObservation defines the observed state of API
properties:
apiEndpoint:
type: string
apiGatewayManaged:
type: boolean
apiID:
type: string
createdDate:
format: date-time
type: string
importInfo:
items:
type: string
type: array
warnings:
items:
type: string
type: array
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: apimappings.apigatewayv2.aws.crossplane.io
spec:
group: apigatewayv2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: APIMapping
listKind: APIMappingList
plural: apimappings
singular: apimapping
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: APIMapping is the Schema for the APIMappings API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: APIMappingSpec defines the desired state of APIMapping
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: APIMappingParameters defines the desired state of APIMapping
properties:
apiId:
description: APIID is the ID for the API.
type: string
apiIdRef:
description: APIIDRef is a reference to an API used to set the
APIID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
apiIdSelector:
description: APIIDSelector selects references to API used to set
the APIID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
apiMappingKey:
type: string
domainName:
description: DomainName is the DomainName for the DomainName.
type: string
domainNameRef:
description: DomainNameRef is a reference to a DomainName used
to set the DomainName.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
domainNameSelector:
description: DomainNameSelector selects references to DomainName
used to set the DomainName.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
region:
description: Region is which region the APIMapping will be created.
type: string
stage:
description: Stage is the name for the Stage.
type: string
stageRef:
description: StageDRef is a reference to an Stage used to set
the Stage.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
stageSelector:
description: StageSelector selects references to Stage used to
set the Stage.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: APIMappingStatus defines the observed state of APIMapping.
properties:
atProvider:
description: APIMappingObservation defines the observed state of APIMapping
properties:
apiID:
type: string
apiMappingID:
type: string
stage:
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: authorizers.apigatewayv2.aws.crossplane.io
spec:
group: apigatewayv2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Authorizer
listKind: AuthorizerList
plural: authorizers
singular: authorizer
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Authorizer is the Schema for the Authorizers API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: AuthorizerSpec defines the desired state of Authorizer
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: AuthorizerParameters defines the desired state of Authorizer
properties:
apiId:
description: APIID is the ID for the API.
type: string
apiIdRef:
description: APIIDRef is a reference to an API used to set the
APIID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
apiIdSelector:
description: APIIDSelector selects references to API used to set
the APIID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
authorizerCredentialsARN:
type: string
authorizerPayloadFormatVersion:
type: string
authorizerResultTtlInSeconds:
format: int64
type: integer
authorizerType:
type: string
authorizerURI:
type: string
enableSimpleResponses:
type: boolean
identitySource:
items:
type: string
type: array
identityValidationExpression:
type: string
jwtConfiguration:
properties:
audience:
items:
type: string
type: array
issuer:
description: A string representation of a URI with a length
between [1-2048].
type: string
type: object
name:
type: string
region:
description: Region is which region the Authorizer will be created.
type: string
required:
- authorizerType
- identitySource
- name
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: AuthorizerStatus defines the observed state of Authorizer.
properties:
atProvider:
description: AuthorizerObservation defines the observed state of Authorizer
properties:
authorizerID:
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: deployments.apigatewayv2.aws.crossplane.io
spec:
group: apigatewayv2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Deployment
listKind: DeploymentList
plural: deployments
singular: deployment
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Deployment is the Schema for the Deployments API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DeploymentSpec defines the desired state of Deployment
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: DeploymentParameters defines the desired state of Deployment
properties:
apiId:
description: APIID is the ID for the API.
type: string
apiIdRef:
description: APIIDRef is a reference to an API used to set the
APIID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
apiIdSelector:
description: APIIDSelector selects references to API used to set
the APIID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
description:
type: string
region:
description: Region is which region the Deployment will be created.
type: string
stageName:
type: string
stageNameRef:
description: StageNameRef is a reference to an Stage used to set
the StageName.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
stageNameSelector:
description: StageNameSelector selects references to Stage used
to set the StageName.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: DeploymentStatus defines the observed state of Deployment.
properties:
atProvider:
description: DeploymentObservation defines the observed state of Deployment
properties:
autoDeployed:
type: boolean
createdDate:
format: date-time
type: string
deploymentID:
type: string
deploymentStatus:
type: string
deploymentStatusMessage:
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: domainnames.apigatewayv2.aws.crossplane.io
spec:
group: apigatewayv2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: DomainName
listKind: DomainNameList
plural: domainnames
singular: domainname
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: DomainName is the Schema for the DomainNames API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DomainNameSpec defines the desired state of DomainName
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: DomainNameParameters defines the desired state of DomainName
properties:
domainNameConfigurations:
items:
properties:
apiGatewayDomainName:
type: string
certificateARN:
description: Represents an Amazon Resource Name (ARN).
type: string
certificateName:
description: A string with a length between [1-128].
type: string
certificateUploadDate:
format: date-time
type: string
domainNameStatus:
description: The status of the domain name migration. The
valid values are AVAILABLE and UPDATING. If the status
is UPDATING, the domain cannot be modified further until
the existing operation is complete. If it is AVAILABLE,
the domain can be updated.
type: string
domainNameStatusMessage:
type: string
endpointType:
description: Represents an endpoint type.
type: string
hostedZoneID:
type: string
securityPolicy:
description: The Transport Layer Security (TLS) version
of the security policy for this domain name. The valid
values are TLS_1_0 and TLS_1_2.
type: string
type: object
type: array
mutualTLSAuthentication:
properties:
truststoreURI:
description: A string representation of a URI with a length
between [1-2048].
type: string
truststoreVersion:
description: A string with a length between [1-64].
type: string
type: object
region:
description: Region is which region the DomainName will be created.
type: string
tags:
additionalProperties:
type: string
type: object
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: DomainNameStatus defines the observed state of DomainName.
properties:
atProvider:
description: DomainNameObservation defines the observed state of DomainName
properties:
apiMappingSelectionExpression:
type: string
domainName:
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: integrations.apigatewayv2.aws.crossplane.io
spec:
group: apigatewayv2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Integration
listKind: IntegrationList
plural: integrations
singular: integration
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Integration is the Schema for the Integrations API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: IntegrationSpec defines the desired state of Integration
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: IntegrationParameters defines the desired state of Integration
properties:
apiId:
description: APIID is the ID for the API.
type: string
apiIdRef:
description: APIIDRef is a reference to an API used to set the
APIID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
apiIdSelector:
description: APIIDSelector selects references to API used to set
the APIID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
connectionID:
type: string
connectionType:
type: string
contentHandlingStrategy:
type: string
credentialsARN:
type: string
description:
type: string
integrationMethod:
type: string
integrationSubtype:
type: string
integrationType:
type: string
integrationURI:
type: string
passthroughBehavior:
type: string
payloadFormatVersion:
type: string
region:
description: Region is which region the Integration will be created.
type: string
requestParameters:
additionalProperties:
type: string
type: object
requestTemplates:
additionalProperties:
type: string
type: object
responseParameters:
additionalProperties:
description: ResponseParameter represents a single response
parameter transform operation.
properties:
headerEntry:
description: HeaderEntries is the array of header changes
you'd like to make. For details, see Transforming API
responses in https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html
items:
description: HeaderEntry can be used to represent a single
header transform.
properties:
name:
description: Name is the name of the header.
type: string
operation:
description: Operation is what you'd like to do with
given header. Only append, overwrite and remove
values are supported.
enum:
- append
- overwrite
- remove
type: string
value:
description: Value is the new value.
type: string
required:
- name
- operation
- value
type: object
type: array
overwriteStatusCodeEntry:
description: OverwriteStatusCode is the status code you'd
like the response to have, overwriting the one in the
original response. For details, see Transforming API responses
in https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-parameter-mapping.html
type: string
type: object
description: Supported only for HTTP APIs. You use response parameters
to transform the HTTP response from a backend integration before
returning the response to clients. Specify a key-value map from
a selection key to response parameters. The selection key must
be a valid HTTP status code within the range of 200-599.
type: object
templateSelectionExpression:
type: string
timeoutInMillis:
format: int64
type: integer
tlsConfig:
properties:
serverNameToVerify:
description: A string with a length between [1-512].
type: string
type: object
required:
- integrationType
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: IntegrationStatus defines the observed state of Integration.
properties:
atProvider:
description: IntegrationObservation defines the observed state of
Integration
properties:
apiGatewayManaged:
type: boolean
integrationID:
type: string
integrationResponseSelectionExpression:
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: integrationresponses.apigatewayv2.aws.crossplane.io
spec:
group: apigatewayv2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: IntegrationResponse
listKind: IntegrationResponseList
plural: integrationresponses
singular: integrationresponse
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: IntegrationResponse is the Schema for the IntegrationResponses
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: IntegrationResponseSpec defines the desired state of IntegrationResponse
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: IntegrationResponseParameters defines the desired state
of IntegrationResponse
properties:
apiId:
description: APIID is the ID for the API.
type: string
apiIdRef:
description: APIIDRef is a reference to an API used to set the
APIID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
apiIdSelector:
description: APIIDSelector selects references to API used to set
the APIID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
contentHandlingStrategy:
type: string
integrationId:
description: IntegrationID is the ID for the Integration.
type: string
integrationIdRef:
description: IntegrationIDRef is a reference to an Integration
used to set the IntegrationID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
integrationIdSelector:
description: IntegrationIDSelector selects references to Integration
used to set the IntegrationID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
integrationResponseKey:
type: string
region:
description: Region is which region the IntegrationResponse will
be created.
type: string
responseParameters:
additionalProperties:
type: string
type: object
responseTemplates:
additionalProperties:
type: string
type: object
templateSelectionExpression:
type: string
required:
- integrationResponseKey
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: IntegrationResponseStatus defines the observed state of IntegrationResponse.
properties:
atProvider:
description: IntegrationResponseObservation defines the observed state
of IntegrationResponse
properties:
integrationResponseID:
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: models.apigatewayv2.aws.crossplane.io
spec:
group: apigatewayv2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Model
listKind: ModelList
plural: models
singular: model
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Model is the Schema for the Models API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ModelSpec defines the desired state of Model
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: ModelParameters defines the desired state of Model
properties:
apiId:
description: APIID is the ID for the API.
type: string
apiIdRef:
description: APIIDRef is a reference to an API used to set the
APIID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
apiIdSelector:
description: APIIDSelector selects references to API used to set
the APIID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
contentType:
type: string
description:
type: string
name:
type: string
region:
description: Region is which region the Model will be created.
type: string
schema:
type: string
required:
- name
- region
- schema
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: ModelStatus defines the observed state of Model.
properties:
atProvider:
description: ModelObservation defines the observed state of Model
properties:
modelID:
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: routes.apigatewayv2.aws.crossplane.io
spec:
group: apigatewayv2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Route
listKind: RouteList
plural: routes
singular: route
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Route is the Schema for the Routes API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: RouteSpec defines the desired state of Route
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: RouteParameters defines the desired state of Route
properties:
apiId:
description: APIID is the ID for the API.
type: string
apiIdRef:
description: APIIDRef is a reference to an API used to set the
APIID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
apiIdSelector:
description: APIIDSelector selects references to API used to set
the APIID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
apiKeyRequired:
type: boolean
authorizationScopes:
items:
type: string
type: array
authorizationType:
type: string
authorizerID:
type: string
authorizerIDRef:
description: AuthorizerIDRef is a reference to an Authorizer used
to set the AuthorizerID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
authorizerIDSelector:
description: AuthorizerIDSelector selects references to Authorizer
used to set the AuthorizerID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
modelSelectionExpression:
type: string
operationName:
type: string
region:
description: Region is which region the Route will be created.
type: string
requestModels:
additionalProperties:
type: string
type: object
requestParameters:
additionalProperties:
properties:
required:
type: boolean
type: object
type: object
routeKey:
type: string
routeResponseSelectionExpression:
type: string
target:
type: string
required:
- region
- routeKey
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: RouteStatus defines the observed state of Route.
properties:
atProvider:
description: RouteObservation defines the observed state of Route
properties:
apiGatewayManaged:
type: boolean
routeID:
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: routeresponses.apigatewayv2.aws.crossplane.io
spec:
group: apigatewayv2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: RouteResponse
listKind: RouteResponseList
plural: routeresponses
singular: routeresponse
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: RouteResponse is the Schema for the RouteResponses API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: RouteResponseSpec defines the desired state of RouteResponse
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: RouteResponseParameters defines the desired state of
RouteResponse
properties:
apiId:
description: APIID is the ID for the API.
type: string
apiIdRef:
description: APIIDRef is a reference to an API used to set the
APIID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
apiIdSelector:
description: APIIDSelector selects references to API used to set
the APIID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
modelSelectionExpression:
type: string
region:
description: Region is which region the RouteResponse will be
created.
type: string
responseModels:
additionalProperties:
type: string
type: object
responseParameters:
additionalProperties:
properties:
required:
type: boolean
type: object
type: object
routeId:
description: RouteID is the ID for the Route.
type: string
routeIdRef:
description: RouteIDRef is a reference to an Route used to set
the RouteID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
routeIdSelector:
description: RouteIDSelector selects references to Route used
to set the RouteID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
routeResponseKey:
type: string
required:
- region
- routeResponseKey
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: RouteResponseStatus defines the observed state of RouteResponse.
properties:
atProvider:
description: RouteResponseObservation defines the observed state of
RouteResponse
properties:
routeResponseID:
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: stages.apigatewayv2.aws.crossplane.io
spec:
group: apigatewayv2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Stage
listKind: StageList
plural: stages
singular: stage
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Stage is the Schema for the Stages API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: StageSpec defines the desired state of Stage
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: StageParameters defines the desired state of Stage
properties:
accessLogSettings:
properties:
destinationARN:
description: Represents an Amazon Resource Name (ARN).
type: string
format:
description: A string with a length between [1-1024].
type: string
type: object
apiId:
description: APIID is the ID for the API.
type: string
apiIdRef:
description: APIIDRef is a reference to an API used to set the
APIID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
apiIdSelector:
description: APIIDSelector selects references to API used to set
the APIID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
autoDeploy:
type: boolean
clientCertificateID:
type: string
defaultRouteSettings:
properties:
dataTraceEnabled:
type: boolean
detailedMetricsEnabled:
type: boolean
loggingLevel:
description: The logging level.
type: string
throttlingBurstLimit:
format: int64
type: integer
throttlingRateLimit:
type: number
type: object
deploymentID:
type: string
description:
type: string
region:
description: Region is which region the Stage will be created.
type: string
routeSettings:
additionalProperties:
properties:
dataTraceEnabled:
type: boolean
detailedMetricsEnabled:
type: boolean
loggingLevel:
description: The logging level.
type: string
throttlingBurstLimit:
format: int64
type: integer
throttlingRateLimit:
type: number
type: object
type: object
stageVariables:
additionalProperties:
type: string
type: object
tags:
additionalProperties:
type: string
type: object
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: StageStatus defines the observed state of Stage.
properties:
atProvider:
description: StageObservation defines the observed state of Stage
properties:
apiGatewayManaged:
type: boolean
createdDate:
format: date-time
type: string
lastDeploymentStatusMessage:
type: string
lastUpdatedDate:
format: date-time
type: string
stageName:
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: vpclinks.apigatewayv2.aws.crossplane.io
spec:
group: apigatewayv2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: VPCLink
listKind: VPCLinkList
plural: vpclinks
singular: vpclink
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: VPCLink is the Schema for the VPCLinks API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: VPCLinkSpec defines the desired state of VPCLink
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: VPCLinkParameters defines the desired state of VPCLink
properties:
name:
type: string
region:
description: Region is which region the VPCLink will be created.
type: string
securityGroupIdRefs:
description: SecurityGroupIDRefs is a list of references to SecurityGroups
used to set the SecurityGroupIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
securityGroupIdSelector:
description: SecurityGroupIDsSelector selects references to SecurityGroupID
used to set the SecurityGroupIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
securityGroupIds:
description: SecurityGroupIDs is the list of IDs for the SecurityGroups.
items:
type: string
type: array
subnetIdRefs:
description: SubnetIDRefs is a list of references to Subnets used
to set the SubnetIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
subnetIdSelector:
description: SubnetIDsSelector selects references to Subnets used
to set the SubnetIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
subnetIds:
description: SecurityGroupIDs is the list of IDs for the SecurityGroups.
items:
type: string
type: array
tags:
additionalProperties:
type: string
type: object
required:
- name
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: VPCLinkStatus defines the observed state of VPCLink.
properties:
atProvider:
description: VPCLinkObservation defines the observed state of VPCLink
properties:
createdDate:
format: date-time
type: string
securityGroupIDs:
items:
type: string
type: array
subnetIDs:
items:
type: string
type: array
vpcLinkID:
type: string
vpcLinkStatus:
type: string
vpcLinkStatusMessage:
type: string
vpcLinkVersion:
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: workgroups.athena.aws.crossplane.io
spec:
group: athena.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: WorkGroup
listKind: WorkGroupList
plural: workgroups
singular: workgroup
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: WorkGroup is the Schema for the WorkGroups API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: WorkGroupSpec defines the desired state of WorkGroup
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: WorkGroupParameters defines the desired state of WorkGroup
properties:
configuration:
description: The configuration for the workgroup, which includes
the location in Amazon S3 where query results are stored, the
encryption configuration, if any, used for encrypting query
results, whether the Amazon CloudWatch Metrics are enabled for
the workgroup, the limit for the amount of bytes scanned (cutoff)
per query, if it is specified, and whether workgroup's settings
(specified with EnforceWorkGroupConfiguration) in the WorkGroupConfiguration
override client-side settings. See WorkGroupConfiguration$EnforceWorkGroupConfiguration.
properties:
bytesScannedCutoffPerQuery:
format: int64
type: integer
enforceWorkGroupConfiguration:
type: boolean
engineVersion:
description: The Athena engine version for running queries.
properties:
effectiveEngineVersion:
type: string
selectedEngineVersion:
type: string
type: object
publishCloudWatchMetricsEnabled:
type: boolean
requesterPaysEnabled:
type: boolean
resultConfiguration:
description: The location in Amazon S3 where query results
are stored and the encryption option, if any, used for query
results. These are known as "client-side settings". If workgroup
settings override client-side settings, then the query uses
the workgroup settings.
properties:
encryptionConfiguration:
description: If query results are encrypted in Amazon
S3, indicates the encryption option used (for example,
SSE-KMS or CSE-KMS) and key information.
properties:
encryptionOption:
type: string
kmsKey:
type: string
type: object
outputLocation:
type: string
type: object
type: object
description:
description: The workgroup description.
type: string
region:
description: Region is which region the WorkGroup will be created.
type: string
tags:
description: A list of comma separated tags to add to the workgroup
that is created.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: WorkGroupStatus defines the observed state of WorkGroup.
properties:
atProvider:
description: WorkGroupObservation defines the observed state of WorkGroup
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: providers.aws.crossplane.io
spec:
group: aws.crossplane.io
names:
categories:
- crossplane
- provider
- aws
kind: Provider
listKind: ProviderList
plural: providers
singular: provider
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .spec.region
name: REGION
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
- jsonPath: .spec.credentialsSecretRef.name
name: SECRET-NAME
priority: 1
type: string
name: v1alpha3
schema:
openAPIV3Schema:
description: 'A Provider configures an AWS ''provider'', i.e. a connection
to a particular AWS account using a particular AWS IAM role. Deprecated:
Please migrate to ProviderConfig.'
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A ProviderSpec defines the desired state of a Provider.
properties:
credentialsSecretRef:
description: CredentialsSecretRef references a specific secret's key
that contains the credentials that are used to connect to the provider.
properties:
key:
description: The key to select.
type: string
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- key
- name
- namespace
type: object
region:
description: Region for managed resources created using this AWS provider.
type: string
useServiceAccount:
description: "UseServiceAccount indicates to use an IAM Role associated
Kubernetes ServiceAccount for authentication instead of a credentials
Secret. https://docs.aws.amazon.com/eks/latest/userguide/iam-roles-for-service-accounts.html
\n If set to true, credentialsSecretRef will be ignored."
type: boolean
required:
- region
type: object
required:
- spec
type: object
served: true
storage: true
subresources: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha3
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: providerconfigs.aws.crossplane.io
spec:
group: aws.crossplane.io
names:
categories:
- crossplane
- provider
- aws
kind: ProviderConfig
listKind: ProviderConfigList
plural: providerconfigs
singular: providerconfig
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
- jsonPath: .spec.credentialsSecretRef.name
name: SECRET-NAME
priority: 1
type: string
name: v1beta1
schema:
openAPIV3Schema:
description: A ProviderConfig configures how AWS controllers will connect
to AWS API.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A ProviderConfigSpec defines the desired state of a ProviderConfig.
properties:
assumeRoleARN:
description: AssumeRoleARN to assume with provider credentials
type: string
credentials:
description: Credentials required to authenticate to this provider.
properties:
env:
description: Env is a reference to an environment variable that
contains credentials that must be used to connect to the provider.
properties:
name:
description: Name is the name of an environment variable.
type: string
required:
- name
type: object
fs:
description: Fs is a reference to a filesystem location that contains
credentials that must be used to connect to the provider.
properties:
path:
description: Path is a filesystem path.
type: string
required:
- path
type: object
secretRef:
description: A SecretRef is a reference to a secret key that contains
the credentials that must be used to connect to the provider.
properties:
key:
description: The key to select.
type: string
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- key
- name
- namespace
type: object
source:
description: Source of the provider credentials.
enum:
- None
- Secret
- InjectedIdentity
- Environment
- Filesystem
type: string
required:
- source
type: object
endpoint:
description: Endpoint is where you can override the default endpoint
configuration of AWS calls made by the provider.
properties:
hostnameImmutable:
description: "Specifies if the endpoint's hostname can be modified
by the SDK's API client. \n If the hostname is mutable the SDK
API clients may modify any part of the hostname based on the
requirements of the API, (e.g. adding, or removing content in
the hostname). Such as, Amazon S3 API client prefixing \"bucketname\"
to the hostname, or changing the hostname service name component
from \"s3.\" to \"s3-accesspoint.dualstack.\" for the dualstack
endpoint of an S3 Accesspoint resource. \n Care should be taken
when providing a custom endpoint for an API. If the endpoint
hostname is mutable, and the client cannot modify the endpoint
correctly, the operation call will most likely fail, or have
undefined behavior. \n If hostname is immutable, the SDK API
clients will not modify the hostname of the URL. This may cause
the API client not to function correctly if the API requires
the operation specific hostname values to be used by the client.
\n This flag does not modify the API client's behavior if this
endpoint will be used instead of Endpoint Discovery, or if the
endpoint will be used to perform Endpoint Discovery. That behavior
is configured via the API Client's Options. Note that this is
effective only for resources that use AWS SDK v2."
type: boolean
partitionId:
description: The AWS partition the endpoint belongs to.
type: string
signingMethod:
description: The signing method that should be used for signing
the requests to the endpoint.
type: string
signingName:
description: The service name that should be used for signing
the requests to the endpoint.
type: string
signingRegion:
description: The region that should be used for signing the request
to the endpoint. For IAM, which doesn't have any region, us-east-1
is used to sign the requests, which is the only signing region
of IAM.
type: string
source:
description: The source of the Endpoint. By default, this will
be ServiceMetadata. When providing a custom endpoint, you should
set the source as Custom. If source is not provided when providing
a custom endpoint, the SDK may not perform required host mutations
correctly. Source should be used along with HostnameImmutable
property as per the usage requirement. Note that this is effective
only for resources that use AWS SDK v2.
enum:
- ServiceMetadata
- Custom
type: string
url:
description: URL lets you configure the endpoint URL to be used
in SDK calls.
properties:
dynamic:
description: Dynamic lets you configure the behavior of endpoint
URL resolver.
properties:
host:
description: Host is the address of the main host that
the resolver will use to prepend protocol, service and
region configurations. For example, the final URL for
EC2 in us-east-1 looks like https://ec2.us-east-1.amazonaws.com
You would need to use "amazonaws.com" as Host and "https"
as protocol to have the resolver construct it.
type: string
protocol:
description: Protocol is the HTTP protocol that will be
used in the URL. Currently, only http and https are
supported.
enum:
- http
- https
type: string
required:
- host
- protocol
type: object
static:
description: Static is the full URL you'd like the AWS SDK
to use. Recommended for using tools like localstack where
a single host is exposed for all services and regions.
type: string
type:
description: You can provide a static URL that will be used
regardless of the service and region by choosing Static
type. Alternatively, you can provide configuration for dynamically
resolving the URL with the config you provide once you set
the type as Dynamic.
enum:
- Static
- Dynamic
type: string
required:
- type
type: object
required:
- url
type: object
required:
- credentials
type: object
status:
description: A ProviderConfigStatus represents the status of a ProviderConfig.
properties:
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
users:
description: Users of this provider configuration.
format: int64
type: integer
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: providerconfigusages.aws.crossplane.io
spec:
group: aws.crossplane.io
names:
categories:
- crossplane
- provider
- aws
kind: ProviderConfigUsage
listKind: ProviderConfigUsageList
plural: providerconfigusages
singular: providerconfigusage
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
- jsonPath: .providerConfigRef.name
name: CONFIG-NAME
type: string
- jsonPath: .resourceRef.kind
name: RESOURCE-KIND
type: string
- jsonPath: .resourceRef.name
name: RESOURCE-NAME
type: string
name: v1beta1
schema:
openAPIV3Schema:
description: A ProviderConfigUsage indicates that a resource is using a ProviderConfig.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
providerConfigRef:
description: ProviderConfigReference to the provider config being used.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
resourceRef:
description: ResourceReference to the managed resource using the provider
config.
properties:
apiVersion:
description: APIVersion of the referenced object.
type: string
kind:
description: Kind of the referenced object.
type: string
name:
description: Name of the referenced object.
type: string
uid:
description: UID of the referenced object.
type: string
required:
- apiVersion
- kind
- name
type: object
required:
- providerConfigRef
- resourceRef
type: object
served: true
storage: true
subresources: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: cacheclusters.cache.aws.crossplane.io
spec:
group: cache.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: CacheCluster
listKind: CacheClusterList
plural: cacheclusters
singular: cachecluster
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.atProvider.cacheClusterStatus
name: STATUS
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: A CacheCluster is a managed resource that represents an AWS ElastiCache
Cache Cluster.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A CacheClusterSpec defines the desired state of a CacheCluster.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: 'CacheClusterParameters define the desired state of an
AWS ElastiCache Cache Cluster. Most fields map directly to an AWS
ReplicationGroup: https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateReplicationGroup.html#API_CreateReplicationGroup_RequestParameters'
properties:
applyImmediately:
description: If true, this parameter causes the modifications
in this request and any pending modifications to be applied,
asynchronously and as soon as possible, regardless of the PreferredMaintenanceWindow
setting for the cluster. If false, changes to the cluster are
applied on the next maintenance reboot, or the next failure
reboot, whichever occurs first.
type: boolean
authToken:
description: The password used to access a password protected
server.
type: string
authTokenUpdateStrategy:
description: 'Specifies the strategy to use to update the AUTH
token. This parameter must be specified with the auth-token
parameter. Possible values:'
type: string
azMode:
description: Specifies whether the nodes in this Memcached cluster
are created in a single Availability Zone or created across
multiple Availability Zones in the cluster's region. This parameter
is only supported for Memcached clusters.
type: string
cacheNodeIdsToRemove:
description: A list of cache node IDs to be removed.
items:
type: string
type: array
cacheNodeType:
description: The compute and memory capacity of the nodes in the
node group (shard).
type: string
cacheParameterGroupName:
description: The name of the parameter group to associate with
this cluster. If this argument is omitted, the default parameter
group for the specified engine is used.
type: string
cacheSecurityGroupNames:
description: A list of security group names to associate with
this cluster.
items:
type: string
type: array
cacheSubnetGroupName:
description: The name of the subnet group to be used for the cluster.
type: string
cacheSubnetGroupNameRef:
description: A referencer to retrieve the name of a CacheSubnetGroup
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
cacheSubnetGroupNameSelector:
description: A selector to select a referencer to retrieve the
name of a CacheSubnetGroup
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
engine:
description: The name of the cache engine to be used for this
cluster.
type: string
engineVersion:
description: The version number of the cache engine to be used
for this cluster.
type: string
notificationTopicArn:
description: The Amazon Resource Name (ARN) of the Amazon Simple
Notification Service (SNS) topic to which notifications are
sent.
type: string
numCacheNodes:
description: The initial number of cache nodes that the cluster
has.
format: int32
type: integer
port:
description: The port number on which each of the cache nodes
accepts connections.
format: int32
type: integer
preferredAvailabilityZone:
description: 'The EC2 Availability Zone in which the cluster is
created. Default: System chosen Availability Zone.'
type: string
preferredAvailabilityZones:
description: A list of the Availability Zones in which cache nodes
are created.
items:
type: string
type: array
preferredMaintenanceWindow:
description: Specifies the weekly time range during which maintenance
on the cluster is performed.
type: string
region:
description: Region is the region you'd like your CacheSubnetGroup
to be created in.
type: string
replicationGroupId:
description: The ID of the replication group to which this cluster
should belong.
type: string
securityGroupIDRefs:
description: A referencer to retrieve the ID of a Security group
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
securityGroupIDSelector:
description: A selector to select a referencer to retrieve the
ID of a Security Group
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
securityGroupIds:
description: One or more VPC security groups associated with the
cluster.
items:
type: string
type: array
snapshotArns:
description: A single-element string list containing an Amazon
Resource Name (ARN) that uniquely identifies a Redis RDB snapshot
file stored in Amazon S3.
items:
type: string
type: array
snapshotName:
description: The name of a Redis snapshot from which to restore
data into the new node group (shard).
type: string
snapshotRetentionLimit:
description: The number of days for which ElastiCache retains
automatic snapshots before deleting them.
format: int32
type: integer
snapshotWindow:
description: The daily time range (in UTC) during which ElastiCache
begins taking a daily snapshot of your node group (shard).
type: string
tags:
description: A list of cost allocation tags to be added to this
resource.
items:
description: A Tag is used to tag the ElastiCache resources
in AWS.
properties:
key:
description: Key for the tag.
type: string
value:
description: Value of the tag.
type: string
required:
- key
type: object
type: array
required:
- cacheNodeType
- numCacheNodes
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: A CacheClusterStatus defines the observed state of a CacheCluster.
properties:
atProvider:
description: CacheClusterObservation contains the observation of the
status of the given Cache Cluster.
properties:
atRestEncryptionEnabled:
description: 'A flag that enables encryption at-rest when set
to true. Default: false'
type: boolean
authTokenEnabled:
description: 'A flag that enables using an AuthToken (password)
when issuing Redis commands. Default: false'
type: boolean
cacheClusterStatus:
description: The current state of this cluster.
type: string
cacheNodes:
description: A list of cache nodes that are members of the cluster.
items:
description: CacheNode represents a node in the cluster
properties:
cacheNodeId:
description: The cache node identifier.
type: string
cacheNodeStatus:
description: 'The current state of this cache node, one
of the following values: available, creating, deleted,
deleting, incompatible-network, modifying, rebooting cluster
nodes, restore-failed, or snapshotting.'
type: string
customerAvailabilityZone:
description: The Availability Zone where this node was created
and now resides.
type: string
endpoint:
description: The hostname for connecting to this cache node.
properties:
address:
description: Address is the DNS hostname of the cache
node.
type: string
port:
description: Port number that the cache engine is listening
on.
type: integer
type: object
parameterGroupStatus:
description: The status of the parameter group applied to
this cache node.
type: string
sourceCacheNodeId:
description: The ID of the primary node to which this read
replica node is synchronized.
type: string
type: object
type: array
cacheParameterGroup:
description: Status of the cache parameter group.
properties:
cacheNodeIdsToReboot:
description: A list of the cache node IDs which need to be
rebooted for parameter changes to be applied.
items:
type: string
type: array
cacheParameterGroupName:
description: The name of the cache parameter group.
type: string
parameterApplyStatus:
description: The status of parameter updates.
type: string
type: object
clientDownloadLandingPage:
description: The URL of the web page where you can download the
latest ElastiCache client library.
type: string
configurationEndpoint:
description: Represents a Memcached cluster endpoint which, if
Automatic Discovery is enabled on the cluster, can be used by
an application to connect to any node in the cluster. The configuration
endpoint will always have .cfg in it.
properties:
address:
description: Address is the DNS hostname of the cache node.
type: string
port:
description: Port number that the cache engine is listening
on.
type: integer
type: object
notificationConfiguration:
description: Describes a notification topic and its status. Notification
topics are used for publishing ElastiCache events to subscribers
using Amazon Simple Notification Service (SNS).
properties:
topicArn:
description: The Amazon Resource Name (ARN) that identifies
the topic.
type: string
topicStatus:
description: The current state of the topic.
type: string
type: object
pendingModifiedValues:
description: A group of settings that are applied to the cluster
in the future, or that are currently being applied.
properties:
authTokenStatus:
description: The auth token status
type: string
cacheNodeIdsToRemove:
description: A list of cache node IDs that are being removed
(or will be removed) from the cluster.
items:
type: string
type: array
cacheNodeType:
description: The cache node type that this cluster or replication
group is scaled to.
type: string
engineVersion:
description: The new cache engine version that the cluster
runs.
type: string
numCacheNodes:
description: The new number of cache nodes for the cluster.
format: int64
type: integer
type: object
transitEncryptionEnabled:
description: A flag that enables in-transit encryption when set
to true.
type: boolean
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: cachesubnetgroups.cache.aws.crossplane.io
spec:
group: cache.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: CacheSubnetGroup
listKind: CacheSubnetGroupList
plural: cachesubnetgroups
singular: cachesubnetgroup
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.atProvider.vpcId
name: VPCID
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: A CacheSubnetGroup is a managed resource that represents an AWS
Subnet Group for ElasticCache.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A CacheSubnetGroupSpec defines the desired state of a CacheSubnetGroup.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: CacheSubnetGroupParameters define the desired state of
an AWS ElasticCache Subnet Group.
properties:
description:
description: A description for the cache subnet group.
type: string
region:
description: Region is the region you'd like your CacheSubnetGroup
to be created in.
type: string
subnetIdRefs:
description: SubnetIDRefs references to a Subnet to and retrieves
its SubnetID
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
subnetIdSelector:
description: SubnetIDSelector selects a set of references that
each retrieve the subnetID from the referenced Subnet
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
subnetIds:
description: A list of Subnet IDs for the cache subnet group.
items:
type: string
type: array
required:
- description
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: A CacheSubnetGroupStatus represents the observed state of
a Subnet Group.
properties:
atProvider:
description: CacheSubnetGroupExternalStatus keeps the state for the
external resource
properties:
vpcId:
description: The Amazon Virtual Private Cloud identifier (VPC
ID) of the cache subnet group.
type: string
required:
- vpcId
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: replicationgroups.cache.aws.crossplane.io
spec:
group: cache.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: ReplicationGroup
listKind: ReplicationGroupList
plural: replicationgroups
singular: replicationgroup
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .status.atProvider.status
name: STATE
type: string
- jsonPath: .spec.forProvider.engineVersion
name: VERSION
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: A ReplicationGroup is a managed resource that represents an AWS
ElastiCache Replication Group.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A ReplicationGroupSpec defines the desired state of a ReplicationGroup.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: 'ReplicationGroupParameters define the desired state
of an AWS ElastiCache Replication Group. Most fields map directly
to an AWS ReplicationGroup: https://docs.aws.amazon.com/AmazonElastiCache/latest/APIReference/API_CreateReplicationGroup.html#API_CreateReplicationGroup_RequestParameters'
properties:
applyModificationsImmediately:
description: "If true, this parameter causes the modifications
in this request and any pending modifications to be applied,
asynchronously and as soon as possible, regardless of the PreferredMaintenanceWindow
setting for the replication group. \n If false, changes to the
nodes in the replication group are applied on the next maintenance
reboot, or the next failure reboot, whichever occurs first."
type: boolean
atRestEncryptionEnabled:
description: "AtRestEncryptionEnabled enables encryption at rest
when set to true. \n You cannot modify the value of AtRestEncryptionEnabled
after the replication group is created. To enable encryption
at rest on a replication group you must set AtRestEncryptionEnabled
to true when you create the replication group. \n Only available
when creating a replication group in an Amazon VPC using redis
version 3.2.6 or 4.x."
type: boolean
authEnabled:
description: "AuthEnabled enables mandatory authentication when
connecting to the managed replication group. AuthEnabled requires
TransitEncryptionEnabled to be true. \n While ReplicationGroupSpec
mirrors the fields of the upstream replication group object
as closely as possible, we expose a boolean here rather than
requiring the operator pass in a string authentication token.
Crossplane will generate a token automatically and expose it
via a Secret."
type: boolean
automaticFailoverEnabled:
description: "AutomaticFailoverEnabled specifies whether a read-only
replica is automatically promoted to read/write primary if the
existing primary fails. If true, Multi-AZ is enabled for this
replication group. If false, Multi-AZ is disabled for this replication
group. \n AutomaticFailoverEnabled must be enabled for Redis
(cluster mode enabled) replication groups. \n Amazon ElastiCache
for Redis does not support Multi-AZ with automatic failover
on: * Redis versions earlier than 2.8.6. * Redis (cluster mode
disabled): T1 and T2 cache node types. * Redis (cluster mode
enabled): T1 node types."
type: boolean
cacheNodeType:
description: 'CacheNodeType specifies the compute and memory capacity
of the nodes in the node group (shard). For a complete listing
of node types and specifications, see: * Amazon ElastiCache
Product Features and Details (http://aws.amazon.com/elasticache/details)
* Cache Node Type-Specific Parameters for Memcached (http://docs.aws.amazon.com/AmazonElastiCache/latest/mem-ug/ParameterGroups.Memcached.html#ParameterGroups.Memcached.NodeSpecific)
* Cache Node Type-Specific Parameters for Redis (http://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/ParameterGroups.Redis.html#ParameterGroups.Redis.NodeSpecific)'
type: string
cacheParameterGroupName:
description: "CacheParameterGroupName specifies the name of the
parameter group to associate with this replication group. If
this argument is omitted, the default cache parameter group
for the specified engine is used. \n If you are running Redis
version 3.2.4 or later, only one node group (shard), and want
to use a default parameter group, we recommend that you specify
the parameter group by name. * To create a Redis (cluster mode
disabled) replication group, use CacheParameterGroupName=default.redis3.2.
* To create a Redis (cluster mode enabled) replication group,
use CacheParameterGroupName=default.redis3.2.cluster.on."
type: string
cacheSecurityGroupNameRefs:
description: CacheSecurityGroupNameRefs are references to SecurityGroups
used to set the CacheSecurityGroupNames.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
cacheSecurityGroupNameSelector:
description: CacheSecurityGroupNameSelector selects references
to SecurityGroups.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
cacheSecurityGroupNames:
description: CacheSecurityGroupNames specifies a list of cache
security group names to associate with this replication group.
Only for EC2-Classic mode.
items:
type: string
type: array
cacheSubnetGroupName:
description: CacheSubnetGroupName specifies the name of the cache
subnet group to be used for the replication group. If you're
going to launch your cluster in an Amazon VPC, you need to create
a subnet group before you start creating a cluster. For more
information, see Subnets and Subnet Groups (http://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/SubnetGroups.html).
type: string
cacheSubnetGroupNameRef:
description: CacheSubnetGroupNameRef is a reference to a Subnet
Group used to set the CacheSubnetGroupName.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
cacheSubnetGroupNameRefs:
description: "DeprecatedCacheSubnetGroupNameRef is a reference
to a Subnet Group used to set the CacheSubnetGroupName. \n Deprecated:
Use CacheSubnetGroupNameRef. This field exists because we introduced
it with the JSON tag cacheSubnetGroupNameRefs (plural) when
it should have been cacheSubnetGroupNameRef (singular). This
is a bug that we need to avoid a breaking change to this v1beta1
API."
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
cacheSubnetGroupNameSelector:
description: CacheSubnetGroupNameSelector selects a reference
to a CacheSubnetGroup.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
engine:
description: Engine is the name of the cache engine (memcached
or redis) to be used for the clusters in this replication group.
type: string
engineVersion:
description: "EngineVersion specifies the version number of the
cache engine to be used for the clusters in this replication
group. To view the supported cache engine versions, use the
DescribeCacheEngineVersions operation. \n Important: You can
upgrade to a newer engine version (see Selecting a Cache Engine
and Version (http://docs.aws.amazon.com/AmazonElastiCache/latest/red-ug/SelectEngine.html#VersionManagement))
in the ElastiCache User Guide, but you cannot downgrade to an
earlier engine version. If you want to use an earlier engine
version, you must delete the existing cluster or replication
group and create it anew with the earlier engine version."
type: string
nodeGroupConfiguration:
description: "NodeGroupConfigurationSpec specifies a list of node
group (shard) configuration options. \n If you're creating a
Redis (cluster mode disabled) or a Redis (cluster mode enabled)
replication group, you can use this parameter to individually
configure each node group (shard), or you can omit this parameter.
However, when seeding a Redis (cluster mode enabled) cluster
from a S3 rdb file, you must configure each node group (shard)
using this parameter because you must specify the slots for
each node group."
items:
description: A NodeGroupConfigurationSpec specifies the desired
state of a node group.
properties:
primaryAvailabilityZone:
description: PrimaryAvailabilityZone specifies the Availability
Zone where the primary node of this node group (shard)
is launched.
type: string
replicaAvailabilityZones:
description: ReplicaAvailabilityZones specifies a list of
Availability Zones to be used for the read replicas. The
number of Availability Zones in this list must match the
value of ReplicaCount or ReplicasPerNodeGroup if not specified.
items:
type: string
type: array
replicaCount:
description: ReplicaCount specifies the number of read replica
nodes in this node group (shard).
type: integer
slots:
description: "Slots specifies the keyspace for a particular
node group. Keyspaces range from 0 to 16,383. The string
is in the format startkey-endkey. \n Example: \"0-3999\""
type: string
type: object
type: array
notificationTopicArn:
description: NotificationTopicARN specifies the Amazon Resource
Name (ARN) of the Amazon Simple Notification Service (SNS) topic
to which notifications are sent. The Amazon SNS topic owner
must be the same as the cluster owner.
type: string
notificationTopicStatus:
description: "NotificationTopicStatus is the status of the Amazon
SNS notification topic for the replication group. Notifications
are sent only if the status is active. \n Valid values: active
| inactive"
type: string
numCacheClusters:
description: "NumCacheClusters specifies the number of clusters
this replication group initially has. This parameter is not
used if there is more than one node group (shard). You should
use ReplicasPerNodeGroup instead. \n If AutomaticFailoverEnabled
is true, the value of this parameter must be at least 2. If
AutomaticFailoverEnabled is false you can omit this parameter
(it will default to 1), or you can explicitly set it to a value
between 2 and 6. \n The maximum permitted value for NumCacheClusters
is 6 (1 primary plus 5 replicas)."
type: integer
numNodeGroups:
description: "NumNodeGroups specifies the number of node groups
(shards) for this Redis (cluster mode enabled) replication group.
For Redis (cluster mode disabled) either omit this parameter
or set it to 1. \n Default: 1"
type: integer
port:
description: Port number on which each member of the replication
group accepts connections.
type: integer
preferredCacheClusterAzs:
description: "PreferredCacheClusterAZs specifies a list of EC2
Availability Zones in which the replication group's clusters
are created. The order of the Availability Zones in the list
is the order in which clusters are allocated. The primary cluster
is created in the first AZ in the list. \n This parameter is
not used if there is more than one node group (shard). You should
use NodeGroupConfigurationSpec instead. \n If you are creating
your replication group in an Amazon VPC (recommended), you can
only locate clusters in Availability Zones associated with the
subnets in the selected subnet group. \n The number of Availability
Zones listed must equal the value of NumCacheClusters. \n Default:
system chosen Availability Zones."
items:
type: string
type: array
preferredMaintenanceWindow:
description: "PreferredMaintenanceWindow specifies the weekly
time range during which maintenance on the cluster is performed.
It is specified as a range in the format ddd:hh24:mi-ddd:hh24:mi
(24H Clock UTC). The minimum maintenance window is a 60 minute
period. \n Example: sun:23:00-mon:01:30"
type: string
primaryClusterId:
description: "PrimaryClusterId is the identifier of the cluster
that serves as the primary for this replication group. This
cluster must already exist and have a status of available. \n
This parameter is not required if NumCacheClusters, NumNodeGroups
or ReplicasPerNodeGroup is specified."
type: string
region:
description: Region is the region you'd like your ReplicationGroup
to be created in.
type: string
replicasPerNodeGroup:
description: ReplicasPerNodeGroup specifies the number of replica
nodes in each node group (shard). Valid values are 0 to 5.
type: integer
replicationGroupDescription:
description: ReplicationGroupDescription is the description for
the replication group.
type: string
securityGroupIdRefs:
description: SecurityGroupIDRefs are references to SecurityGroups
used to set the SecurityGroupIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
securityGroupIdSelector:
description: SecurityGroupIDSelector selects references to SecurityGroups
used to set the SecurityGroupIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
securityGroupIds:
description: SecurityGroupIDs specifies one or more Amazon VPC
security groups associated with this replication group. Use
this parameter only when you are creating a replication group
in an Amazon VPC.
items:
type: string
type: array
snapshotArns:
description: 'SnapshotARNs specifies a list of Amazon Resource
Names (ARN) that uniquely identify the Redis RDB snapshot files
stored in Amazon S3. The snapshot files are used to populate
the new replication group. The Amazon S3 object name in the
ARN cannot contain any commas. The new replication group will
have the number of node groups (console: shards) specified by
the parameter NumNodeGroups or the number of node groups configured
by NodeGroupConfigurationSpec regardless of the number of ARNs
specified here.'
items:
type: string
type: array
snapshotName:
description: SnapshotName specifies the name of a snapshot from
which to restore data into the new replication group. The snapshot
status changes to restoring while the new replication group
is being created.
type: string
snapshotRetentionLimit:
description: 'SnapshotRetentionLimit specifies the number of days
for which ElastiCache retains automatic snapshots before deleting
them. For example, if you set SnapshotRetentionLimit to 5, a
snapshot that was taken today is retained for 5 days before
being deleted. Default: 0 (i.e., automatic backups are disabled
for this cluster).'
type: integer
snapshotWindow:
description: "SnapshotWindow specifies the daily time range (in
UTC) during which ElastiCache begins taking a daily snapshot
of your node group (shard). \n Example: 05:00-09:00 \n If you
do not specify this parameter, ElastiCache automatically chooses
an appropriate time range."
type: string
snapshottingClusterID:
description: SnapshottingClusterID is used as the daily snapshot
source for the replication group. This parameter cannot be set
for Redis (cluster mode enabled) replication groups.
type: string
tags:
description: A list of cost allocation tags to be added to this
resource. A tag is a key-value pair.
items:
description: A Tag is used to tag the ElastiCache resources
in AWS.
properties:
key:
description: Key for the tag.
type: string
value:
description: Value of the tag.
type: string
required:
- key
- value
type: object
type: array
transitEncryptionEnabled:
description: "TransitEncryptionEnabled enables in-transit encryption
when set to true. \n You cannot modify the value of TransitEncryptionEnabled
after the cluster is created. To enable in-transit encryption
on a cluster you must TransitEncryptionEnabled to true when
you create a cluster. \n This parameter is valid only if the
Engine parameter is redis, the EngineVersion parameter is 3.2.6
or 4.x, and the cluster is being created in an Amazon VPC. \n
If you enable in-transit encryption, you must also specify a
value for CacheSubnetGroup. \n Required: Only available when
creating a replication group in an Amazon VPC using redis version
3.2.6 or 4.x. \n Default: false \n For HIPAA compliance, you
must specify TransitEncryptionEnabled as true, an AuthToken,
and a CacheSubnetGroup."
type: boolean
required:
- applyModificationsImmediately
- cacheNodeType
- engine
- replicationGroupDescription
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: A ReplicationGroupStatus defines the observed state of a
ReplicationGroup.
properties:
atProvider:
description: ReplicationGroupObservation contains the observation
of the status of the given ReplicationGroup.
properties:
automaticFailoverStatus:
description: AutomaticFailover indicates the status of Multi-AZ
with automatic failover for this Redis replication group.
type: string
clusterEnabled:
description: 'ClusterEnabled is a flag indicating whether or not
this replication group is cluster enabled; i.e., whether its
data can be partitioned across multiple shards (API/CLI: node
groups).'
type: boolean
configurationEndpoint:
description: ConfigurationEndpoint for this replication group.
Use the configuration endpoint to connect to this replication
group.
properties:
address:
description: Address is the DNS hostname of the cache node.
type: string
port:
description: Port number that the cache engine is listening
on.
type: integer
type: object
memberClusters:
description: MemberClusters is the list of names of all the cache
clusters that are part of this replication group.
items:
type: string
type: array
nodeGroups:
description: NodeGroups is a list of node groups in this replication
group. For Redis (cluster mode disabled) replication groups,
this is a single-element list. For Redis (cluster mode enabled)
replication groups, the list contains an entry for each node
group (shard).
items:
description: NodeGroup represents a collection of cache nodes
in a replication group. One node in the node group is the
read/write primary node. All the other nodes are read-only
Replica nodes. Please also see https://docs.aws.amazon.com/goto/WebAPI/elasticache-2015-02-02/NodeGroup
properties:
nodeGroupMembers:
description: NodeGroupMembers is a list containing information
about individual nodes within the node group (shard).
items:
description: NodeGroupMember represents a single node
within a node group (shard). Please also see https://docs.aws.amazon.com/goto/WebAPI/elasticache-2015-02-02/NodeGroupMember
properties:
cacheClusterId:
description: CacheClusterID is the ID of the cluster
to which the node belongs.
type: string
cacheNodeId:
description: CacheNodeID is the ID of the node within
its cluster. A node ID is a numeric identifier (0001,
0002, etc.).
type: string
currentRole:
description: CurrentRole is the role that is currently
assigned to the node - primary or replica. This
member is only applicable for Redis (cluster mode
disabled) replication groups.
type: string
preferredAvailabilityZone:
description: PreferredAvailabilityZone is the name
of the Availability Zone in which the node is located.
type: string
readEndpoint:
description: ReadEndpoint is the information required
for client programs to connect to a node for read
operations. The read endpoint is only applicable
on Redis (cluster mode disabled) clusters.
properties:
address:
description: Address is the DNS hostname of the
cache node.
type: string
port:
description: Port number that the cache engine
is listening on.
type: integer
type: object
type: object
type: array
port:
description: NodeGroupID is the identifier for the node
group (shard). A Redis (cluster mode disabled) replication
group contains only 1 node group; therefore, the node
group ID is 0001. A Redis (cluster mode enabled) replication
group contains 1 to 15 node groups numbered 0001 to 0015.
type: string
primaryEndpoint:
description: PrimaryEndpoint is the endpoint of the primary
node in this node group (shard).
properties:
address:
description: Address is the DNS hostname of the cache
node.
type: string
port:
description: Port number that the cache engine is listening
on.
type: integer
type: object
slots:
description: Slots is the keyspace for this node group (shard).
type: string
status:
description: Status of this replication group - creating,
available, etc.
type: string
type: object
type: array
pendingModifiedValues:
description: PendingModifiedValues is a group of settings to be
applied to the replication group, either immediately or during
the next maintenance window.
properties:
automaticFailoverStatus:
description: AutomaticFailoverStatus indicates the status
of Multi-AZ with automatic failover for this Redis replication
group.
type: string
primaryClusterId:
description: PrimaryClusterID that is applied immediately
or during the next maintenance window.
type: string
resharding:
description: Resharding is the status of an online resharding
operation.
properties:
slotMigration:
description: Represents the progress of an online resharding
operation.
properties:
progressPercentage:
description: ProgressPercentage is the percentage
of the slot migration that is complete.
type: integer
required:
- progressPercentage
type: object
required:
- slotMigration
type: object
type: object
status:
description: Status is the current state of this replication group
- creating, available, modifying, deleting, create-failed, snapshotting.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: cachepolicies.cloudfront.aws.crossplane.io
spec:
group: cloudfront.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: CachePolicy
listKind: CachePolicyList
plural: cachepolicies
singular: cachepolicy
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: CachePolicy is the Schema for the CachePolicies API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: CachePolicySpec defines the desired state of CachePolicy
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: CachePolicyParameters defines the desired state of CachePolicy
properties:
cachePolicyConfig:
description: A cache policy configuration.
properties:
comment:
type: string
defaultTTL:
format: int64
type: integer
maxTTL:
format: int64
type: integer
minTTL:
format: int64
type: integer
name:
type: string
parametersInCacheKeyAndForwardedToOrigin:
description: "This object determines the values that CloudFront
includes in the cache key. These values can include HTTP
headers, cookies, and URL query strings. CloudFront uses
the cache key to find an object in its cache that it can
return to the viewer. \n The headers, cookies, and query
strings that are included in the cache key are automatically
included in requests that CloudFront sends to the origin.
CloudFront sends a request when it can’t find an object
in its cache that matches the request’s cache key. If you
want to send values to the origin but not include them in
the cache key, use OriginRequestPolicy."
properties:
cookiesConfig:
description: An object that determines whether any cookies
in viewer requests (and if so, which cookies) are included
in the cache key and automatically included in requests
that CloudFront sends to the origin.
properties:
cookieBehavior:
type: string
cookies:
description: Contains a list of cookie names.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
enableAcceptEncodingBrotli:
type: boolean
enableAcceptEncodingGzip:
type: boolean
headersConfig:
description: An object that determines whether any HTTP
headers (and if so, which headers) are included in the
cache key and automatically included in requests that
CloudFront sends to the origin.
properties:
headerBehavior:
type: string
headers:
description: Contains a list of HTTP header names.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
queryStringsConfig:
description: An object that determines whether any URL
query strings in viewer requests (and if so, which query
strings) are included in the cache key and automatically
included in requests that CloudFront sends to the origin.
properties:
queryStringBehavior:
type: string
queryStrings:
description: Contains a list of query string names.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
type: object
type: object
region:
description: Region is which region the CachePolicy will be created.
type: string
required:
- cachePolicyConfig
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: CachePolicyStatus defines the observed state of CachePolicy.
properties:
atProvider:
description: CachePolicyObservation defines the observed state of
CachePolicy
properties:
cachePolicy:
description: A cache policy.
properties:
cachePolicyConfig:
description: "A cache policy configuration. \n This configuration
determines the following: \n * The values that CloudFront
includes in the cache key. These values can include HTTP
headers, cookies, and URL query strings. CloudFront uses
\ the cache key to find an object in its cache that it
can return to the viewer. \n * The default, minimum,
and maximum time to live (TTL) values that you want objects
to stay in the CloudFront cache. \n The headers, cookies,
and query strings that are included in the cache key are
automatically included in requests that CloudFront sends
to the origin. CloudFront sends a request when it can’t
find a valid object in its cache that matches the request’s
cache key. If you want to send values to the origin but
not include them in the cache key, use OriginRequestPolicy."
properties:
comment:
type: string
defaultTTL:
format: int64
type: integer
maxTTL:
format: int64
type: integer
minTTL:
format: int64
type: integer
name:
type: string
parametersInCacheKeyAndForwardedToOrigin:
description: "This object determines the values that CloudFront
includes in the cache key. These values can include
HTTP headers, cookies, and URL query strings. CloudFront
uses the cache key to find an object in its cache that
it can return to the viewer. \n The headers, cookies,
and query strings that are included in the cache key
are automatically included in requests that CloudFront
sends to the origin. CloudFront sends a request when
it can’t find an object in its cache that matches the
request’s cache key. If you want to send values to the
origin but not include them in the cache key, use OriginRequestPolicy."
properties:
cookiesConfig:
description: An object that determines whether any
cookies in viewer requests (and if so, which cookies)
are included in the cache key and automatically
included in requests that CloudFront sends to the
origin.
properties:
cookieBehavior:
type: string
cookies:
description: Contains a list of cookie names.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
enableAcceptEncodingBrotli:
type: boolean
enableAcceptEncodingGzip:
type: boolean
headersConfig:
description: An object that determines whether any
HTTP headers (and if so, which headers) are included
in the cache key and automatically included in requests
that CloudFront sends to the origin.
properties:
headerBehavior:
type: string
headers:
description: Contains a list of HTTP header names.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
queryStringsConfig:
description: An object that determines whether any
URL query strings in viewer requests (and if so,
which query strings) are included in the cache key
and automatically included in requests that CloudFront
sends to the origin.
properties:
queryStringBehavior:
type: string
queryStrings:
description: Contains a list of query string names.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
type: object
type: object
id:
type: string
lastModifiedTime:
format: date-time
type: string
type: object
eTag:
description: The current version of the cache policy.
type: string
location:
description: The fully qualified URI of the cache policy just
created.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: cloudfrontoriginaccessidentities.cloudfront.aws.crossplane.io
spec:
group: cloudfront.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: CloudFrontOriginAccessIdentity
listKind: CloudFrontOriginAccessIdentityList
plural: cloudfrontoriginaccessidentities
singular: cloudfrontoriginaccessidentity
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: CloudFrontOriginAccessIdentity is the Schema for the CloudFrontOriginAccessIdentities
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: CloudFrontOriginAccessIdentitySpec defines the desired state
of CloudFrontOriginAccessIdentity
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: CloudFrontOriginAccessIdentityParameters defines the
desired state of CloudFrontOriginAccessIdentity
properties:
cloudFrontOriginAccessIdentityConfig:
description: The current configuration information for the identity.
properties:
comment:
type: string
type: object
region:
description: Region is which region the CloudFrontOriginAccessIdentity
will be created.
type: string
required:
- cloudFrontOriginAccessIdentityConfig
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: CloudFrontOriginAccessIdentityStatus defines the observed
state of CloudFrontOriginAccessIdentity.
properties:
atProvider:
description: CloudFrontOriginAccessIdentityObservation defines the
observed state of CloudFrontOriginAccessIdentity
properties:
cloudFrontOriginAccessIdentity:
description: The origin access identity's information.
properties:
cloudFrontOriginAccessIdentityConfig:
description: Origin access identity configuration. Send a
GET request to the /CloudFront API version/CloudFront/identity
ID/config resource.
properties:
comment:
type: string
type: object
id:
type: string
s3CanonicalUserID:
type: string
type: object
eTag:
description: The current version of the origin access identity
created.
type: string
location:
description: The fully qualified URI of the new origin access
identity just created.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: distributions.cloudfront.aws.crossplane.io
spec:
group: cloudfront.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Distribution
listKind: DistributionList
plural: distributions
singular: distribution
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Distribution is the Schema for the Distributions API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DistributionSpec defines the desired state of Distribution
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: DistributionParameters defines the desired state of Distribution
properties:
distributionConfig:
description: The distribution's configuration information.
properties:
aliases:
description: A complex type that contains information about
CNAMEs (alternate domain names), if any, for this distribution.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
cacheBehaviors:
description: A complex type that contains zero or more CacheBehavior
elements.
properties:
items:
items:
properties:
allowedMethods:
description: "A complex type that controls which
HTTP methods CloudFront processes and forwards
to your Amazon S3 bucket or your custom origin.
There are three choices: \n * CloudFront forwards
only GET and HEAD requests. \n * CloudFront
forwards only GET, HEAD, and OPTIONS requests.
\n * CloudFront forwards GET, HEAD, OPTIONS,
PUT, PATCH, POST, and DELETE requests. \n If
you pick the third choice, you may need to restrict
access to your Amazon S3 bucket or to your custom
origin so users can't perform operations that
you don't want them to. For example, you might
not want users to have permissions to delete objects
from your origin."
properties:
cachedMethods:
description: "A complex type that controls whether
CloudFront caches the response to requests
using the specified HTTP methods. There are
two choices: \n * CloudFront caches responses
to GET and HEAD requests. \n * CloudFront
caches responses to GET, HEAD, and OPTIONS
requests. \n If you pick the second choice
for your Amazon S3 Origin, you may need to
forward Access-Control-Request-Method, Access-Control-Request-Headers,
and Origin headers for the responses to be
cached correctly."
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
cachePolicyID:
type: string
compress:
type: boolean
defaultTTL:
format: int64
type: integer
fieldLevelEncryptionID:
type: string
forwardedValues:
description: "This field is deprecated. We recommend
that you use a cache policy or an origin request
policy instead of this field. \n If you want to
include values in the cache key, use a cache policy.
For more information, see Creating cache policies
(https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy)
in the Amazon CloudFront Developer Guide. \n If
you want to send values to the origin but not
include them in the cache key, use an origin request
policy. For more information, see Creating origin
request policies (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy)
in the Amazon CloudFront Developer Guide. \n A
complex type that specifies how CloudFront handles
query strings, cookies, and HTTP headers."
properties:
cookies:
description: "This field is deprecated. We recommend
that you use a cache policy or an origin request
policy instead of this field. \n If you want
to include cookies in the cache key, use CookiesConfig
in a cache policy. See CachePolicy. \n If
you want to send cookies to the origin but
not include them in the cache key, use CookiesConfig
in an origin request policy. See OriginRequestPolicy.
\n A complex type that specifies whether you
want CloudFront to forward cookies to the
origin and, if so, which ones. For more information
about forwarding cookies to the origin, see
Caching Content Based on Cookies (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html)
in the Amazon CloudFront Developer Guide."
properties:
forward:
type: string
whitelistedNames:
description: Contains a list of cookie names.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
headers:
description: Contains a list of HTTP header
names.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
queryString:
type: boolean
queryStringCacheKeys:
description: "This field is deprecated. We recommend
that you use a cache policy or an origin request
policy instead of this field. \n If you want
to include query strings in the cache key,
use QueryStringsConfig in a cache policy.
See CachePolicy. \n If you want to send query
strings to the origin but not include them
in the cache key, use QueryStringsConfig in
an origin request policy. See OriginRequestPolicy.
\n A complex type that contains information
about the query string parameters that you
want CloudFront to use for caching for a cache
behavior."
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
lambdaFunctionAssociations:
description: "A complex type that specifies a list
of Lambda functions associations for a cache behavior.
\n If you want to invoke one or more Lambda functions
triggered by requests that match the PathPattern
of the cache behavior, specify the applicable
values for Quantity and Items. Note that there
can be up to 4 LambdaFunctionAssociation items
in this list (one for each possible value of EventType)
and each EventType can be associated with the
Lambda function only once. \n If you don't want
to invoke any Lambda functions for the requests
that match PathPattern, specify 0 for Quantity
and omit Items."
properties:
items:
items:
properties:
eventType:
type: string
includeBody:
type: boolean
lambdaFunctionARN:
type: string
type: object
type: array
quantity:
format: int64
type: integer
type: object
maxTTL:
format: int64
type: integer
minTTL:
format: int64
type: integer
originRequestPolicyID:
type: string
pathPattern:
type: string
realtimeLogConfigARN:
type: string
smoothStreaming:
type: boolean
targetOriginID:
type: string
trustedKeyGroups:
description: A list of key groups whose public keys
CloudFront can use to verify the signatures of
signed URLs and signed cookies.
properties:
enabled:
type: boolean
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
trustedSigners:
description: A list of AWS accounts whose public
keys CloudFront can use to verify the signatures
of signed URLs and signed cookies.
properties:
enabled:
type: boolean
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
viewerProtocolPolicy:
type: string
type: object
type: array
quantity:
format: int64
type: integer
type: object
comment:
type: string
customErrorResponses:
description: "A complex type that controls: \n * Whether
CloudFront replaces HTTP status codes in the 4xx and 5xx
range with custom error messages before returning the
response to the viewer. \n * How long CloudFront caches
HTTP status codes in the 4xx and 5xx range. \n For more
information about custom error pages, see Customizing Error
Responses (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html)
in the Amazon CloudFront Developer Guide."
properties:
items:
items:
properties:
errorCachingMinTTL:
format: int64
type: integer
errorCode:
format: int64
type: integer
responseCode:
type: string
responsePagePath:
type: string
type: object
type: array
quantity:
format: int64
type: integer
type: object
defaultCacheBehavior:
description: A complex type that describes the default cache
behavior if you don’t specify a CacheBehavior element or
if request URLs don’t match any of the values of PathPattern
in CacheBehavior elements. You must create exactly one default
cache behavior.
properties:
allowedMethods:
description: "A complex type that controls which HTTP
methods CloudFront processes and forwards to your Amazon
S3 bucket or your custom origin. There are three choices:
\n * CloudFront forwards only GET and HEAD requests.
\n * CloudFront forwards only GET, HEAD, and OPTIONS
requests. \n * CloudFront forwards GET, HEAD, OPTIONS,
PUT, PATCH, POST, and DELETE requests. \n If you
pick the third choice, you may need to restrict access
to your Amazon S3 bucket or to your custom origin so
users can't perform operations that you don't want them
to. For example, you might not want users to have permissions
to delete objects from your origin."
properties:
cachedMethods:
description: "A complex type that controls whether
CloudFront caches the response to requests using
the specified HTTP methods. There are two choices:
\n * CloudFront caches responses to GET and HEAD
requests. \n * CloudFront caches responses to
GET, HEAD, and OPTIONS requests. \n If you pick
the second choice for your Amazon S3 Origin, you
may need to forward Access-Control-Request-Method,
Access-Control-Request-Headers, and Origin headers
for the responses to be cached correctly."
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
cachePolicyID:
type: string
compress:
type: boolean
defaultTTL:
format: int64
type: integer
fieldLevelEncryptionID:
type: string
forwardedValues:
description: "This field is deprecated. We recommend that
you use a cache policy or an origin request policy instead
of this field. \n If you want to include values in the
cache key, use a cache policy. For more information,
see Creating cache policies (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy)
in the Amazon CloudFront Developer Guide. \n If you
want to send values to the origin but not include them
in the cache key, use an origin request policy. For
more information, see Creating origin request policies
(https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy)
in the Amazon CloudFront Developer Guide. \n A complex
type that specifies how CloudFront handles query strings,
cookies, and HTTP headers."
properties:
cookies:
description: "This field is deprecated. We recommend
that you use a cache policy or an origin request
policy instead of this field. \n If you want to
include cookies in the cache key, use CookiesConfig
in a cache policy. See CachePolicy. \n If you want
to send cookies to the origin but not include them
in the cache key, use CookiesConfig in an origin
request policy. See OriginRequestPolicy. \n A complex
type that specifies whether you want CloudFront
to forward cookies to the origin and, if so, which
ones. For more information about forwarding cookies
to the origin, see Caching Content Based on Cookies
(https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html)
in the Amazon CloudFront Developer Guide."
properties:
forward:
type: string
whitelistedNames:
description: Contains a list of cookie names.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
headers:
description: Contains a list of HTTP header names.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
queryString:
type: boolean
queryStringCacheKeys:
description: "This field is deprecated. We recommend
that you use a cache policy or an origin request
policy instead of this field. \n If you want to
include query strings in the cache key, use QueryStringsConfig
in a cache policy. See CachePolicy. \n If you want
to send query strings to the origin but not include
them in the cache key, use QueryStringsConfig in
an origin request policy. See OriginRequestPolicy.
\n A complex type that contains information about
the query string parameters that you want CloudFront
to use for caching for a cache behavior."
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
lambdaFunctionAssociations:
description: "A complex type that specifies a list of
Lambda functions associations for a cache behavior.
\n If you want to invoke one or more Lambda functions
triggered by requests that match the PathPattern of
the cache behavior, specify the applicable values for
Quantity and Items. Note that there can be up to 4 LambdaFunctionAssociation
items in this list (one for each possible value of EventType)
and each EventType can be associated with the Lambda
function only once. \n If you don't want to invoke any
Lambda functions for the requests that match PathPattern,
specify 0 for Quantity and omit Items."
properties:
items:
items:
properties:
eventType:
type: string
includeBody:
type: boolean
lambdaFunctionARN:
type: string
type: object
type: array
quantity:
format: int64
type: integer
type: object
maxTTL:
format: int64
type: integer
minTTL:
format: int64
type: integer
originRequestPolicyID:
type: string
realtimeLogConfigARN:
type: string
smoothStreaming:
type: boolean
targetOriginID:
type: string
trustedKeyGroups:
description: A list of key groups whose public keys CloudFront
can use to verify the signatures of signed URLs and
signed cookies.
properties:
enabled:
type: boolean
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
trustedSigners:
description: A list of AWS accounts whose public keys
CloudFront can use to verify the signatures of signed
URLs and signed cookies.
properties:
enabled:
type: boolean
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
viewerProtocolPolicy:
type: string
type: object
defaultRootObject:
type: string
enabled:
type: boolean
httpVersion:
type: string
isIPV6Enabled:
type: boolean
logging:
description: A complex type that controls whether access logs
are written for the distribution.
properties:
bucket:
type: string
enabled:
type: boolean
includeCookies:
type: boolean
prefix:
type: string
type: object
originGroups:
description: A complex data type for the origin groups specified
for a distribution.
properties:
items:
description: List of origin groups for a distribution.
items:
properties:
failoverCriteria:
description: A complex data type that includes information
about the failover criteria for an origin group,
including the status codes for which CloudFront
will failover from the primary origin to the second
origin.
properties:
statusCodes:
description: A complex data type for the status
codes that you specify that, when returned
by a primary origin, trigger CloudFront to
failover to a second origin.
properties:
items:
description: List of status codes for origin
failover.
items:
format: int64
type: integer
type: array
quantity:
format: int64
type: integer
type: object
type: object
id:
type: string
members:
description: A complex data type for the origins
included in an origin group.
properties:
items:
description: List of origins in an origin group.
items:
properties:
originID:
type: string
type: object
type: array
quantity:
format: int64
type: integer
type: object
type: object
type: array
quantity:
format: int64
type: integer
type: object
origins:
description: Contains information about the origins for this
distribution.
properties:
items:
items:
properties:
connectionAttempts:
format: int64
type: integer
connectionTimeout:
format: int64
type: integer
customHeaders:
description: A complex type that contains the list
of Custom Headers for each origin.
properties:
items:
items:
properties:
headerName:
type: string
headerValue:
type: string
type: object
type: array
quantity:
format: int64
type: integer
type: object
customOriginConfig:
description: A custom origin. A custom origin is
any origin that is not an Amazon S3 bucket, with
one exception. An Amazon S3 bucket that is configured
with static website hosting (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html)
is a custom origin.
properties:
httpPort:
format: int64
type: integer
httpSPort:
format: int64
type: integer
originKeepaliveTimeout:
format: int64
type: integer
originProtocolPolicy:
type: string
originReadTimeout:
format: int64
type: integer
originSSLProtocols:
description: A complex type that contains information
about the SSL/TLS protocols that CloudFront
can use when establishing an HTTPS connection
with your origin.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
domainName:
type: string
id:
type: string
originPath:
type: string
originShield:
description: "CloudFront Origin Shield. \n Using
Origin Shield can help reduce the load on your
origin. For more information, see Using Origin
Shield (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html)
in the Amazon CloudFront Developer Guide."
properties:
enabled:
type: boolean
originShieldRegion:
type: string
type: object
s3OriginConfig:
description: A complex type that contains information
about the Amazon S3 origin. If the origin is a
custom origin or an S3 bucket that is configured
as a website endpoint, use the CustomOriginConfig
element instead.
properties:
originAccessIdentity:
type: string
type: object
type: object
type: array
type: object
priceClass:
type: string
restrictions:
description: A complex type that identifies ways in which
you want to restrict distribution of your content.
properties:
geoRestriction:
description: A complex type that controls the countries
in which your content is distributed. CloudFront determines
the location of your users using MaxMind GeoIP databases.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
restrictionType:
type: string
type: object
type: object
viewerCertificate:
description: "A complex type that determines the distribution’s
SSL/TLS configuration for communicating with viewers. \n
If the distribution doesn’t use Aliases (also known as alternate
domain names or CNAMEs)—that is, if the distribution uses
the CloudFront domain name such as d111111abcdef8.cloudfront.net—set
CloudFrontDefaultCertificate to true and leave all other
fields empty. \n If the distribution uses Aliases (alternate
domain names or CNAMEs), use the fields in this type to
specify the following settings: \n * Which viewers the
distribution accepts HTTPS connections from: only viewers
that support server name indication (SNI) (https://en.wikipedia.org/wiki/Server_Name_Indication)
\ (recommended), or all viewers including those that don’t
support SNI. To accept HTTPS connections from only viewers
that support SNI, set SSLSupportMethod to sni-only. This
is recommended. Most browsers and clients support SNI. To
accept HTTPS connections from all viewers, including those
that don’t support SNI, set SSLSupportMethod to vip.
This is not recommended, and results in additional monthly
charges from CloudFront. \n * The minimum SSL/TLS protocol
version that the distribution can use to communicate
with viewers. To specify a minimum version, choose a value
\ for MinimumProtocolVersion. For more information, see
Security Policy (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy)
\ in the Amazon CloudFront Developer Guide. \n * The
location of the SSL/TLS certificate, AWS Certificate Manager
(ACM) (https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html)
(recommended) or AWS Identity and Access Management (AWS
IAM) (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html).
\ You specify the location by setting a value in one of
the following fields (not both): ACMCertificateArn IAMCertificateId
\n All distributions support HTTPS connections from viewers.
To require viewers to use HTTPS only, or to redirect them
from HTTP to HTTPS, use ViewerProtocolPolicy in the CacheBehavior
or DefaultCacheBehavior. To specify how CloudFront should
use SSL/TLS to communicate with your custom origin, use
CustomOriginConfig. \n For more information, see Using HTTPS
with CloudFront (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https.html)
and Using Alternate Domain Names and HTTPS (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-alternate-domain-names.html)
in the Amazon CloudFront Developer Guide."
properties:
aCMCertificateARN:
type: string
certificate:
type: string
certificateSource:
type: string
cloudFrontDefaultCertificate:
type: boolean
iamCertificateID:
type: string
minimumProtocolVersion:
type: string
sslSupportMethod:
type: string
type: object
webACLID:
type: string
type: object
region:
description: Region is which region the Distribution will be created.
type: string
required:
- distributionConfig
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: DistributionStatus defines the observed state of Distribution.
properties:
atProvider:
description: DistributionObservation defines the observed state of
Distribution
properties:
distribution:
description: The distribution's information.
properties:
activeTrustedKeyGroups:
description: A list of key groups, and the public keys in
each key group, that CloudFront can use to verify the signatures
of signed URLs and signed cookies.
properties:
enabled:
type: boolean
items:
items:
properties:
keyGroupID:
type: string
keyPairIDs:
description: A list of CloudFront key pair identifiers.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
type: array
quantity:
format: int64
type: integer
type: object
activeTrustedSigners:
description: A list of AWS accounts and the active CloudFront
key pairs in each account that CloudFront can use to verify
the signatures of signed URLs and signed cookies.
properties:
enabled:
type: boolean
items:
items:
properties:
awsAccountNumber:
type: string
keyPairIDs:
description: A list of CloudFront key pair identifiers.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
type: array
quantity:
format: int64
type: integer
type: object
aliasICPRecordals:
items:
properties:
cNAME:
type: string
iCPRecordalStatus:
type: string
type: object
type: array
arn:
type: string
distributionConfig:
description: A distribution configuration.
properties:
aliases:
description: A complex type that contains information
about CNAMEs (alternate domain names), if any, for this
distribution.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
cacheBehaviors:
description: A complex type that contains zero or more
CacheBehavior elements.
properties:
items:
items:
properties:
allowedMethods:
description: "A complex type that controls which
HTTP methods CloudFront processes and forwards
to your Amazon S3 bucket or your custom origin.
There are three choices: \n * CloudFront
forwards only GET and HEAD requests. \n *
CloudFront forwards only GET, HEAD, and OPTIONS
requests. \n * CloudFront forwards GET,
HEAD, OPTIONS, PUT, PATCH, POST, and DELETE
\ requests. \n If you pick the third choice,
you may need to restrict access to your Amazon
S3 bucket or to your custom origin so users
can't perform operations that you don't want
them to. For example, you might not want users
to have permissions to delete objects from
your origin."
properties:
cachedMethods:
description: "A complex type that controls
whether CloudFront caches the response
to requests using the specified HTTP methods.
There are two choices: \n * CloudFront
caches responses to GET and HEAD requests.
\n * CloudFront caches responses to
GET, HEAD, and OPTIONS requests. \n If
you pick the second choice for your Amazon
S3 Origin, you may need to forward Access-Control-Request-Method,
Access-Control-Request-Headers, and Origin
headers for the responses to be cached
correctly."
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
cachePolicyID:
type: string
compress:
type: boolean
defaultTTL:
format: int64
type: integer
fieldLevelEncryptionID:
type: string
forwardedValues:
description: "This field is deprecated. We recommend
that you use a cache policy or an origin request
policy instead of this field. \n If you want
to include values in the cache key, use a
cache policy. For more information, see Creating
cache policies (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy)
in the Amazon CloudFront Developer Guide.
\n If you want to send values to the origin
but not include them in the cache key, use
an origin request policy. For more information,
see Creating origin request policies (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy)
in the Amazon CloudFront Developer Guide.
\n A complex type that specifies how CloudFront
handles query strings, cookies, and HTTP headers."
properties:
cookies:
description: "This field is deprecated.
We recommend that you use a cache policy
or an origin request policy instead of
this field. \n If you want to include
cookies in the cache key, use CookiesConfig
in a cache policy. See CachePolicy. \n
If you want to send cookies to the origin
but not include them in the cache key,
use CookiesConfig in an origin request
policy. See OriginRequestPolicy. \n A
complex type that specifies whether you
want CloudFront to forward cookies to
the origin and, if so, which ones. For
more information about forwarding cookies
to the origin, see Caching Content Based
on Cookies (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html)
in the Amazon CloudFront Developer Guide."
properties:
forward:
type: string
whitelistedNames:
description: Contains a list of cookie
names.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
headers:
description: Contains a list of HTTP header
names.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
queryString:
type: boolean
queryStringCacheKeys:
description: "This field is deprecated.
We recommend that you use a cache policy
or an origin request policy instead of
this field. \n If you want to include
query strings in the cache key, use QueryStringsConfig
in a cache policy. See CachePolicy. \n
If you want to send query strings to the
origin but not include them in the cache
key, use QueryStringsConfig in an origin
request policy. See OriginRequestPolicy.
\n A complex type that contains information
about the query string parameters that
you want CloudFront to use for caching
for a cache behavior."
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
lambdaFunctionAssociations:
description: "A complex type that specifies
a list of Lambda functions associations for
a cache behavior. \n If you want to invoke
one or more Lambda functions triggered by
requests that match the PathPattern of the
cache behavior, specify the applicable values
for Quantity and Items. Note that there can
be up to 4 LambdaFunctionAssociation items
in this list (one for each possible value
of EventType) and each EventType can be associated
with the Lambda function only once. \n If
you don't want to invoke any Lambda functions
for the requests that match PathPattern, specify
0 for Quantity and omit Items."
properties:
items:
items:
properties:
eventType:
type: string
includeBody:
type: boolean
lambdaFunctionARN:
type: string
type: object
type: array
quantity:
format: int64
type: integer
type: object
maxTTL:
format: int64
type: integer
minTTL:
format: int64
type: integer
originRequestPolicyID:
type: string
pathPattern:
type: string
realtimeLogConfigARN:
type: string
smoothStreaming:
type: boolean
targetOriginID:
type: string
trustedKeyGroups:
description: A list of key groups whose public
keys CloudFront can use to verify the signatures
of signed URLs and signed cookies.
properties:
enabled:
type: boolean
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
trustedSigners:
description: A list of AWS accounts whose public
keys CloudFront can use to verify the signatures
of signed URLs and signed cookies.
properties:
enabled:
type: boolean
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
viewerProtocolPolicy:
type: string
type: object
type: array
quantity:
format: int64
type: integer
type: object
comment:
type: string
customErrorResponses:
description: "A complex type that controls: \n * Whether
CloudFront replaces HTTP status codes in the 4xx and
5xx range with custom error messages before returning
the response to the viewer. \n * How long CloudFront
caches HTTP status codes in the 4xx and 5xx range. \n
For more information about custom error pages, see Customizing
Error Responses (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html)
in the Amazon CloudFront Developer Guide."
properties:
items:
items:
properties:
errorCachingMinTTL:
format: int64
type: integer
errorCode:
format: int64
type: integer
responseCode:
type: string
responsePagePath:
type: string
type: object
type: array
quantity:
format: int64
type: integer
type: object
defaultCacheBehavior:
description: A complex type that describes the default
cache behavior if you don’t specify a CacheBehavior
element or if request URLs don’t match any of the values
of PathPattern in CacheBehavior elements. You must create
exactly one default cache behavior.
properties:
allowedMethods:
description: "A complex type that controls which HTTP
methods CloudFront processes and forwards to your
Amazon S3 bucket or your custom origin. There are
three choices: \n * CloudFront forwards only
GET and HEAD requests. \n * CloudFront forwards
only GET, HEAD, and OPTIONS requests. \n * CloudFront
forwards GET, HEAD, OPTIONS, PUT, PATCH, POST, and
DELETE requests. \n If you pick the third choice,
you may need to restrict access to your Amazon S3
bucket or to your custom origin so users can't perform
operations that you don't want them to. For example,
you might not want users to have permissions to
delete objects from your origin."
properties:
cachedMethods:
description: "A complex type that controls whether
CloudFront caches the response to requests using
the specified HTTP methods. There are two choices:
\n * CloudFront caches responses to GET and
HEAD requests. \n * CloudFront caches responses
to GET, HEAD, and OPTIONS requests. \n If you
pick the second choice for your Amazon S3 Origin,
you may need to forward Access-Control-Request-Method,
Access-Control-Request-Headers, and Origin headers
for the responses to be cached correctly."
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
cachePolicyID:
type: string
compress:
type: boolean
defaultTTL:
format: int64
type: integer
fieldLevelEncryptionID:
type: string
forwardedValues:
description: "This field is deprecated. We recommend
that you use a cache policy or an origin request
policy instead of this field. \n If you want to
include values in the cache key, use a cache policy.
For more information, see Creating cache policies
(https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy)
in the Amazon CloudFront Developer Guide. \n If
you want to send values to the origin but not include
them in the cache key, use an origin request policy.
For more information, see Creating origin request
policies (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy)
in the Amazon CloudFront Developer Guide. \n A complex
type that specifies how CloudFront handles query
strings, cookies, and HTTP headers."
properties:
cookies:
description: "This field is deprecated. We recommend
that you use a cache policy or an origin request
policy instead of this field. \n If you want
to include cookies in the cache key, use CookiesConfig
in a cache policy. See CachePolicy. \n If you
want to send cookies to the origin but not include
them in the cache key, use CookiesConfig in
an origin request policy. See OriginRequestPolicy.
\n A complex type that specifies whether you
want CloudFront to forward cookies to the origin
and, if so, which ones. For more information
about forwarding cookies to the origin, see
Caching Content Based on Cookies (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html)
in the Amazon CloudFront Developer Guide."
properties:
forward:
type: string
whitelistedNames:
description: Contains a list of cookie names.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
headers:
description: Contains a list of HTTP header names.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
queryString:
type: boolean
queryStringCacheKeys:
description: "This field is deprecated. We recommend
that you use a cache policy or an origin request
policy instead of this field. \n If you want
to include query strings in the cache key, use
QueryStringsConfig in a cache policy. See CachePolicy.
\n If you want to send query strings to the
origin but not include them in the cache key,
use QueryStringsConfig in an origin request
policy. See OriginRequestPolicy. \n A complex
type that contains information about the query
string parameters that you want CloudFront to
use for caching for a cache behavior."
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
lambdaFunctionAssociations:
description: "A complex type that specifies a list
of Lambda functions associations for a cache behavior.
\n If you want to invoke one or more Lambda functions
triggered by requests that match the PathPattern
of the cache behavior, specify the applicable values
for Quantity and Items. Note that there can be up
to 4 LambdaFunctionAssociation items in this list
(one for each possible value of EventType) and each
EventType can be associated with the Lambda function
only once. \n If you don't want to invoke any Lambda
functions for the requests that match PathPattern,
specify 0 for Quantity and omit Items."
properties:
items:
items:
properties:
eventType:
type: string
includeBody:
type: boolean
lambdaFunctionARN:
type: string
type: object
type: array
quantity:
format: int64
type: integer
type: object
maxTTL:
format: int64
type: integer
minTTL:
format: int64
type: integer
originRequestPolicyID:
type: string
realtimeLogConfigARN:
type: string
smoothStreaming:
type: boolean
targetOriginID:
type: string
trustedKeyGroups:
description: A list of key groups whose public keys
CloudFront can use to verify the signatures of signed
URLs and signed cookies.
properties:
enabled:
type: boolean
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
trustedSigners:
description: A list of AWS accounts whose public keys
CloudFront can use to verify the signatures of signed
URLs and signed cookies.
properties:
enabled:
type: boolean
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
viewerProtocolPolicy:
type: string
type: object
defaultRootObject:
type: string
enabled:
type: boolean
httpVersion:
type: string
isIPV6Enabled:
type: boolean
logging:
description: A complex type that controls whether access
logs are written for the distribution.
properties:
bucket:
type: string
enabled:
type: boolean
includeCookies:
type: boolean
prefix:
type: string
type: object
originGroups:
description: A complex data type for the origin groups
specified for a distribution.
properties:
items:
description: List of origin groups for a distribution.
items:
properties:
failoverCriteria:
description: A complex data type that includes
information about the failover criteria for
an origin group, including the status codes
for which CloudFront will failover from the
primary origin to the second origin.
properties:
statusCodes:
description: A complex data type for the
status codes that you specify that, when
returned by a primary origin, trigger
CloudFront to failover to a second origin.
properties:
items:
description: List of status codes for
origin failover.
items:
format: int64
type: integer
type: array
quantity:
format: int64
type: integer
type: object
type: object
id:
type: string
members:
description: A complex data type for the origins
included in an origin group.
properties:
items:
description: List of origins in an origin
group.
items:
properties:
originID:
type: string
type: object
type: array
quantity:
format: int64
type: integer
type: object
type: object
type: array
quantity:
format: int64
type: integer
type: object
origins:
description: Contains information about the origins for
this distribution.
properties:
items:
items:
properties:
connectionAttempts:
format: int64
type: integer
connectionTimeout:
format: int64
type: integer
customHeaders:
description: A complex type that contains the
list of Custom Headers for each origin.
properties:
items:
items:
properties:
headerName:
type: string
headerValue:
type: string
type: object
type: array
quantity:
format: int64
type: integer
type: object
customOriginConfig:
description: A custom origin. A custom origin
is any origin that is not an Amazon S3 bucket,
with one exception. An Amazon S3 bucket that
is configured with static website hosting
(https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html)
is a custom origin.
properties:
httpPort:
format: int64
type: integer
httpSPort:
format: int64
type: integer
originKeepaliveTimeout:
format: int64
type: integer
originProtocolPolicy:
type: string
originReadTimeout:
format: int64
type: integer
originSSLProtocols:
description: A complex type that contains
information about the SSL/TLS protocols
that CloudFront can use when establishing
an HTTPS connection with your origin.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
type: object
type: object
domainName:
type: string
id:
type: string
originPath:
type: string
originShield:
description: "CloudFront Origin Shield. \n Using
Origin Shield can help reduce the load on
your origin. For more information, see Using
Origin Shield (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html)
in the Amazon CloudFront Developer Guide."
properties:
enabled:
type: boolean
originShieldRegion:
type: string
type: object
s3OriginConfig:
description: A complex type that contains information
about the Amazon S3 origin. If the origin
is a custom origin or an S3 bucket that is
configured as a website endpoint, use the
CustomOriginConfig element instead.
properties:
originAccessIdentity:
type: string
type: object
type: object
type: array
type: object
priceClass:
type: string
restrictions:
description: A complex type that identifies ways in which
you want to restrict distribution of your content.
properties:
geoRestriction:
description: A complex type that controls the countries
in which your content is distributed. CloudFront
determines the location of your users using MaxMind
GeoIP databases.
properties:
items:
items:
type: string
type: array
quantity:
format: int64
type: integer
restrictionType:
type: string
type: object
type: object
viewerCertificate:
description: "A complex type that determines the distribution’s
SSL/TLS configuration for communicating with viewers.
\n If the distribution doesn’t use Aliases (also known
as alternate domain names or CNAMEs)—that is, if the
distribution uses the CloudFront domain name such as
d111111abcdef8.cloudfront.net—set CloudFrontDefaultCertificate
to true and leave all other fields empty. \n If the
distribution uses Aliases (alternate domain names or
CNAMEs), use the fields in this type to specify the
following settings: \n * Which viewers the distribution
accepts HTTPS connections from: only viewers that
support server name indication (SNI) (https://en.wikipedia.org/wiki/Server_Name_Indication)
\ (recommended), or all viewers including those that
don’t support SNI. To accept HTTPS connections from
only viewers that support SNI, set SSLSupportMethod
\ to sni-only. This is recommended. Most browsers
and clients support SNI. To accept HTTPS connections
from all viewers, including those that don’t support
SNI, set SSLSupportMethod to vip. This is not recommended,
and results in additional monthly charges from CloudFront.
\n * The minimum SSL/TLS protocol version that the
distribution can use to communicate with viewers.
To specify a minimum version, choose a value for
MinimumProtocolVersion. For more information, see Security
Policy (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy)
\ in the Amazon CloudFront Developer Guide. \n *
The location of the SSL/TLS certificate, AWS Certificate
Manager (ACM) (https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html)
(recommended) or AWS Identity and Access Management
(AWS IAM) (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html).
\ You specify the location by setting a value in one
of the following fields (not both): ACMCertificateArn
IAMCertificateId \n All distributions support HTTPS
connections from viewers. To require viewers to use
HTTPS only, or to redirect them from HTTP to HTTPS,
use ViewerProtocolPolicy in the CacheBehavior or DefaultCacheBehavior.
To specify how CloudFront should use SSL/TLS to communicate
with your custom origin, use CustomOriginConfig. \n
For more information, see Using HTTPS with CloudFront
(https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https.html)
and Using Alternate Domain Names and HTTPS (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-alternate-domain-names.html)
in the Amazon CloudFront Developer Guide."
properties:
aCMCertificateARN:
type: string
certificate:
type: string
certificateSource:
type: string
cloudFrontDefaultCertificate:
type: boolean
iamCertificateID:
type: string
minimumProtocolVersion:
type: string
sslSupportMethod:
type: string
type: object
webACLID:
type: string
type: object
domainName:
type: string
id:
type: string
inProgressInvalidationBatches:
format: int64
type: integer
lastModifiedTime:
format: date-time
type: string
status:
type: string
type: object
eTag:
description: The current version of the distribution created.
type: string
location:
description: The fully qualified URI of the new distribution resource
just created.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: loggroups.cloudwatchlogs.aws.crossplane.io
spec:
group: cloudwatchlogs.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: LogGroup
listKind: LogGroupList
plural: loggroups
singular: loggroup
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: LogGroup is the Schema for the LogGroups API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: LogGroupSpec defines the desired state of LogGroup
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: LogGroupParameters defines the desired state of LogGroup
properties:
kmsKeyID:
description: The Amazon Resource Name (ARN) of the CMK to use
when encrypting log data. For more information, see Amazon Resource
Names - AWS Key Management Service (AWS KMS) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-kms).
type: string
kmsKeyIDRef:
description: KMSKeyIDRef is a reference to a KMS Key used to set
KMSKeyID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
kmsKeyIDSelector:
description: KMSKeyIDSelector selects a reference to a KMS Key
used to set KMSKeyID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
logGroupName:
description: The name of the log group.
type: string
region:
description: Region is which region the LogGroup will be created.
type: string
retentionInDays:
description: The number of days to retain the log events in the
specified log group. If you select 0, the events in the log
group are always retained and never expire.
enum:
- 0
- 1
- 3
- 5
- 7
- 14
- 30
- 60
- 90
- 120
- 150
- 180
- 365
- 400
- 545
- 731
- 1827
- 3653
format: int64
type: integer
tags:
additionalProperties:
type: string
description: The key-value pairs to use for the tags.
type: object
required:
- logGroupName
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: LogGroupStatus defines the observed state of LogGroup.
properties:
atProvider:
description: LogGroupObservation defines the observed state of LogGroup
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: dbsubnetgroups.database.aws.crossplane.io
spec:
group: database.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: DBSubnetGroup
listKind: DBSubnetGroupList
plural: dbsubnetgroups
singular: dbsubnetgroup
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: A DBSubnetGroup is a managed resource that represents an AWS
VPC Database Subnet Group.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A DBSubnetGroupSpec defines the desired state of a DBSubnetGroup.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: DBSubnetGroupParameters define the desired state of an
AWS VPC Database Subnet Group.
properties:
description:
description: The description for the DB subnet group.
type: string
region:
description: Region is the region you'd like your DBSubnetGroup
to be created in.
type: string
subnetIdRefs:
description: SubnetIDRefs is a set of references that each retrieve
the subnetID from the referenced Subnet
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
subnetIdSelector:
description: SubnetIDSelector selects a set of references that
each retrieve the subnetID from the referenced Subnet
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
subnetIds:
description: The EC2 Subnet IDs for the DB subnet group.
items:
type: string
type: array
tags:
description: A list of tags. For more information, see Tagging
Amazon RDS Resources (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html)
in the Amazon RDS User Guide.
items:
description: Tag is a metadata assigned to an Amazon RDS resource
consisting of a key-value pair. Please also see https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/Tag
properties:
key:
description: 'A key is the required name of the tag. The
string value can be from 1 to 128 Unicode characters in
length and can''t be prefixed with "aws:" or "rds:". The
string can only contain only the set of Unicode letters,
digits, white-space, ''_'', ''.'', ''/'', ''='', ''+'',
''-'' (Java regex: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-]*)$").'
type: string
value:
description: 'A value is the optional value of the tag.
The string value can be from 1 to 256 Unicode characters
in length and can''t be prefixed with "aws:" or "rds:".
The string can only contain only the set of Unicode letters,
digits, white-space, ''_'', ''.'', ''/'', ''='', ''+'',
''-'' (Java regex: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-]*)$").'
type: string
type: object
type: array
required:
- description
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
type: object
status:
description: A DBSubnetGroupStatus represents the observed state of a
DBSubnetGroup.
properties:
atProvider:
description: DBSubnetGroupObservation is the representation of the
current state that is observed
properties:
arn:
description: ARN is the Amazon Resource Name (ARN) for this DB
subnet group.
type: string
state:
description: State specifies the current state of this DB subnet
group.
type: string
subnets:
description: Subnets contains a list of Subnet elements.
items:
description: Subnet represents a aws subnet
properties:
subnetID:
description: Specifies the identifier of the subnet.
type: string
subnetStatus:
description: Specifies the status of the subnet.
type: string
required:
- subnetID
- subnetStatus
type: object
type: array
vpcId:
description: VPCID provides the VPCID of the DB subnet group.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: rdsinstances.database.aws.crossplane.io
spec:
group: database.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: RDSInstance
listKind: RDSInstanceList
plural: rdsinstances
singular: rdsinstance
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .status.atProvider.dbInstanceStatus
name: STATE
type: string
- jsonPath: .spec.forProvider.engine
name: ENGINE
type: string
- jsonPath: .spec.forProvider.engineVersion
name: VERSION
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: An RDSInstance is a managed resource that represents an AWS Relational
Database Service instance.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: An RDSInstanceSpec defines the desired state of an RDSInstance.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: RDSInstanceParameters define the desired state of an
AWS Relational Database Service instance.
properties:
allocatedStorage:
description: 'AllocatedStorage is the amount of storage (in gibibytes)
to allocate for the DB instance. Type: Integer Amazon Aurora
Not applicable. Aurora cluster volumes automatically grow as
the amount of data in your database increases, though you are
only charged for the space that you use in an Aurora cluster
volume. MySQL Constraints to the amount of storage for each
storage type are the following: * General Purpose (SSD) storage
(gp2): Must be an integer from 20 to 16384. * Provisioned
IOPS storage (io1): Must be an integer from 100 to 16384. *
Magnetic storage (standard): Must be an integer from 5 to 3072.
MariaDB Constraints to the amount of storage for each storage
type are the following: * General Purpose (SSD) storage (gp2):
Must be an integer from 20 to 16384. * Provisioned IOPS storage
(io1): Must be an integer from 100 to 16384. * Magnetic storage
(standard): Must be an integer from 5 to 3072. PostgreSQL Constraints
to the amount of storage for each storage type are the following: *
General Purpose (SSD) storage (gp2): Must be an integer from
20 to 16384. * Provisioned IOPS storage (io1): Must be an
integer from 100 to 16384. * Magnetic storage (standard):
Must be an integer from 5 to 3072. Oracle Constraints to the
amount of storage for each storage type are the following: *
General Purpose (SSD) storage (gp2): Must be an integer from
20 to 16384. * Provisioned IOPS storage (io1): Must be an
integer from 100 to 16384. * Magnetic storage (standard):
Must be an integer from 10 to 3072. SQL Server Constraints to
the amount of storage for each storage type are the following: *
General Purpose (SSD) storage (gp2): Enterprise and Standard
editions: Must be an integer from 200 to 16384. Web and Express
editions: Must be an integer from 20 to 16384. * Provisioned
IOPS storage (io1): Enterprise and Standard editions: Must be
an integer from 200 to 16384. Web and Express editions: Must
be an integer from 100 to 16384. * Magnetic storage (standard):
Enterprise and Standard editions: Must be an integer from 200
to 1024. Web and Express editions: Must be an integer from 20
to 1024.'
type: integer
allowMajorVersionUpgrade:
description: 'AllowMajorVersionUpgrade indicates that major version
upgrades are allowed. Changing this parameter doesn''t result
in an outage and the change is asynchronously applied as soon
as possible. Constraints: This parameter must be set to true
when specifying a value for the EngineVersion parameter that
is a different major version than the DB instance''s current
version.'
type: boolean
applyModificationsImmediately:
description: 'ApplyModificationsImmediately specifies whether
the modifications in this request and any pending modifications
are asynchronously applied as soon as possible, regardless of
the PreferredMaintenanceWindow setting for the DB instance.
If this parameter is set to false, changes to the DB instance
are applied during the next maintenance window. Some parameter
changes can cause an outage and are applied on the next call
to RebootDBInstance, or the next failure reboot. Review the
table of parameters in Modifying a DB Instance and Using the
Apply Immediately Parameter (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)
in the Amazon RDS User Guide. to see the impact that setting
ApplyImmediately to true or false has for each modified parameter
and to determine when the changes are applied. Default: false'
type: boolean
autoMinorVersionUpgrade:
description: 'AutoMinorVersionUpgrade indicates that minor engine
upgrades are applied automatically to the DB instance during
the maintenance window. Default: true'
type: boolean
availabilityZone:
description: 'AvailabilityZone is the EC2 Availability Zone that
the DB instance is created in. For information on AWS Regions
and Availability Zones, see Regions and Availability Zones (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).
Default: A random, system-chosen Availability Zone in the endpoint''s
AWS Region. Example: us-east-1d Constraint: The AvailabilityZone
parameter can''t be specified if the MultiAZ parameter is set
to true. The specified Availability Zone must be in the same
AWS Region as the current endpoint.'
type: string
backupRetentionPeriod:
description: 'BackupRetentionPeriod is the number of days for
which automated backups are retained. Setting this parameter
to a positive number enables backups. Setting this parameter
to 0 disables automated backups. Amazon Aurora Not applicable.
The retention period for automated backups is managed by the
DB cluster. For more information, see CreateDBCluster. Default:
1 Constraints: * Must be a value from 0 to 35 * Cannot
be set to 0 if the DB instance is a source to Read Replicas'
type: integer
caCertificateIdentifier:
description: CACertificateIdentifier indicates the certificate
that needs to be associated with the instance.
type: string
characterSetName:
description: CharacterSetName indicates that the DB instance should
be associated with the specified CharacterSet for supported
engines, Amazon Aurora Not applicable. The character set is
managed by the DB cluster. For more information, see CreateDBCluster.
type: string
cloudwatchLogsExportConfiguration:
description: CloudwatchLogsExportConfiguration is the configuration
setting for the log types to be enabled for export to CloudWatch
Logs for a specific DB instance.
properties:
disableLogTypes:
description: DisableLogTypes is the list of log types to disable.
items:
type: string
type: array
enableLogTypes:
description: EnableLogTypes is the list of log types to enable.
items:
type: string
type: array
type: object
copyTagsToSnapshot:
description: CopyTagsToSnapshot should be true to copy all tags
from the DB instance to snapshots of the DB instance, and otherwise
false. The default is false.
type: boolean
dbClusterIdentifier:
description: 'DBClusterIdentifier is the identifier of the DB
cluster that the instance will belong to. For information on
creating a DB cluster, see CreateDBCluster. Type: String'
type: string
dbInstanceClass:
description: DBInstanceClass is the compute and memory capacity
of the DB instance, for example, db.m4.large. Not all DB instance
classes are available in all AWS Regions, or for all database
engines. For the full list of DB instance classes, and availability
for your engine, see DB Instance Class (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html)
in the Amazon RDS User Guide.
type: string
dbName:
description: 'DBName is the meaning of this parameter differs
according to the database engine you use. Type: String MySQL
The name of the database to create when the DB instance is created.
If this parameter is not specified, no database is created in
the DB instance. Constraints: * Must contain 1 to 64 letters
or numbers. * Cannot be a word reserved by the specified
database engine MariaDB The name of the database to create when
the DB instance is created. If this parameter is not specified,
no database is created in the DB instance. Constraints: *
Must contain 1 to 64 letters or numbers. * Cannot be a word
reserved by the specified database engine PostgreSQL The name
of the database to create when the DB instance is created. If
this parameter is not specified, the default "postgres" database
is created in the DB instance. Constraints: * Must contain
1 to 63 letters, numbers, or underscores. * Must begin with
a letter or an underscore. Subsequent characters can be letters,
underscores, or digits (0-9). * Cannot be a word reserved
by the specified database engine Oracle The Oracle System ID
(SID) of the created DB instance. If you specify null, the default
value ORCL is used. You can''t specify the string NULL, or any
other reserved word, for DBName. Default: ORCL Constraints: *
Cannot be longer than 8 characters SQL Server Not applicable.
Must be null. Amazon Aurora The name of the database to create
when the primary instance of the DB cluster is created. If this
parameter is not specified, no database is created in the DB
instance. Constraints: * Must contain 1 to 64 letters or
numbers. * Cannot be a word reserved by the specified database
engine'
type: string
dbParameterGroupName:
description: 'DBParameterGroupName is the name of the DB parameter
group to associate with this DB instance. If this argument is
omitted, the default DBParameterGroup for the specified engine
is used. Constraints: * Must be 1 to 255 letters, numbers,
or hyphens. * First character must be a letter * Cannot
end with a hyphen or contain two consecutive hyphens'
type: string
dbSecurityGroups:
description: 'DBSecurityGroups is a list of DB security groups
to associate with this DB instance. Default: The default DB
security group for the database engine.'
items:
type: string
type: array
dbSubnetGroupName:
description: DBSubnetGroupName is a DB subnet group to associate
with this DB instance. If there is no DB subnet group, then
it is a non-VPC DB instance.
type: string
dbSubnetGroupNameRef:
description: DBSubnetGroupNameRef is a reference to a DBSubnetGroup
used to set DBSubnetGroupName.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
dbSubnetGroupNameSelector:
description: DBSubnetGroupNameSelector selects a reference to
a DBSubnetGroup used to set DBSubnetGroupName.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
deletionProtection:
description: DeletionProtection indicates if the DB instance should
have deletion protection enabled. The database can't be deleted
when this value is set to true. The default is false. For more
information, see Deleting a DB Instance (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html).
type: boolean
domain:
description: Domain specifies the Active Directory Domain to create
the instance in.
type: string
domainIAMRoleName:
description: DomainIAMRoleName specifies the name of the IAM role
to be used when making API calls to the Directory Service.
type: string
domainIAMRoleNameRef:
description: DomainIAMRoleNameRef is a reference to an IAMRole
used to set DomainIAMRoleName.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
domainIAMRoleNameSelector:
description: DomainIAMRoleNameSelector selects a reference to
an IAMRole used to set DomainIAMRoleName.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
enableCloudwatchLogsExports:
description: EnableCloudwatchLogsExports is the list of log types
that need to be enabled for exporting to CloudWatch Logs. The
values in the list depend on the DB engine being used. For more
information, see Publishing Database Logs to Amazon CloudWatch
Logs (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch)
in the Amazon Relational Database Service User Guide.
items:
type: string
type: array
enableIAMDatabaseAuthentication:
description: 'EnableIAMDatabaseAuthentication should be true to
enable mapping of AWS Identity and Access Management (IAM) accounts
to database accounts, and otherwise false. You can enable IAM
database authentication for the following database engines:
Amazon Aurora Not applicable. Mapping AWS IAM accounts to database
accounts is managed by the DB cluster. For more information,
see CreateDBCluster. MySQL * For MySQL 5.6, minor version
5.6.34 or higher * For MySQL 5.7, minor version 5.7.16 or
higher Default: false'
type: boolean
enablePerformanceInsights:
description: EnablePerformanceInsights should be true to enable
Performance Insights for the DB instance, and otherwise false.
For more information, see Using Amazon Performance Insights
(http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html)
in the Amazon Relational Database Service User Guide.
type: boolean
engine:
description: 'Engine is the name of the database engine to be
used for this instance. Not every database engine is available
for every AWS Region. Valid Values: * aurora (for MySQL 5.6-compatible
Aurora) * aurora-mysql (for MySQL 5.7-compatible Aurora) *
aurora-postgresql * mariadb * mysql * oracle-ee *
oracle-se2 * oracle-se1 * oracle-se * postgres *
sqlserver-ee * sqlserver-se * sqlserver-ex * sqlserver-web
Engine is a required field'
type: string
engineVersion:
description: EngineVersion is the version number of the database
engine to use. For a list of valid engine versions, call DescribeDBEngineVersions.
The following are the database engines and links to information
about the major and minor versions that are available with Amazon
RDS. Not every database engine is available for every AWS Region.
Amazon Aurora Not applicable. The version number of the database
engine to be used by the DB instance is managed by the DB cluster.
For more information, see CreateDBCluster. MariaDB See MariaDB
on Amazon RDS Versions (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt)
in the Amazon RDS User Guide. Microsoft SQL Server See Version
and Feature Support on Amazon RDS (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.FeatureSupport)
in the Amazon RDS User Guide. MySQL See MySQL on Amazon RDS
Versions (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt)
in the Amazon RDS User Guide. Oracle See Oracle Database Engine
Release Notes (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html)
in the Amazon RDS User Guide. PostgreSQL See Supported PostgreSQL
Database Versions (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts.General.DBVersions)
in the Amazon RDS User Guide.
type: string
finalDBSnapshotIdentifier:
description: 'The DBSnapshotIdentifier of the new DBSnapshot created
when SkipFinalSnapshot is set to false. Specifying this parameter
and also setting the SkipFinalShapshot parameter to true results
in an error. Constraints: * Must be 1 to 255 letters or numbers. *
First character must be a letter * Cannot end with a hyphen
or contain two consecutive hyphens * Cannot be specified
when deleting a Read Replica.'
type: string
iops:
description: 'IOPS is the amount of Provisioned IOPS (input/output
operations per second) to be initially allocated for the DB
instance. For information about valid IOPS values, see see Amazon
RDS Provisioned IOPS Storage to Improve Performance (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS)
in the Amazon RDS User Guide. Constraints: Must be a multiple
between 1 and 50 of the storage amount for the DB instance.
Must also be an integer multiple of 1000. For example, if the
size of your DB instance is 500 GiB, then your IOPS value can
be 2000, 3000, 4000, or 5000.'
type: integer
kmsKeyId:
description: KMSKeyID for an encrypted DB instance. The KMS key
identifier is the Amazon Resource Name (ARN) for the KMS encryption
key. If you are creating a DB instance with the same AWS account
that owns the KMS encryption key used to encrypt the new DB
instance, then you can use the KMS key alias instead of the
ARN for the KM encryption key. Amazon Aurora Not applicable.
The KMS key identifier is managed by the DB cluster. For more
information, see CreateDBCluster. If the StorageEncrypted parameter
is true, and you do not specify a value for the KMSKeyID parameter,
then Amazon RDS will use your default encryption key. AWS KMS
creates the default encryption key for your AWS account. Your
AWS account has a different default encryption key for each
AWS Region.
type: string
licenseModel:
description: 'LicenseModel information for this DB instance. Valid
values: license-included | bring-your-own-license | general-public-license'
type: string
masterPasswordSecretRef:
description: MasterPasswordSecretRef references the secret that
contains the password used in the creation of this RDS instance.
If no reference is given, a password will be auto-generated.
properties:
key:
description: The key to select.
type: string
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- key
- name
- namespace
type: object
masterUsername:
description: 'MasterUsername is the name for the master user.
Amazon Aurora Not applicable. The name for the master user is
managed by the DB cluster. For more information, see CreateDBCluster.
MariaDB Constraints: * Required for MariaDB. * Must be
1 to 16 letters or numbers. * Cannot be a reserved word for
the chosen database engine. Microsoft SQL Server Constraints: *
Required for SQL Server. * Must be 1 to 128 letters or numbers. *
The first character must be a letter. * Cannot be a reserved
word for the chosen database engine. MySQL Constraints: *
Required for MySQL. * Must be 1 to 16 letters or numbers. *
First character must be a letter. * Cannot be a reserved
word for the chosen database engine. Oracle Constraints: *
Required for Oracle. * Must be 1 to 30 letters or numbers. *
First character must be a letter. * Cannot be a reserved
word for the chosen database engine. PostgreSQL Constraints: *
Required for PostgreSQL. * Must be 1 to 63 letters or numbers. *
First character must be a letter. * Cannot be a reserved
word for the chosen database engine.'
type: string
monitoringInterval:
description: 'MonitoringInterval is the interval, in seconds,
between points when Enhanced Monitoring metrics are collected
for the DB instance. To disable collecting Enhanced Monitoring
metrics, specify 0. The default is 0. If MonitoringRoleARN is
specified, then you must also set MonitoringInterval to a value
other than 0. Valid Values: 0, 1, 5, 10, 15, 30, 60'
type: integer
monitoringRoleArn:
description: MonitoringRoleARN is the ARN for the IAM role that
permits RDS to send enhanced monitoring metrics to Amazon CloudWatch
Logs. For example, arn:aws:iam:123456789012:role/emaccess. For
information on creating a monitoring role, go to Setting Up
and Enabling Enhanced Monitoring (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling)
in the Amazon RDS User Guide. If MonitoringInterval is set to
a value other than 0, then you must supply a MonitoringRoleARN
value.
type: string
monitoringRoleArnRef:
description: MonitoringRoleARNRef is a reference to an IAMRole
used to set MonitoringRoleARN.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
monitoringRoleArnSelector:
description: MonitoringRoleARNSelector selects a reference to
an IAMRole used to set MonitoringRoleARN.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
multiAZ:
description: MultiAZ specifies if the DB instance is a Multi-AZ
deployment. You can't set the AvailabilityZone parameter if
the MultiAZ parameter is set to true.
type: boolean
optionGroupName:
description: OptionGroupName indicates that the DB instance should
be associated with the specified option group. Permanent options,
such as the TDE option for Oracle Advanced Security TDE, can't
be removed from an option group, and that option group can't
be removed from a DB instance once it is associated with a DB
instance
type: string
performanceInsightsKMSKeyId:
description: PerformanceInsightsKMSKeyID is the AWS KMS key identifier
for encryption of Performance Insights data. The KMS key ID
is the Amazon Resource Name (ARN), KMS key identifier, or the
KMS key alias for the KMS encryption key.
type: string
performanceInsightsRetentionPeriod:
description: PerformanceInsightsRetentionPeriod is the amount
of time, in days, to retain Performance Insights data. Valid
values are 7 or 731 (2 years).
type: integer
port:
description: 'Port number on which the database accepts connections.
MySQL Default: 3306 Valid Values: 1150-65535 Type: Integer MariaDB
Default: 3306 Valid Values: 1150-65535 Type: Integer PostgreSQL
Default: 5432 Valid Values: 1150-65535 Type: Integer Oracle
Default: 1521 Valid Values: 1150-65535 SQL Server Default: 1433
Valid Values: 1150-65535 except for 1434, 3389, 47001, 49152,
and 49152 through 49156. Amazon Aurora Default: 3306 Valid Values:
1150-65535 Type: Integer'
type: integer
preferredBackupWindow:
description: 'PreferredBackupWindow is the daily time range during
which automated backups are created if automated backups are
enabled, using the BackupRetentionPeriod parameter. For more
information, see The Backup Window (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow)
in the Amazon RDS User Guide. Amazon Aurora Not applicable.
The daily time range for creating automated backups is managed
by the DB cluster. For more information, see CreateDBCluster.
The default is a 30-minute window selected at random from an
8-hour block of time for each AWS Region. To see the time blocks
available, see Adjusting the Preferred DB Instance Maintenance
Window (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow)
in the Amazon RDS User Guide. Constraints: * Must be in the
format hh24:mi-hh24:mi. * Must be in Universal Coordinated
Time (UTC). * Must not conflict with the preferred maintenance
window. * Must be at least 30 minutes.'
type: string
preferredMaintenanceWindow:
description: 'PreferredMaintenanceWindow is the time range each
week during which system maintenance can occur, in Universal
Coordinated Time (UTC). For more information, see Amazon RDS
Maintenance Window (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance).
Format: ddd:hh24:mi-ddd:hh24:mi The default is a 30-minute window
selected at random from an 8-hour block of time for each AWS
Region, occurring on a random day of the week. Valid Days: Mon,
Tue, Wed, Thu, Fri, Sat, Sun. Constraints: Minimum 30-minute
window.'
type: string
processorFeatures:
description: ProcessorFeatures is the number of CPU cores and
the number of threads per core for the DB instance class of
the DB instance.
items:
description: ProcessorFeature is a processor feature entry.
For more information, see Configuring the Processor of the
DB Instance Class (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html#USER_ConfigureProcessor)
in the Amazon RDS User Guide. Please also see https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/ProcessorFeature
properties:
name:
description: Name of the processor feature. Valid names
are coreCount and threadsPerCore.
type: string
value:
description: Value of a processor feature name.
type: string
required:
- name
- value
type: object
type: array
promotionTier:
description: 'PromotionTier specifies the order in which an Aurora
Replica is promoted to the primary instance after a failure
of the existing primary instance. For more information, see Fault
Tolerance for an Aurora DB Cluster (http://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.FaultTolerance)
in the Amazon Aurora User Guide. Default: 1 Valid Values: 0
- 15'
type: integer
publiclyAccessible:
description: 'PubliclyAccessible specifies the accessibility options
for the DB instance. A value of true specifies an Internet-facing
instance with a publicly resolvable DNS name, which resolves
to a public IP address. A value of false specifies an internal
instance with a DNS name that resolves to a private IP address.
Default: The default behavior varies depending on whether DBSubnetGroupName
is specified. If DBSubnetGroupName is not specified, and PubliclyAccessible
is not specified, the following applies: * If the default
VPC in the target region doesn’t have an Internet gateway attached
to it, the DB instance is private. * If the default VPC in
the target region has an Internet gateway attached to it,
the DB instance is public. If DBSubnetGroupName is specified,
and PubliclyAccessible is not specified, the following applies: *
If the subnets are part of a VPC that doesn’t have an Internet
gateway attached to it, the DB instance is private. *
If the subnets are part of a VPC that has an Internet gateway
attached to it, the DB instance is public.'
type: boolean
region:
description: Region is the region you'd like your RDSInstance
to be created in.
type: string
scalingConfiguration:
description: ScalingConfiguration is the scaling properties of
the DB cluster. You can only modify scaling properties for DB
clusters in serverless DB engine mode.
properties:
autoPause:
description: AutoPause specifies whether to allow or disallow
automatic pause for an Aurora DB cluster in serverless DB
engine mode. A DB cluster can be paused only when it's idle
(it has no connections). If a DB cluster is paused for more
than seven days, the DB cluster might be backed up with
a snapshot. In this case, the DB cluster is restored when
there is a request to connect to it.
type: boolean
maxCapacity:
description: MaxCapacity is the maximum capacity for an Aurora
DB cluster in serverless DB engine mode. Valid capacity
values are 2, 4, 8, 16, 32, 64, 128, and 256. The maximum
capacity must be greater than or equal to the minimum capacity.
type: integer
minCapacity:
description: MinCapacity is the minimum capacity for an Aurora
DB cluster in serverless DB engine mode. Valid capacity
values are 2, 4, 8, 16, 32, 64, 128, and 256. The minimum
capacity must be less than or equal to the maximum capacity.
type: integer
secondsUntilAutoPause:
description: SecondsUntilAutoPause is the time, in seconds,
before an Aurora DB cluster in serverless mode is paused.
type: integer
type: object
skipFinalSnapshotBeforeDeletion:
description: 'Determines whether a final DB snapshot is created
before the DB instance is deleted. If true is specified, no
DBSnapshot is created. If false is specified, a DB snapshot
is created before the DB instance is deleted. Note that when
a DB instance is in a failure state and has a status of ''failed'',
''incompatible-restore'', or ''incompatible-network'', it can
only be deleted when the SkipFinalSnapshotBeforeDeletion parameter
is set to "true". Specify true when deleting a Read Replica.
The FinalDBSnapshotIdentifier parameter must be specified if
SkipFinalSnapshotBeforeDeletion is false. Default: false'
type: boolean
storageEncrypted:
description: 'StorageEncrypted specifies whether the DB instance
is encrypted. Amazon Aurora Not applicable. The encryption for
DB instances is managed by the DB cluster. For more information,
see CreateDBCluster. Default: false'
type: boolean
storageType:
description: 'StorageType specifies the storage type to be associated
with the DB instance. Valid values: standard | gp2 | io1 If
you specify io1, you must also include a value for the IOPS
parameter. Default: io1 if the IOPS parameter is specified,
otherwise standard'
type: string
tags:
description: Tags. For more information, see Tagging Amazon RDS
Resources (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Tagging.html)
in the Amazon RDS User Guide.
items:
description: Tag is a metadata assigned to an Amazon RDS resource
consisting of a key-value pair. Please also see https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/Tag
properties:
key:
description: 'A key is the required name of the tag. The
string value can be from 1 to 128 Unicode characters in
length and can''t be prefixed with "aws:" or "rds:". The
string can only contain only the set of Unicode letters,
digits, white-space, ''_'', ''.'', ''/'', ''='', ''+'',
''-'' (Java regex: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-]*)$").'
type: string
value:
description: 'A value is the optional value of the tag.
The string value can be from 1 to 256 Unicode characters
in length and can''t be prefixed with "aws:" or "rds:".
The string can only contain only the set of Unicode letters,
digits, white-space, ''_'', ''.'', ''/'', ''='', ''+'',
''-'' (Java regex: "^([\\p{L}\\p{Z}\\p{N}_.:/=+\\-]*)$").'
type: string
type: object
type: array
timezone:
description: Timezone of the DB instance. The time zone parameter
is currently supported only by Microsoft SQL Server (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone).
type: string
useDefaultProcessorFeatures:
description: A value that specifies that the DB instance class
of the DB instance uses its default processor features.
type: boolean
vpcSecurityGroupIDRefs:
description: VPCSecurityGroupIDRefs are references to VPCSecurityGroups
used to set the VPCSecurityGroupIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
vpcSecurityGroupIDSelector:
description: VPCSecurityGroupIDSelector selects references to
VPCSecurityGroups used to set the VPCSecurityGroupIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
vpcSecurityGroupIds:
description: 'VPCSecurityGroupIDs is a list of EC2 VPC security
groups to associate with this DB instance. Amazon Aurora Not
applicable. The associated list of EC2 VPC security groups is
managed by the DB cluster. For more information, see CreateDBCluster.
Default: The default EC2 VPC security group for the DB subnet
group''s VPC.'
items:
type: string
type: array
required:
- dbInstanceClass
- engine
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An RDSInstanceStatus represents the observed state of an
RDSInstance.
properties:
atProvider:
description: RDSInstanceObservation is the representation of the current
state that is observed.
properties:
dbInstanceArn:
description: DBInstanceArn is the Amazon Resource Name (ARN) for
the DB instance.
type: string
dbInstancePort:
description: DBInstancePort specifies the port that the DB instance
listens on. If the DB instance is part of a DB cluster, this
can be a different port than the DB cluster port.
type: integer
dbInstanceStatus:
description: DBInstanceStatus specifies the current state of this
database.
type: string
dbParameterGroups:
description: DBParameterGroups provides the list of DB parameter
groups applied to this DB instance.
items:
description: 'DBParameterGroupStatus is the status of the DB
parameter group. This data type is used as a response element
in the following actions: * CreateDBInstance * CreateDBInstanceReadReplica *
DeleteDBInstance * ModifyDBInstance * RebootDBInstance *
RestoreDBInstanceFromDBSnapshot Please also see https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBParameterGroupStatus'
properties:
dbParameterGroupName:
description: DBParameterGroupName is the name of the DP
parameter group.
type: string
parameterApplyStatus:
description: ParameterApplyStatus is the status of parameter
updates.
type: string
type: object
type: array
dbResourceId:
description: DBResourceID is the AWS Region-unique, immutable
identifier for the DB instance. This identifier is found in
AWS CloudTrail log entries whenever the AWS KMS key for the
DB instance is accessed.
type: string
dbSecurityGroups:
description: DBSecurityGroups provides List of DB security group
elements containing only DBSecurityGroup.Name and DBSecurityGroup.Status
subelements.
items:
description: 'DBSecurityGroupMembership is used as a response
element in the following actions: * ModifyDBInstance *
RebootDBInstance * RestoreDBInstanceFromDBSnapshot *
RestoreDBInstanceToPointInTime Please also see https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBSecurityGroupMembership'
properties:
dbSecurityGroupName:
description: DBSecurityGroupName is the name of the DB security
group.
type: string
status:
description: Status is the status of the DB security group.
type: string
type: object
type: array
dbSubnetGroup:
description: DBSubnetGroup specifies information on the subnet
group associated with the DB instance, including the name, description,
and subnets in the subnet group.
properties:
dbSubnetGroupArn:
description: DBSubnetGroupARN is the Amazon Resource Name
(ARN) for the DB subnet group.
type: string
dbSubnetGroupDescription:
description: DBSubnetGroupDescription provides the description
of the DB subnet group.
type: string
dbSubnetGroupName:
description: DBSubnetGroupName is the name of the DB subnet
group.
type: string
subnetGroupStatus:
description: SubnetGroupStatus provides the status of the
DB subnet group.
type: string
subnets:
description: Subnets contains a list of Subnet elements.
items:
description: SubnetInRDS is used as a response element in
the DescribeDBSubnetGroups action. Please also see https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/Subnet
properties:
subnetAvailabilityZone:
description: 'SubnetAvailabilityZone contains Availability
Zone information. This data type is used as an element
in the following data type: * OrderableDBInstanceOption'
properties:
name:
description: Name of the Availability Zone.
type: string
type: object
subnetIdentifier:
description: SubnetIdentifier specifies the identifier
of the subnet.
type: string
subnetStatus:
description: SubnetStatus specifies the status of the
subnet.
type: string
type: object
type: array
vpcId:
description: VPCID provides the VPCID of the DB subnet group.
type: string
type: object
domainMemberships:
description: DomainMemberships is the Active Directory Domain
membership records associated with the DB instance.
items:
description: DomainMembership is an Active Directory Domain
membership record associated with the DB instance. Please
also see https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DomainMembership
properties:
domain:
description: Domain is the identifier of the Active Directory
Domain.
type: string
fqdn:
description: FQDN us the fully qualified domain name of
the Active Directory Domain.
type: string
iamRoleName:
description: IAMRoleName is the name of the IAM role to
be used when making API calls to the Directory Service.
type: string
status:
description: Status of the DB instance's Active Directory
Domain membership, such as joined, pending-join, failed
etc).
type: string
type: object
type: array
endpoint:
description: Endpoint specifies the connection endpoint.
properties:
address:
description: Address specifies the DNS address of the DB instance.
type: string
hostedZoneId:
description: HostedZoneID specifies the ID that Amazon Route
53 assigns when you create a hosted zone.
type: string
port:
description: Port specifies the port that the database engine
is listening on.
type: integer
type: object
enhancedMonitoringResourceArn:
description: EnhancedMonitoringResourceArn is the Amazon Resource
Name (ARN) of the Amazon CloudWatch Logs log stream that receives
the Enhanced Monitoring metrics data for the DB instance.
type: string
instanceCreateTime:
description: InstanceCreateTime provides the date and time the
DB instance was created.
format: date-time
type: string
latestRestorableTime:
description: LatestRestorableTime specifies the latest time to
which a database can be restored with point-in-time restore.
format: date-time
type: string
optionGroupMemberships:
description: OptionGroupMemberships provides the list of option
group memberships for this DB instance.
items:
description: OptionGroupMembership provides information on the
option groups the DB instance is a member of. Please also
see https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/OptionGroupMembership
properties:
optionGroupName:
description: OptionGroupName is the name of the option group
that the instance belongs to.
type: string
status:
description: 'Status is the status of the DB instance''s
option group membership. Valid values are: in-sync, pending-apply,
pending-removal, pending-maintenance-apply, pending-maintenance-removal,
applying, removing, and failed.'
type: string
type: object
type: array
pendingModifiedValues:
description: PendingModifiedValues specifies that changes to the
DB instance are pending. This element is only included when
changes are pending. Specific changes are identified by subelements.
properties:
allocatedStorage:
description: AllocatedStorage contains the new AllocatedStorage
size for the DB instance that will be applied or is currently
being applied.
type: integer
backupRetentionPeriod:
description: BackupRetentionPeriod specifies the pending number
of days for which automated backups are retained.
type: integer
caCertificateIdentifier:
description: CACertificateIdentifier specifies the identifier
of the CA certificate for the DB instance.
type: string
dbInstanceClass:
description: DBInstanceClass contains the new DBInstanceClass
for the DB instance that will be applied or is currently
being applied.
type: string
dbSubnetGroupName:
description: DBSubnetGroupName is the new DB subnet group
for the DB instance.
type: string
engineVersion:
description: EngineVersion indicates the database engine version.
type: string
iops:
description: IOPS specifies the new Provisioned IOPS value
for the DB instance that will be applied or is currently
being applied.
type: integer
licenseModel:
description: 'LicenseModel is the license model for the DB
instance. Valid values: license-included | bring-your-own-license
| general-public-license'
type: string
multiAZ:
description: MultiAZ indicates that the Single-AZ DB instance
is to change to a Multi-AZ deployment.
type: boolean
pendingCloudwatchLogsExports:
description: PendingCloudwatchLogsExports is a list of the
log types whose configuration is still pending. In other
words, these log types are in the process of being activated
or deactivated.
properties:
logTypesToDisable:
description: LogTypesToDisable is list of log types that
are in the process of being enabled. After they are
enabled, these log types are exported to CloudWatch
Logs.
items:
type: string
type: array
logTypesToEnable:
description: LogTypesToEnable is the log types that are
in the process of being deactivated. After they are
deactivated, these log types aren't exported to CloudWatch
Logs.
items:
type: string
type: array
type: object
port:
description: Port specifies the pending port for the DB instance.
type: integer
processorFeatures:
description: ProcessorFeatures is the number of CPU cores
and the number of threads per core for the DB instance class
of the DB instance.
items:
description: ProcessorFeature is a processor feature entry.
For more information, see Configuring the Processor of
the DB Instance Class (http://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html#USER_ConfigureProcessor)
in the Amazon RDS User Guide. Please also see https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/ProcessorFeature
properties:
name:
description: Name of the processor feature. Valid names
are coreCount and threadsPerCore.
type: string
value:
description: Value of a processor feature name.
type: string
required:
- name
- value
type: object
type: array
storageType:
description: StorageType specifies the storage type to be
associated with the DB instance.
type: string
type: object
performanceInsightsEnabled:
description: PerformanceInsightsEnabled is true if Performance
Insights is enabled for the DB instance, and otherwise false.
type: boolean
readReplicaDBClusterIdentifiers:
description: ReadReplicaDBClusterIdentifiers contains one or more
identifiers of Aurora DB clusters to which the RDS DB instance
is replicated as a Read Replica. For example, when you create
an Aurora Read Replica of an RDS MySQL DB instance, the Aurora
MySQL DB cluster for the Aurora Read Replica is shown. This
output does not contain information about cross region Aurora
Read Replicas.
items:
type: string
type: array
readReplicaDBInstanceIdentifiers:
description: ReadReplicaDBInstanceIdentifiers contains one or
more identifiers of the Read Replicas associated with this DB
instance.
items:
type: string
type: array
readReplicaSourceDBInstanceIdentifier:
description: ReadReplicaSourceDBInstanceIdentifier contains the
identifier of the source DB instance if this DB instance is
a Read Replica.
type: string
secondaryAvailabilityZone:
description: SecondaryAvailabilityZone specifies the name of the
secondary Availability Zone for a DB instance with multi-AZ
support when it is present.
type: string
statusInfos:
description: StatusInfos is the status of a Read Replica. If the
instance is not a Read Replica, this is blank.
items:
description: DBInstanceStatusInfo provides a list of status
information for a DB instance. Please also see https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/DBInstanceStatusInfo
properties:
message:
description: Message is the details of the error if there
is an error for the instance. If the instance is not in
an error state, this value is blank.
type: string
normal:
description: Normal is true if the instance is operating
normally, or false if the instance is in an error state.
type: boolean
status:
description: Status of the DB instance. For a StatusType
of read replica, the values can be replicating, replication
stop point set, replication stop point reached, error,
stopped, or terminated.
type: string
statusType:
description: StatusType is currently "read replication."
type: string
type: object
type: array
vpcSecurityGroups:
description: VPCSecurityGroups provides a list of VPC security
group elements that the DB instance belongs to.
items:
description: VPCSecurityGroupMembership is used as a response
element for queries on VPC security group membership. Please
also see https://docs.aws.amazon.com/goto/WebAPI/rds-2014-10-31/VpcSecurityGroupMembership
properties:
status:
description: Status is the status of the VPC security group.
type: string
vpcSecurityGroupId:
description: VPCSecurityGroupID is the name of the VPC security
group.
type: string
type: object
type: array
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: dbclusters.docdb.aws.crossplane.io
spec:
group: docdb.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: DBCluster
listKind: DBClusterList
plural: dbclusters
singular: dbcluster
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: DBCluster is the Schema for the DBClusters API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DBClusterSpec defines the desired state of DBCluster
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: DBClusterParameters defines the desired state of DBCluster
properties:
applyImmediately:
description: "A value that specifies whether the changes in this
request and any pending changes are asynchronously applied as
soon as possible, regardless of the PreferredMaintenanceWindow
setting for the cluster. If this parameter is set to false,
changes to the cluster are applied during the next maintenance
window. \n The ApplyImmediately parameter affects only the NewDBClusterIdentifier
and MasterUserPassword values. If you set this parameter value
to false, the changes to the NewDBClusterIdentifier and MasterUserPassword
values are applied during the next maintenance window. All other
changes are applied immediately, regardless of the value of
the ApplyImmediately parameter. \n Default: false"
type: boolean
availabilityZones:
description: A list of Amazon EC2 Availability Zones that instances
in the cluster can be created in.
items:
type: string
type: array
backupRetentionPeriod:
description: "The number of days for which automated backups are
retained. You must specify a minimum value of 1. \n Default:
1 \n Constraints: \n * Must be a value from 1 to 35."
format: int64
type: integer
dbClusterParameterGroupName:
description: The name of the cluster parameter group to associate
with this cluster.
type: string
dbClusterParameterGroupNameRef:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
dbClusterParameterGroupNameSelector:
description: A Selector selects an object.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
dbSubnetGroupName:
description: "A subnet group to associate with this cluster. \n
Constraints: Must match the name of an existing DBSubnetGroup.
Must not be default. \n Example: mySubnetgroup"
type: string
dbSubnetGroupNameRef:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
dbSubnetGroupNameSelector:
description: A Selector selects an object.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
deletionProtection:
description: Specifies whether this cluster can be deleted. If
DeletionProtection is enabled, the cluster cannot be deleted
unless it is modified and DeletionProtection is disabled. DeletionProtection
protects clusters from being accidentally deleted.
type: boolean
enableCloudwatchLogsExports:
description: A list of log types that need to be enabled for exporting
to Amazon CloudWatch Logs. You can enable audit logs or profiler
logs. For more information, see Auditing Amazon DocumentDB Events
(https://docs.aws.amazon.com/documentdb/latest/developerguide/event-auditing.html)
and Profiling Amazon DocumentDB Operations (https://docs.aws.amazon.com/documentdb/latest/developerguide/profiling.html).
items:
type: string
type: array
engine:
description: "The name of the database engine to be used for this
cluster. \n Valid values: docdb"
type: string
engineVersion:
description: The version number of the database engine to use.
The --engine-version will default to the latest major engine
version. For production workloads, we recommend explicitly declaring
this parameter with the intended major engine version.
type: string
finalDBSnapshotIdentifier:
description: "The cluster snapshot identifier of the new cluster
snapshot created when SkipFinalSnapshot is set to false. \n
Specifying this parameter and also setting the SkipFinalShapshot
parameter to true results in an error. \n Constraints: \n *
Must be from 1 to 255 letters, numbers, or hyphens. \n *
The first character must be a letter. \n * Cannot end with
a hyphen or contain two consecutive hyphens."
type: string
kmsKeyID:
description: "The AWS KMS key identifier for an encrypted cluster.
\n The AWS KMS key identifier is the Amazon Resource Name (ARN)
for the AWS KMS encryption key. If you are creating a cluster
using the same AWS account that owns the AWS KMS encryption
key that is used to encrypt the new cluster, you can use the
AWS KMS key alias instead of the ARN for the AWS KMS encryption
key. \n If an encryption key is not specified in KmsKeyId: \n
\ * If the StorageEncrypted parameter is true, Amazon DocumentDB
uses your default encryption key. \n AWS KMS creates the
default encryption key for your AWS account. Your AWS account
has a different default encryption key for each AWS Region."
type: string
kmsKeyIDRef:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
kmsKeyIDSelector:
description: A Selector selects an object.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
masterUserPasswordSecretRef:
description: "MasterUserPasswordSecretRef references the secret
that contains the password for the master database user. This
password can contain any printable ASCII character except forward
slash (/), double quote (\"), or the \"at\" symbol (@). \n Constraints:
Must contain from 8 to 100 characters."
properties:
key:
description: The key to select.
type: string
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- key
- name
- namespace
type: object
masterUsername:
description: "The name of the master user for the cluster. \n
Constraints: \n * Must be from 1 to 63 letters or numbers.
\n * The first character must be a letter. \n * Cannot
be a reserved word for the chosen database engine."
type: string
port:
description: The port number on which the instances in the cluster
accept connections.
format: int64
type: integer
preSignedURL:
description: Not currently supported.
type: string
preferredBackupWindow:
description: "The daily time range during which automated backups
are created if automated backups are enabled using the BackupRetentionPeriod
parameter. \n The default is a 30-minute window selected at
random from an 8-hour block of time for each AWS Region. \n
Constraints: \n * Must be in the format hh24:mi-hh24:mi.
\n * Must be in Universal Coordinated Time (UTC). \n *
Must not conflict with the preferred maintenance window. \n
\ * Must be at least 30 minutes."
type: string
preferredMaintenanceWindow:
description: "The weekly time range during which system maintenance
can occur, in Universal Coordinated Time (UTC). \n Format: ddd:hh24:mi-ddd:hh24:mi
\n The default is a 30-minute window selected at random from
an 8-hour block of time for each AWS Region, occurring on a
random day of the week. \n Valid days: Mon, Tue, Wed, Thu, Fri,
Sat, Sun \n Constraints: Minimum 30-minute window."
type: string
region:
description: Region is which region the DBCluster will be created.
type: string
skipFinalSnapshot:
description: "Determines whether a final cluster snapshot is created
before the cluster is deleted. If true is specified, no cluster
snapshot is created. If false is specified, a cluster snapshot
is created before the DB cluster is deleted. \n If SkipFinalSnapshot
is false, you must specify a FinalDBSnapshotIdentifier parameter.
\n Default: false"
type: boolean
storageEncrypted:
description: Specifies whether the cluster is encrypted.
type: boolean
tags:
description: The tags to be assigned to the cluster.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
vpcSecurityGroupIDs:
description: A list of EC2 VPC security groups to associate with
this cluster.
items:
type: string
type: array
vpcSecurityGroupIDsRefs:
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
vpcSecurityGroupIDsSelector:
description: A Selector selects an object.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- engine
- masterUsername
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: DBClusterStatus defines the observed state of DBCluster.
properties:
atProvider:
description: DBClusterObservation defines the observed state of DBCluster
properties:
associatedRoles:
description: Provides a list of the AWS Identity and Access Management
(IAM) roles that are associated with the cluster. IAM roles
that are associated with a cluster grant permission for the
cluster to access other AWS services on your behalf.
items:
properties:
roleARN:
type: string
status:
type: string
type: object
type: array
clusterCreateTime:
description: Specifies the time when the cluster was created,
in Universal Coordinated Time (UTC).
format: date-time
type: string
dbClusterARN:
description: The Amazon Resource Name (ARN) for the cluster.
type: string
dbClusterIdentifier:
description: Contains a user-supplied cluster identifier. This
identifier is the unique key that identifies a cluster.
type: string
dbClusterMembers:
description: Provides the list of instances that make up the cluster.
items:
properties:
dbClusterParameterGroupStatus:
type: string
dbInstanceIdentifier:
type: string
isClusterWriter:
type: boolean
promotionTier:
format: int64
type: integer
type: object
type: array
dbClusterParameterGroup:
description: Specifies the name of the cluster parameter group
for the cluster.
type: string
dbClusterResourceID:
description: The AWS Region-unique, immutable identifier for the
cluster. This identifier is found in AWS CloudTrail log entries
whenever the AWS KMS key for the cluster is accessed.
type: string
dbSubnetGroup:
description: Specifies information on the subnet group that is
associated with the cluster, including the name, description,
and subnets in the subnet group.
type: string
earliestRestorableTime:
description: The earliest time to which a database can be restored
with point-in-time restore.
format: date-time
type: string
enabledCloudwatchLogsExports:
description: A list of log types that this cluster is configured
to export to Amazon CloudWatch Logs.
items:
type: string
type: array
endpoint:
description: Specifies the connection endpoint for the primary
instance of the cluster.
type: string
hostedZoneID:
description: Specifies the ID that Amazon Route 53 assigns when
you create a hosted zone.
type: string
latestRestorableTime:
description: Specifies the latest time to which a database can
be restored with point-in-time restore.
format: date-time
type: string
multiAZ:
description: Specifies whether the cluster has instances in multiple
Availability Zones.
type: boolean
percentProgress:
description: Specifies the progress of the operation as a percentage.
type: string
readerEndpoint:
description: "The reader endpoint for the cluster. The reader
endpoint for a cluster load balances connections across the
Amazon DocumentDB replicas that are available in a cluster.
As clients request new connections to the reader endpoint, Amazon
DocumentDB distributes the connection requests among the Amazon
DocumentDB replicas in the cluster. This functionality can help
balance your read workload across multiple Amazon DocumentDB
replicas in your cluster. \n If a failover occurs, and the Amazon
DocumentDB replica that you are connected to is promoted to
be the primary instance, your connection is dropped. To continue
sending your read workload to other Amazon DocumentDB replicas
in the cluster, you can then reconnect to the reader endpoint."
type: string
status:
description: Specifies the current state of this cluster.
type: string
vpcSecurityGroups:
description: Provides a list of virtual private cloud (VPC) security
groups that the cluster belongs to.
items:
properties:
status:
type: string
vpcSecurityGroupID:
type: string
type: object
type: array
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: dbclusterparametergroups.docdb.aws.crossplane.io
spec:
group: docdb.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: DBClusterParameterGroup
listKind: DBClusterParameterGroupList
plural: dbclusterparametergroups
singular: dbclusterparametergroup
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: DBClusterParameterGroup is the Schema for the DBClusterParameterGroups
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DBClusterParameterGroupSpec defines the desired state of
DBClusterParameterGroup
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: DBClusterParameterGroupParameters defines the desired
state of DBClusterParameterGroup
properties:
dbParameterGroupFamily:
description: The cluster parameter group family name.
type: string
description:
description: The description for the cluster parameter group.
type: string
parameters:
items:
properties:
allowedValues:
type: string
applyMethod:
type: string
applyType:
type: string
dataType:
type: string
description:
type: string
isModifiable:
type: boolean
minimumEngineVersion:
type: string
parameterName:
type: string
parameterValue:
type: string
source:
type: string
type: object
type: array
region:
description: Region is which region the DBClusterParameterGroup
will be created.
type: string
tags:
description: The tags to be assigned to the cluster parameter
group.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- dbParameterGroupFamily
- description
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: DBClusterParameterGroupStatus defines the observed state
of DBClusterParameterGroup.
properties:
atProvider:
description: DBClusterParameterGroupObservation defines the observed
state of DBClusterParameterGroup
properties:
dbClusterParameterGroupARN:
description: The Amazon Resource Name (ARN) for the cluster parameter
group.
type: string
dbClusterParameterGroupName:
description: Provides the name of the cluster parameter group.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: dbinstances.docdb.aws.crossplane.io
spec:
group: docdb.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: DBInstance
listKind: DBInstanceList
plural: dbinstances
singular: dbinstance
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: DBInstance is the Schema for the DBInstances API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DBInstanceSpec defines the desired state of DBInstance
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: DBInstanceParameters defines the desired state of DBInstance
properties:
applyImmediately:
description: "Specifies whether the modifications in this request
and any pending modifications are asynchronously applied as
soon as possible, regardless of the PreferredMaintenanceWindow
setting for the instance. \n If this parameter is set to false,
changes to the instance are applied during the next maintenance
window. Some parameter changes can cause an outage and are applied
on the next reboot. \n Default: false"
type: boolean
autoMinorVersionUpgrade:
description: "Indicates that minor engine upgrades are applied
automatically to the instance during the maintenance window.
\n Default: true"
type: boolean
availabilityZone:
description: "The Amazon EC2 Availability Zone that the instance
is created in. \n Default: A random, system-chosen Availability
Zone in the endpoint's AWS Region. \n Example: us-east-1d"
type: string
caCertificateIdentifier:
description: The identifier of the CA certificate for this DB
instance.
type: string
dbClusterIdentifier:
description: The identifier of the cluster this instance will
belong to
type: string
dbClusterIdentifierRef:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
dbClusterIdentifierSelector:
description: A Selector selects an object.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
dbInstanceClass:
description: The compute and memory capacity of the instance;
for example, db.r5.large.
type: string
engine:
description: "The name of the database engine to be used for this
instance. \n Valid value: docdb"
type: string
preferredMaintenanceWindow:
description: "The time range each week during which system maintenance
can occur, in Universal Coordinated Time (UTC). \n Format: ddd:hh24:mi-ddd:hh24:mi
\n The default is a 30-minute window selected at random from
an 8-hour block of time for each AWS Region, occurring on a
random day of the week. \n Valid days: Mon, Tue, Wed, Thu, Fri,
Sat, Sun \n Constraints: Minimum 30-minute window."
type: string
promotionTier:
description: "A value that specifies the order in which an Amazon
DocumentDB replica is promoted to the primary instance after
a failure of the existing primary instance. \n Default: 1 \n
Valid values: 0-15"
format: int64
type: integer
region:
description: Region is which region the DBInstance will be created.
type: string
tags:
description: The tags to be assigned to the instance. You can
assign up to 10 tags to an instance.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- dbInstanceClass
- engine
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: DBInstanceStatus defines the observed state of DBInstance.
properties:
atProvider:
description: DBInstanceObservation defines the observed state of DBInstance
properties:
backupRetentionPeriod:
description: Specifies the number of days for which automatic
snapshots are retained.
format: int64
type: integer
caCertificateIdentifier:
description: The identifier of the CA certificate for this DB
instance.
type: string
dbClusterIdentifier:
description: Contains the name of the cluster that the instance
is a member of if the instance is a member of a cluster.
type: string
dbInstanceARN:
description: The Amazon Resource Name (ARN) for the instance.
type: string
dbInstanceIdentifier:
description: Contains a user-provided database identifier. This
identifier is the unique key that identifies an instance.
type: string
dbInstanceStatus:
description: Specifies the current state of this database.
type: string
dbSubnetGroup:
description: Specifies information on the subnet group that is
associated with the instance, including the name, description,
and subnets in the subnet group.
properties:
dbSubnetGroupARN:
type: string
dbSubnetGroupDescription:
type: string
dbSubnetGroupName:
type: string
subnetGroupStatus:
type: string
subnets:
items:
properties:
subnetAvailabilityZone:
description: Information about an Availability Zone.
properties:
name:
type: string
type: object
subnetIdentifier:
type: string
subnetStatus:
type: string
type: object
type: array
vpcID:
type: string
type: object
dbiResourceID:
description: The AWS Region-unique, immutable identifier for the
instance. This identifier is found in AWS CloudTrail log entries
whenever the AWS KMS key for the instance is accessed.
type: string
enabledCloudwatchLogsExports:
description: A list of log types that this instance is configured
to export to Amazon CloudWatch Logs.
items:
type: string
type: array
endpoint:
description: Specifies the connection endpoint.
properties:
address:
type: string
hostedZoneID:
type: string
port:
format: int64
type: integer
type: object
engineVersion:
description: Indicates the database engine version.
type: string
instanceCreateTime:
description: Provides the date and time that the instance was
created.
format: date-time
type: string
kmsKeyID:
description: If StorageEncrypted is true, the AWS KMS key identifier
for the encrypted instance.
type: string
latestRestorableTime:
description: Specifies the latest time to which a database can
be restored with point-in-time restore.
format: date-time
type: string
pendingModifiedValues:
description: Specifies that changes to the instance are pending.
This element is included only when changes are pending. Specific
changes are identified by subelements.
properties:
allocatedStorage:
format: int64
type: integer
backupRetentionPeriod:
format: int64
type: integer
caCertificateIdentifier:
type: string
dbInstanceClass:
type: string
dbInstanceIdentifier:
type: string
dbSubnetGroupName:
type: string
engineVersion:
type: string
iops:
format: int64
type: integer
licenseModel:
type: string
masterUserPassword:
type: string
multiAZ:
type: boolean
pendingCloudwatchLogsExports:
description: A list of the log types whose configuration is
still pending. These log types are in the process of being
activated or deactivated.
properties:
logTypesToDisable:
items:
type: string
type: array
logTypesToEnable:
items:
type: string
type: array
type: object
port:
format: int64
type: integer
storageType:
type: string
type: object
preferredBackupWindow:
description: Specifies the daily time range during which automated
backups are created if automated backups are enabled, as determined
by the BackupRetentionPeriod.
type: string
publiclyAccessible:
description: Not supported. Amazon DocumentDB does not currently
support public endpoints. The value of PubliclyAccessible is
always false.
type: boolean
statusInfos:
description: The status of a read replica. If the instance is
not a read replica, this is blank.
items:
properties:
message:
type: string
normal:
type: boolean
status:
type: string
statusType:
type: string
type: object
type: array
storageEncrypted:
description: Specifies whether or not the instance is encrypted.
type: boolean
vpcSecurityGroups:
description: Provides a list of VPC security group elements that
the instance belongs to.
items:
properties:
status:
type: string
vpcSecurityGroupID:
type: string
type: object
type: array
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: dbsubnetgroups.docdb.aws.crossplane.io
spec:
group: docdb.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: DBSubnetGroup
listKind: DBSubnetGroupList
plural: dbsubnetgroups
singular: dbsubnetgroup
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: DBSubnetGroup is the Schema for the DBSubnetGroups API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DBSubnetGroupSpec defines the desired state of DBSubnetGroup
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: DBSubnetGroupParameters defines the desired state of
DBSubnetGroup
properties:
dbSubnetGroupDescription:
description: The description for the subnet group.
type: string
region:
description: Region is which region the DBSubnetGroup will be
created.
type: string
subnetIDs:
items:
type: string
type: array
subnetIDsRefs:
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
subnetIDsSelector:
description: A Selector selects an object.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
tags:
description: The tags to be assigned to the subnet group.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- dbSubnetGroupDescription
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: DBSubnetGroupStatus defines the observed state of DBSubnetGroup.
properties:
atProvider:
description: DBSubnetGroupObservation defines the observed state of
DBSubnetGroup
properties:
dbSubnetGroupARN:
description: The Amazon Resource Name (ARN) for the DB subnet
group.
type: string
dbSubnetGroupName:
description: The name of the subnet group.
type: string
subnetGroupStatus:
description: Provides the status of the subnet group.
type: string
subnets:
description: Detailed information about one or more subnets within
a subnet group.
items:
properties:
subnetAvailabilityZone:
description: Information about an Availability Zone.
properties:
name:
type: string
type: object
subnetIdentifier:
type: string
subnetStatus:
type: string
type: object
type: array
vpcID:
description: Provides the virtual private cloud (VPC) ID of the
subnet group.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: backups.dynamodb.aws.crossplane.io
spec:
group: dynamodb.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Backup
listKind: BackupList
plural: backups
singular: backup
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Backup is the Schema for the Backups API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: BackupSpec defines the desired state of Backup
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: BackupParameters defines the desired state of Backup
properties:
backupName:
description: Specified name for the backup.
type: string
region:
description: Region is which region the Backup will be created.
type: string
tableName:
description: TableName is the name of the Table whose backup will
be taken.
type: string
tableNameRef:
description: TableNameRef points to the Table resource whose Name
will be used to fill TableName field.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
tableNameSelector:
description: TableNameSelector selects a Table resource.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- backupName
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: BackupStatus defines the observed state of Backup.
properties:
atProvider:
description: BackupObservation defines the observed state of Backup
properties:
backupARN:
description: ARN associated with the backup.
type: string
backupCreationDateTime:
description: Time at which the backup was created. This is the
request time of the backup.
format: date-time
type: string
backupExpiryDateTime:
description: Time at which the automatic on-demand backup created
by DynamoDB will expire. This SYSTEM on-demand backup expires
automatically 35 days after its creation.
format: date-time
type: string
backupSizeBytes:
description: Size of the backup in bytes.
format: int64
type: integer
backupStatus:
description: 'Backup can be in one of the following states: CREATING,
ACTIVE, DELETED.'
type: string
backupType:
description: "BackupType: \n * USER - You create and manage
these using the on-demand backup feature. \n * SYSTEM - If
you delete a table with point-in-time recovery enabled, a
SYSTEM backup is automatically created and is retained for 35
days (at no additional cost). System backups allow you to
restore the deleted table to the state it was in just before
the point of deletion. \n * AWS_BACKUP - On-demand backup
created by you from AWS Backup service."
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: globaltables.dynamodb.aws.crossplane.io
spec:
group: dynamodb.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: GlobalTable
listKind: GlobalTableList
plural: globaltables
singular: globaltable
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: GlobalTable is the Schema for the GlobalTables API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: GlobalTableSpec defines the desired state of GlobalTable
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: GlobalTableParameters defines the desired state of GlobalTable
properties:
region:
description: Region is which region the GlobalTable will be created.
type: string
replicationGroup:
description: The Regions where the global table needs to be created.
items:
properties:
regionName:
type: string
type: object
type: array
required:
- region
- replicationGroup
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: GlobalTableStatus defines the observed state of GlobalTable.
properties:
atProvider:
description: GlobalTableObservation defines the observed state of
GlobalTable
properties:
creationDateTime:
description: The creation time of the global table.
format: date-time
type: string
globalTableARN:
description: The unique identifier of the global table.
type: string
globalTableName:
description: The global table name.
type: string
globalTableStatus:
description: "The current state of the global table: \n * CREATING
- The global table is being created. \n * UPDATING - The
global table is being updated. \n * DELETING - The global
table is being deleted. \n * ACTIVE - The global table is
ready for use."
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: tables.dynamodb.aws.crossplane.io
spec:
group: dynamodb.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Table
listKind: TableList
plural: tables
singular: table
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Table is the Schema for the Tables API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: TableSpec defines the desired state of Table
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: TableParameters defines the desired state of Table
properties:
attributeDefinitions:
description: An array of attributes that describe the key schema
for the table and indexes.
items:
properties:
attributeName:
type: string
attributeType:
type: string
type: object
type: array
billingMode:
description: "Controls how you are charged for read and write
throughput and how you manage capacity. This setting can be
changed later. \n * PROVISIONED - We recommend using PROVISIONED
for predictable workloads. PROVISIONED sets the billing mode
to Provisioned Mode (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.ProvisionedThroughput.Manual).
\n * PAY_PER_REQUEST - We recommend using PAY_PER_REQUEST
for unpredictable workloads. PAY_PER_REQUEST sets the billing
mode to On-Demand Mode (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/HowItWorks.ReadWriteCapacityMode.html#HowItWorks.OnDemand)."
type: string
globalSecondaryIndexes:
description: "One or more global secondary indexes (the maximum
is 20) to be created on the table. Each global secondary index
in the array includes the following: \n * IndexName - The
name of the global secondary index. Must be unique only for
this table. \n * KeySchema - Specifies the key schema for
the global secondary index. \n * Projection - Specifies attributes
that are copied (projected) from the table into the index.
These are in addition to the primary key attributes and index
key attributes, which are automatically projected. Each attribute
\ specification is composed of: ProjectionType - One of the
following: KEYS_ONLY - Only the index and primary keys are
projected into the index. INCLUDE - Only the specified table
attributes are projected into the index. The list of projected
attributes is in NonKeyAttributes. ALL - All of the table
attributes are projected into the index. NonKeyAttributes -
A list of one or more non-key attribute names that are projected
into the secondary index. The total count of attributes provided
in NonKeyAttributes, summed across all of the secondary indexes,
must not exceed 100. If you project the same attribute into
two different indexes, this counts as two distinct attributes
when determining the total. \n * ProvisionedThroughput -
The provisioned throughput settings for the global secondary
index, consisting of read and write capacity units."
items:
properties:
indexName:
type: string
keySchema:
items:
properties:
attributeName:
type: string
keyType:
type: string
type: object
type: array
projection:
description: Represents attributes that are copied (projected)
from the table into an index. These are in addition to
the primary key attributes and index key attributes, which
are automatically projected.
properties:
nonKeyAttributes:
items:
type: string
type: array
projectionType:
type: string
type: object
provisionedThroughput:
description: "Represents the provisioned throughput settings
for a specified table or index. The settings can be modified
using the UpdateTable operation. \n For current minimum
and maximum provisioned throughput values, see Service,
Account, and Table Quotas (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html)
in the Amazon DynamoDB Developer Guide."
properties:
readCapacityUnits:
format: int64
type: integer
writeCapacityUnits:
format: int64
type: integer
type: object
type: object
type: array
keySchema:
description: "Specifies the attributes that make up the primary
key for a table or an index. The attributes in KeySchema must
also be defined in the AttributeDefinitions array. For more
information, see Data Model (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/DataModel.html)
in the Amazon DynamoDB Developer Guide. \n Each KeySchemaElement
in the array is composed of: \n * AttributeName - The name
of this key attribute. \n * KeyType - The role that the key
attribute will assume: HASH - partition key RANGE - sort
key \n The partition key of an item is also known as its hash
attribute. The term \"hash attribute\" derives from the DynamoDB
usage of an internal hash function to evenly distribute data
items across partitions, based on their partition key values.
\n The sort key of an item is also known as its range attribute.
The term \"range attribute\" derives from the way DynamoDB stores
items with the same partition key physically close together,
in sorted order by the sort key value. \n For a simple primary
key (partition key), you must provide exactly one element with
a KeyType of HASH. \n For a composite primary key (partition
key and sort key), you must provide exactly two elements, in
this order: The first element must have a KeyType of HASH, and
the second element must have a KeyType of RANGE. \n For more
information, see Working with Tables (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.html#WorkingWithTables.primary.key)
in the Amazon DynamoDB Developer Guide."
items:
properties:
attributeName:
type: string
keyType:
type: string
type: object
type: array
localSecondaryIndexes:
description: "One or more local secondary indexes (the maximum
is 5) to be created on the table. Each index is scoped to a
given partition key value. There is a 10 GB size limit per partition
key value; otherwise, the size of a local secondary index is
unconstrained. \n Each local secondary index in the array includes
the following: \n * IndexName - The name of the local secondary
index. Must be unique only for this table. \n * KeySchema
- Specifies the key schema for the local secondary index. The
key schema must begin with the same partition key as the table.
\n * Projection - Specifies attributes that are copied (projected)
from the table into the index. These are in addition to the
primary key attributes and index key attributes, which are
automatically projected. Each attribute specification is
composed of: ProjectionType - One of the following: KEYS_ONLY
\ - Only the index and primary keys are projected into the
index. INCLUDE - Only the specified table attributes are
projected into the index. The list of projected attributes
is in NonKeyAttributes. ALL - All of the table attributes
are projected into the index. NonKeyAttributes - A list of
one or more non-key attribute names that are projected into
the secondary index. The total count of attributes provided
in NonKeyAttributes, summed across all of the secondary indexes,
must not exceed 100. If you project the same attribute into
two different indexes, this counts as two distinct attributes
when determining the total."
items:
properties:
indexName:
type: string
keySchema:
items:
properties:
attributeName:
type: string
keyType:
type: string
type: object
type: array
projection:
description: Represents attributes that are copied (projected)
from the table into an index. These are in addition to
the primary key attributes and index key attributes, which
are automatically projected.
properties:
nonKeyAttributes:
items:
type: string
type: array
projectionType:
type: string
type: object
type: object
type: array
provisionedThroughput:
description: "Represents the provisioned throughput settings for
a specified table or index. The settings can be modified using
the UpdateTable operation. \n If you set BillingMode as PROVISIONED,
you must specify this property. If you set BillingMode as PAY_PER_REQUEST,
you cannot specify this property. \n For current minimum and
maximum provisioned throughput values, see Service, Account,
and Table Quotas (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html)
in the Amazon DynamoDB Developer Guide."
properties:
readCapacityUnits:
format: int64
type: integer
writeCapacityUnits:
format: int64
type: integer
type: object
region:
description: Region is which region the Table will be created.
type: string
sseSpecification:
description: Represents the settings used to enable server-side
encryption.
properties:
enabled:
type: boolean
kmsMasterKeyID:
type: string
sseType:
type: string
type: object
streamSpecification:
description: "The settings for DynamoDB Streams on the table.
These settings consist of: \n * StreamEnabled - Indicates
whether DynamoDB Streams is to be enabled (true) or disabled
(false). \n * StreamViewType - When an item in the table
is modified, StreamViewType determines what information is
written to the table's stream. Valid values for StreamViewType
are: KEYS_ONLY - Only the key attributes of the modified item
are written to the stream. NEW_IMAGE - The entire item, as it
appears after it was modified, is written to the stream.
OLD_IMAGE - The entire item, as it appeared before it was
modified, is written to the stream. NEW_AND_OLD_IMAGES -
Both the new and the old item images of the item are written
to the stream."
properties:
streamEnabled:
type: boolean
streamViewType:
type: string
type: object
tags:
description: A list of key-value pairs to label the table. For
more information, see Tagging for DynamoDB (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Tagging.html).
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- attributeDefinitions
- keySchema
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: TableStatus defines the observed state of Table.
properties:
atProvider:
description: TableObservation defines the observed state of Table
properties:
archivalSummary:
description: Contains information about the table archive.
properties:
archivalBackupARN:
type: string
archivalDateTime:
format: date-time
type: string
archivalReason:
type: string
type: object
billingModeSummary:
description: Contains the details for the read/write capacity
mode.
properties:
billingMode:
type: string
lastUpdateToPayPerRequestDateTime:
format: date-time
type: string
type: object
creationDateTime:
description: The date and time when the table was created, in
UNIX epoch time (http://www.epochconverter.com/) format.
format: date-time
type: string
globalTableVersion:
description: Represents the version of global tables (https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/GlobalTables.html)
in use, if the table is replicated across AWS Regions.
type: string
itemCount:
description: The number of items in the specified table. DynamoDB
updates this value approximately every six hours. Recent changes
might not be reflected in this value.
format: int64
type: integer
latestStreamARN:
description: The Amazon Resource Name (ARN) that uniquely identifies
the latest stream for this table.
type: string
latestStreamLabel:
description: "A timestamp, in ISO 8601 format, for this stream.
\n Note that LatestStreamLabel is not a unique identifier for
the stream, because it is possible that a stream from another
table might have the same timestamp. However, the combination
of the following three elements is guaranteed to be unique:
\n * AWS customer ID \n * Table name \n * StreamLabel"
type: string
replicas:
description: Represents replicas of the table.
items:
properties:
globalSecondaryIndexes:
items:
properties:
indexName:
type: string
provisionedThroughputOverride:
description: Replica-specific provisioned throughput
settings. If not specified, uses the source table's
provisioned throughput settings.
properties:
readCapacityUnits:
format: int64
type: integer
type: object
type: object
type: array
kmsMasterKeyID:
type: string
provisionedThroughputOverride:
description: Replica-specific provisioned throughput settings.
If not specified, uses the source table's provisioned
throughput settings.
properties:
readCapacityUnits:
format: int64
type: integer
type: object
regionName:
type: string
replicaInaccessibleDateTime:
format: date-time
type: string
replicaStatus:
type: string
replicaStatusDescription:
type: string
replicaStatusPercentProgress:
type: string
type: object
type: array
restoreSummary:
description: Contains details for the restore.
properties:
restoreDateTime:
format: date-time
type: string
restoreInProgress:
type: boolean
sourceBackupARN:
type: string
sourceTableARN:
type: string
type: object
sseDescription:
description: The description of the server-side encryption status
on the specified table.
properties:
inaccessibleEncryptionDateTime:
format: date-time
type: string
kmsMasterKeyARN:
type: string
sseType:
type: string
status:
type: string
type: object
tableARN:
description: The Amazon Resource Name (ARN) that uniquely identifies
the table.
type: string
tableID:
description: Unique identifier for the table for which the backup
was created.
type: string
tableName:
description: The name of the table.
type: string
tableSizeBytes:
description: The total size of the specified table, in bytes.
DynamoDB updates this value approximately every six hours. Recent
changes might not be reflected in this value.
format: int64
type: integer
tableStatus:
description: "The current state of the table: \n * CREATING
- The table is being created. \n * UPDATING - The table is
being updated. \n * DELETING - The table is being deleted.
\n * ACTIVE - The table is ready for use. \n * INACCESSIBLE_ENCRYPTION_CREDENTIALS
- The AWS KMS key used to encrypt the table in inaccessible.
Table operations may fail due to failure to use the AWS KMS
key. DynamoDB will initiate the table archival process when
a table's AWS KMS key remains inaccessible for more than seven
days. \n * ARCHIVING - The table is being archived. Operations
are not allowed until archival is complete. \n * ARCHIVED
- The table has been archived. See the ArchivalReason for more
\ information."
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: instances.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Instance
listKind: InstanceList
plural: instances
singular: instance
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: ID
type: string
- jsonPath: .status.atProvider.state
name: STATE
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: Instance is a managed resource that represents a specified number
of AWS EC2 Instance
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: An InstanceSpec defines the desired state of Instances.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: InstanceParameters define the desired state of the Instances
properties:
ElasticGpuSpecification:
description: An elastic GPU to associate with the instance. An
Elastic GPU is a GPU resource that you can attach to your Windows
instance to accelerate the graphics performance of your applications.
For more information, see Amazon EC2 Elastic GPUs (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html)
in the Amazon Elastic Compute Cloud User Guide.
items:
description: ElasticGPUSpecification is a specification for
an Elastic Graphics accelerator.
properties:
type:
description: "The type of Elastic Graphics accelerator.
For more information about the values to specify for Type,
see Elastic Graphics Basics (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html#elastic-graphics-basics),
specifically the Elastic Graphics accelerator column,
in the Amazon Elastic Compute Cloud User Guide for Windows
Instances. \n Type is a required field"
type: string
required:
- type
type: object
type: array
blockDeviceMappings:
description: The block device mapping entries.
items:
description: BlockDeviceMapping describes a block device mapping.
properties:
deviceName:
description: The device name (for example, /dev/sdh or xvdh).
type: string
ebs:
description: Parameters used to automatically set up EBS
volumes when the instance is launched.
properties:
deleteOnTermination:
description: Indicates whether the EBS volume is deleted
on instance termination. For more information, see
Preserving Amazon EBS Volumes on Instance Termination
(https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination)
in the Amazon Elastic Compute Cloud User Guide.
type: boolean
encrypted:
description: "Indicates whether the encryption state
of an EBS volume is changed while being restored from
a backing snapshot. The effect of setting the encryption
state to true depends on the volume origin (new or
from a snapshot), starting encryption state, ownership,
and whether encryption by default is enabled. For
more information, see Amazon EBS Encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters)
in the Amazon Elastic Compute Cloud User Guide. \n
In no case can you remove encryption from an encrypted
volume. \n Encrypted volumes can only be attached
to instances that support Amazon EBS encryption. For
more information, see Supported Instance Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances).
\n This parameter is not returned by ."
type: boolean
iops:
description: "The number of I/O operations per second
(IOPS) that the volume supports. For io1 volumes,
this represents the number of IOPS that are provisioned
for the volume. For gp2 volumes, this represents the
baseline performance of the volume and the rate at
which the volume accumulates I/O credits for bursting.
For more information, see Amazon EBS Volume Types
(https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html)
in the Amazon Elastic Compute Cloud User Guide. \n
Constraints: Range is 100-16,000 IOPS for gp2 volumes
and 100 to 64,000IOPS for io1 volumes in most Regions.
Maximum io1 IOPS of 64,000 is guaranteed only on Nitro-based
instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances).
Other instance families guarantee performance up to
32,000 IOPS. For more information, see Amazon EBS
Volume Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html)
in the Amazon Elastic Compute Cloud User Guide. \n
Condition: This parameter is required for requests
to create io1 volumes; it is not used in requests
to create gp2, st1, sc1, or standard volumes."
format: int32
type: integer
kmsKeyId:
description: "Identifier (key ID, key alias, ID ARN,
or alias ARN) for a customer managed CMK under which
the EBS volume is encrypted. \n This parameter is
only supported on BlockDeviceMapping objects called
by RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html),
RequestSpotFleet (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html),
and RequestSpotInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotInstances.html)."
type: string
snapshotId:
description: The ID of the snapshot.
type: string
volumeSize:
description: "The size of the volume, in GiB. \n Default:
If you're creating the volume from a snapshot and
don't specify a volume size, the default is the snapshot
size. \n Constraints: 1-16384 for General Purpose
SSD (gp2), 4-16384 for Provisioned IOPS SSD (io1),
500-16384 for Throughput Optimized HDD (st1), 500-16384
for Cold HDD (sc1), and 1-1024 for Magnetic (standard)
volumes. If you specify a snapshot, the volume size
must be equal to or larger than the snapshot size."
format: int32
type: integer
volumeType:
description: "The volume type. If you set the type to
io1, you must also specify the Iops parameter. If
you set the type to gp2, st1, sc1, or standard, you
must omit the Iops parameter. \n Default: gp2"
type: string
required:
- deleteOnTermination
- encrypted
- iops
- kmsKeyId
- snapshotId
- volumeSize
- volumeType
type: object
noDevice:
description: Suppresses the specified device included in
the block device mapping of the AMI.
type: string
virtualName:
description: "The virtual device name (ephemeralN). Instance
store volumes are numbered starting from 0. An instance
type with 2 available instance store volumes can specify
mappings for ephemeral0 and ephemeral1. The number of
available instance store volumes depends on the instance
type. After you connect to the instance, you must mount
the volume. \n NVMe instance store volumes are automatically
enumerated and assigned a device name. Including them
in your block device mapping has no effect. \n Constraints:
For M3 instances, you must specify instance store volumes
in the block device mapping for the instance. When you
launch an M3 instance, we ignore any instance store volumes
specified in the block device mapping for the AMI."
type: string
required:
- deviceName
- ebs
- noDevice
- virtualName
type: object
type: array
capacityReservationSpecification:
description: Information about the Capacity Reservation targeting
option. If you do not specify this parameter, the instance's
Capacity Reservation preference defaults to open, which enables
it to run in any open Capacity Reservation that has matching
attributes (instance type, platform, Availability Zone).
properties:
capacityReservationTarget:
description: Information about the target Capacity Reservation.
properties:
capacityReservationId:
description: The ID of the Capacity Reservation.
type: string
type: object
capacityReservationsPreference:
description: "Indicates the instance's Capacity Reservation
preferences. Possible preferences include: \n * open
- The instance can run in any open Capacity Reservation
that has matching attributes (instance type, platform,
Availability Zone). \n * none - The instance avoids running
in a Capacity Reservation even if one is available. The
instance runs as an On-Demand Instance."
enum:
- open
- none
type: string
required:
- capacityReservationsPreference
type: object
clientToken:
description: "Unique, case-sensitive identifier you provide to
ensure the idempotency of the request. If you do not specify
a client token, a randomly generated token is used for the request
to ensure idempotency. \n For more information, see Ensuring
Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html).
\n Constraints: Maximum 64 ASCII characters"
type: string
cpuOptions:
description: The CPU options for the instance. For more information,
see Optimizing CPU Options (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html)
in the Amazon Elastic Compute Cloud User Guide.
properties:
coreCount:
description: The number of CPU cores for the instance.
format: int32
type: integer
threadsPerCore:
description: The number of threads per CPU core. To disable
multithreading for the instance, specify a value of 1. Otherwise,
specify the default value of 2.
format: int32
type: integer
required:
- coreCount
- threadsPerCore
type: object
creditSpecification:
description: "The credit option for CPU usage of the burstable
performance instance. Valid values are standard and unlimited.
To change this attribute after launch, use ModifyInstanceCreditSpecification
(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html).
For more information, see Burstable Performance Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html)
in the Amazon Elastic Compute Cloud User Guide. \n Default:
standard (T2 instances) or unlimited (T3/T3a instances)"
properties:
cpuCredits:
description: "The credit option for CPU usage of a T2 or T3
instance. Valid values are standard and unlimited. \n CPUCredits
is a required field"
type: string
required:
- cpuCredits
type: object
disableAPITermination:
description: "If you set this parameter to true, you can't terminate
the instance using the Amazon EC2 console, CLI, or API; otherwise,
you can. To change this attribute after launch, use ModifyInstanceAttribute
(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceAttribute.html).
Alternatively, if you set InstanceInitiatedShutdownBehavior
to terminate, you can terminate the instance by running the
shutdown command from the instance. \n Default: false"
type: boolean
ebsOptimized:
description: "Indicates whether the instance is optimized for
Amazon EBS I/O. This optimization provides dedicated throughput
to Amazon EBS and an optimized configuration stack to provide
optimal Amazon EBS I/O performance. This optimization isn't
available with all instance types. Additional usage charges
apply when using an EBS-optimized instance. \n Default: false"
type: boolean
elasticInferenceAccelerators:
description: "An elastic inference accelerator to associate with
the instance. Elastic inference accelerators are a resource
you can attach to your Amazon EC2 instances to accelerate your
Deep Learning (DL) inference workloads. \n You cannot specify
accelerators from different generations in the same request."
items:
description: ElasticInferenceAccelerator describes an elastic
inference accelerator.
properties:
count:
description: "The number of elastic inference accelerators
to attach to the instance. \n Default: 1"
format: int32
type: integer
type:
description: "The type of elastic inference accelerator.
The possible values are eia1.medium, eia1.large, and eia1.xlarge.
\n Type is a required field"
type: string
required:
- type
type: object
type: array
hibernationOptions:
description: Indicates whether an instance is enabled for hibernation.
For more information, see Hibernate Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html)
in the Amazon Elastic Compute Cloud User Guide.
properties:
configured:
description: "If you set this parameter to true, your instance
is enabled for hibernation. \n Default: false"
type: boolean
type: object
iamInstanceProfile:
description: The IAM instance profile.
properties:
arn:
description: The Amazon Resource Name (ARN) of the instance
profile.
type: string
name:
description: The name of the instance profile.
type: string
type: object
imageId:
description: The ID of the AMI. An AMI ID is required to launch
an instance and must be specified here or in a launch template.
type: string
instanceInitiatedShutdownBehavior:
description: "Indicates whether an instance stops or terminates
when you initiate shutdown from the instance (using the operating
system command for system shutdown). \n Default: stop"
type: string
instanceMarketOptions:
description: "The market (purchasing) option for the instances.
\n For RunInstances, persistent Spot Instance requests are only
supported when InstanceInterruptionBehavior is set to either
hibernate or stop."
properties:
marketType:
description: The market type.
type: string
spotOptions:
description: The options for Spot Instances.
properties:
blockDurationMinutes:
description: The required duration for the Spot Instances
(also known as Spot blocks), in minutes. This value
must be a multiple of 60 (60, 120, 180, 240, 300, or
360).
format: int32
type: integer
instanceInterruptionBehavior:
description: The behavior when a Spot Instance is interrupted.
The default is terminate.
type: string
maxPrice:
description: The maximum hourly price you're willing to
pay for the Spot Instances. The default is the On-Demand
price.
type: string
spotInstanceType:
description: The Spot Instance request type. For RunInstances
(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances),
persistent Spot Instance requests are only supported
when InstanceInterruptionBehavior is set to either hibernate
or stop.
enum:
- one-time
- persistent
type: string
validUntil:
description: The end date of the request. For a one-time
request, the request remains active until all instances
launch, the request is canceled, or this date is reached.
If the request is persistent, it remains active until
it is canceled or this date and time is reached. The
default end date is 7 days from the current date. Must
be in UTC format (YYYY-MM-DDTHH:MM:SSZ)
format: date-time
type: string
required:
- blockDurationMinutes
- instanceInterruptionBehavior
- maxPrice
- spotInstanceType
- validUntil
type: object
required:
- marketType
- spotOptions
type: object
instanceType:
description: "The instance type. For more information, see Instance
Types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html)
in the Amazon Elastic Compute Cloud User Guide. \n Default:
m1.small"
type: string
ipv6AddressCount:
description: "[EC2-VPC] The number of IPv6 addresses to associate
with the primary network interface. Amazon EC2 chooses the IPv6
addresses from the range of your subnet. You cannot specify
this option and the option to assign specific IPv6 addresses
in the same request. You can specify this option if you've specified
a minimum number of instances to launch. \n You cannot specify
this option and the network interfaces option in the same request."
format: int32
type: integer
ipv6Addresses:
description: "[EC2-VPC] The IPv6 addresses from the range of the
subnet to associate with the primary network interface. You
cannot specify this option and the option to assign a number
of IPv6 addresses in the same request. You cannot specify this
option if you've specified a minimum number of instances to
launch. \n You cannot specify this option and the network interfaces
option in the same request."
items:
description: InstanceIPv6Address describes an IPv6 address.
properties:
ipv6Address:
description: The IPv6 address.
type: string
required:
- ipv6Address
type: object
type: array
kernelId:
description: "The ID of the kernel. \n AWS recommends that you
use PV-GRUB instead of kernels and RAM disks. For more information,
see PV-GRUB (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html)
in the Amazon Elastic Compute Cloud User Guide."
type: string
keyName:
description: "The name of the key pair. You can create a key pair
using CreateKeyPair (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html)
or ImportKeyPair (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html).
\n If you do not specify a key pair, you can't connect to the
instance unless you choose an AMI that is configured to allow
users another way to log in."
type: string
launchTemplate:
description: The launch template to use to launch the instances.
Any parameters that you specify in RunInstances override the
same parameters in the launch template. You can specify either
the name or ID of a launch template, but not both.
properties:
launchTemplateId:
description: The ID of the launch template.
type: string
launchTemplateName:
description: The name of the launch template.
type: string
version:
description: "The version number of the launch template. \n
Default: The default version for the launch template."
type: string
required:
- launchTemplateId
- launchTemplateName
type: object
licenseSpecifications:
description: The Amazon Resource Name (ARN) of the license configuration
items:
description: LicenseConfigurationRequest describes a license
configuration
properties:
licenseConfigurationArn:
description: Amazon Resource Name (ARN) of the license configuration
type: string
required:
- licenseConfigurationArn
type: object
type: array
metadataOptions:
description: The metadata options for the instance. For more information,
see Instance Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html).
properties:
httpEndpoint:
description: "This parameter enables or disables the HTTP
metadata endpoint on your instances. If the parameter is
not specified, the default state is enabled. \n If you specify
a value of disabled, you will not be able to access your
instance metadata."
enum:
- enabled
- disabled
type: string
httpPutResponseHopLimit:
description: "The desired HTTP PUT response hop limit for
instance metadata requests. The larger the number, the further
instance metadata requests can travel. \n Default: 1 \n
Possible values: Integers from 1 to 64"
format: int32
type: integer
httpTokens:
description: "The state of token usage for your instance metadata
requests. If the parameter is not specified in the request,
the default state is optional. \n If the state is optional,
you can choose to retrieve instance metadata with or without
a signed token header on your request. If you retrieve the
IAM role credentials without a token, the version 1.0 role
credentials are returned. If you retrieve the IAM role credentials
using a valid signed token, the version 2.0 role credentials
are returned. \n If the state is required, you must send
a signed token header with any instance metadata retrieval
requests. In this state, retrieving the IAM role credentials
always returns the version 2.0 credentials; the version
1.0 credentials are not available."
enum:
- optional
- required
type: string
required:
- httpTokens
type: object
monitoring:
description: Specifies whether detailed monitoring is enabled
for the instance.
properties:
enabled:
description: "Indicates whether detailed monitoring is enabled.
Otherwise, basic monitoring is enabled. \n Enabled is a
required field"
type: boolean
required:
- enabled
type: object
networkInterfaces:
description: The network interfaces to associate with the instance.
If you specify a network interface, you must specify any security
groups and subnets as part of the network interface.
items:
description: InstanceNetworkInterfaceSpecification describes
a network interface.
properties:
associatePublicIpAddress:
description: Indicates whether to assign a public IPv4 address
to an instance you launch in a VPC. The public IP address
can only be assigned to a network interface for eth0,
and can only be assigned to a new network interface, not
an existing one. You cannot specify more than one network
interface in the request. If launching into a default
subnet, the default value is true.
type: boolean
deleteOnTermination:
description: If set to true, the interface is deleted when
the instance is terminated. You can specify true only
if creating a new network interface when launching an
instance.
type: boolean
description:
description: The description of the network interface. Applies
only if creating a network interface when launching an
instance.
type: string
deviceIndex:
description: "The position of the network interface in the
attachment order. A primary network interface has a device
index of 0. \n If you specify a network interface when
launching an instance, you must specify the device index."
format: int32
type: integer
groups:
description: The IDs of the security groups for the network
interface. Applies only if creating a network interface
when launching an instance.
items:
type: string
type: array
interfaceType:
description: "The type of network interface. To create an
Elastic Fabric Adapter (EFA), specify efa. For more information,
see Elastic Fabric Adapter (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html)
in the Amazon Elastic Compute Cloud User Guide. \n If
you are not creating an EFA, specify interface or omit
this parameter. \n Valid values: interface | efa"
enum:
- interface
- efa
type: string
ipv6AddressCount:
description: A number of IPv6 addresses to assign to the
network interface. Amazon EC2 chooses the IPv6 addresses
from the range of the subnet. You cannot specify this
option and the option to assign specific IPv6 addresses
in the same request. You can specify this option if you've
specified a minimum number of instances to launch.
format: int32
type: integer
ipv6Addresses:
description: One or more IPv6 addresses to assign to the
network interface. You cannot specify this option and
the option to assign a number of IPv6 addresses in the
same request. You cannot specify this option if you've
specified a minimum number of instances to launch.
items:
description: InstanceIPv6Address describes an IPv6 address.
properties:
ipv6Address:
description: The IPv6 address.
type: string
required:
- ipv6Address
type: object
type: array
networkInterfaceId:
description: "The ID of the network interface. \n If you
are creating a Spot Fleet, omit this parameter because
you can’t specify a network interface ID in a launch specification."
type: string
privateIpAddress:
description: The private IPv4 address of the network interface.
Applies only if creating a network interface when launching
an instance. You cannot specify this option if you're
launching more than one instance in a RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html)
request.
type: string
privateIpAddresses:
description: One or more private IPv4 addresses to assign
to the network interface. Only one private IPv4 address
can be designated as primary. You cannot specify this
option if you're launching more than one instance in a
RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html)
request.
items:
description: PrivateIPAddressSpecification describes a
secondary private IPv4 address for a network interface.
properties:
primary:
description: Indicates whether the private IPv4 address
is the primary private IPv4 address. Only one IPv4
address can be designated as primary.
type: boolean
privateIPAddress:
description: The private IPv4 addresses.
type: string
required:
- privateIPAddress
type: object
type: array
secondaryPrivateIpAddressCount:
description: The number of secondary private IPv4 addresses.
You can't specify this option and specify more than one
private IP address using the private IP addresses option.
You cannot specify this option if you're launching more
than one instance in a RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html)
request.
format: int32
type: integer
subnetId:
description: The ID of the subnet associated with the network
interface. Applies only if creating a network interface
when launching an instance.
type: string
required:
- deviceIndex
- groups
- interfaceType
type: object
type: array
placement:
description: The placement for the instance.
properties:
affinity:
description: "The affinity setting for the instance on the
Dedicated Host. This parameter is not supported for the
ImportInstance (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html)
command. \n This parameter is not supported by CreateFleet
(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet)."
type: string
availabilityZone:
description: "The Availability Zone of the instance. \n If
not specified, an Availability Zone will be automatically
chosen for you based on the load balancing criteria for
the Region. \n This parameter is not supported by CreateFleet
(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet)."
type: string
groupName:
description: The name of the placement group the instance
is in.
type: string
hostId:
description: "The ID of the Dedicated Host on which the instance
resides. This parameter is not supported for the ImportInstance
(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html)
command. \n This parameter is not supported by CreateFleet
(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet)."
type: string
hostResourceGroupArn:
description: "The ARN of the host resource group in which
to launch the instances. If you specify a host resource
group ARN, omit the Tenancy parameter or set it to host.
\n This parameter is not supported by CreateFleet (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet)."
type: string
partitionNumber:
description: "The number of the partition the instance is
in. Valid only if the placement group strategy is set to
partition. \n This parameter is not supported by CreateFleet
(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet)."
format: int32
type: integer
spreadDomain:
description: "Reserved for future use. \n This parameter is
not supported by CreateFleet (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet)."
type: string
tenancy:
description: "The tenancy of the instance (if the instance
is running in a VPC). An instance with a tenancy of dedicated
runs on single-tenant hardware. The host tenancy is not
supported for the ImportInstance (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html)
command. \n This parameter is not supported by CreateFleet
(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet)."
type: string
required:
- groupName
type: object
privateIpAddress:
description: "[EC2-VPC] The primary IPv4 address. You must specify
a value from the IPv4 address range of the subnet. \n Only one
private IP address can be designated as primary. You can't specify
this option if you've specified the option to designate a private
IP address as the primary IP address in a network interface
specification. You cannot specify this option if you're launching
more than one instance in the request. \n You cannot specify
this option and the network interfaces option in the same request."
type: string
ramDiskId:
description: "The ID of the RAM disk to select. Some kernels require
additional drivers at launch. Check the kernel requirements
for information about whether you need to specify a RAM disk.
To find kernel requirements, go to the AWS Resource Center and
search for the kernel ID. \n AWS recommends that you use PV-GRUB
instead of kernels and RAM disks. For more information, see
PV-GRUB (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html)
in the Amazon Elastic Compute Cloud User Guide."
type: string
region:
description: Region is the region you'd like your Instance to
be created in.
type: string
securityGroupIds:
description: "The IDs of the security groups. You can create a
security group using CreateSecurityGroup (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSecurityGroup.html).
\n If you specify a network interface, you must specify any
security groups as part of the network interface."
items:
type: string
type: array
securityGroupRefs:
description: SecurityGroupsRefs is a list of references to SecurityGroups
used to set the SecurityGroupIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
securityGroupSelector:
description: SecurityGroupsSelector selects references to SecurityGroups
used to set the SecurityGroupIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
subnetId:
description: "[EC2-VPC] The ID of the subnet to launch the instance
into. \n If you specify a network interface, you must specify
any subnets as part of the network interface."
type: string
subnetIdRef:
description: SubnetIDRef is a reference to a Subnet used to set
the SubnetID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
subnetIdSelector:
description: SubnetIDSelector selects a reference to a Subnet
used to set the SubnetID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
tagSpecifications:
description: The tags to apply to the resources during launch.
You can only tag instances and volumes on launch. The specified
tags are applied to all instances or volumes that are created
during launch. To tag a resource after it has been created,
see CreateTags (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html).
items:
description: TagSpecification defines the tags to apply to a
resource when the resource is being created.
properties:
resourceType:
description: "The type of resource to tag. Currently, the
resource types that support tagging on creation are: capacity-reservation
| client-vpn-endpoint | dedicated-host | fleet | fpga-image
| instance | ipv4pool-ec2 | ipv6pool-ec2 | key-pair |
launch-template | natgateway | spot-fleet-request | placement-group
| snapshot | traffic-mirror-filter | traffic-mirror-session
| traffic-mirror-target | transit-gateway | transit-gateway-attachment
| transit-gateway-route-table | vpc-endpoint (for interface
VPC endpoints)| vpc-endpoint-service (for gateway VPC
endpoints) | volume | vpc-flow-log. \n To tag a resource
after it has been created, see CreateTags (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html)."
enum:
- capacity-reservation
- client-vpn-endpoint
- dedicated-host
- fleet
- fpga-image
- instance
- ipv4pool-ec2
- ipv6pool-ec2
- key-pair
- launch-template
- natgateway
- spot-fleet-request
- placement-group
- snapshot
- traffic-mirror-filter
- traffic-mirror-session
- traffic-mirror-target
- transit-gateway
- transit-gateway-attachment
- transit-gateway-route-table
- vpc-endpoint
- vpc-endpoint-service
- volume
- vpc-flow-log
type: string
tags:
description: The tags to apply to the resource
items:
description: Tag defines a tag
properties:
key:
description: Key is the name of the tag.
type: string
value:
description: Value is the value of the tag.
type: string
required:
- key
- value
type: object
type: array
required:
- resourceType
- tags
type: object
type: array
tags:
description: Tags are used as identification helpers between AWS
resources.
items:
description: Tag defines a tag
properties:
key:
description: Key is the name of the tag.
type: string
value:
description: Value is the value of the tag.
type: string
required:
- key
- value
type: object
type: array
userData:
description: The user data to make available to the instance.
For more information, see Running Commands on Your Linux Instance
at Launch (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html)
(Linux) and Adding User Data (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-instance-metadata.html#instancedata-add-user-data)
(Windows). If you are using a command line tool, base64-encoding
is performed for you, and you can load the text from a file.
Otherwise, you must provide base64-encoded text. User data is
limited to 16 KB.
pattern: ^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$
type: string
required:
- imageId
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An InstanceStatus represents the observed state of Instances.
properties:
atProvider:
description: InstanceObservation keeps the state for the external
resource. The below fields follow the Instance response object as
closely as possible.
properties:
amiLaunchIndex:
format: int32
type: integer
architecture:
type: string
blockDeviceMapping:
items:
description: InstanceBlockDeviceMapping describes a block device
mapping.
properties:
deviceName:
description: The device name (for example, /dev/sdh or xvdh).
type: string
ebs:
description: Parameters used to automatically set up EBS
volumes when the instance is launched.
properties:
attachTime:
description: The time stamp when the attachment initiated.
format: date-time
type: string
deleteOnTermination:
description: Indicates whether the volume is deleted
on instance termination.
type: boolean
status:
description: The attachment state.
type: string
volumeId:
description: The ID of the EBS volume.
type: string
required:
- attachTime
- deleteOnTermination
- status
- volumeId
type: object
required:
- deviceName
- ebs
type: object
type: array
capacityReservationId:
type: string
capacityReservationSpecification:
description: CapacityReservationSpecificationResponse describes
the instance's Capacity Reservation targeting preferences. The
action returns the capacityReservationPreference response element
if the instance is configured to run in On-Demand capacity,
or if it is configured in run in any open Capacity Reservation
that has matching attributes (instance type, platform, Availability
Zone). The action returns the capacityReservationTarget response
element if the instance explicily targets a specific Capacity
Reservation.
properties:
capacityReservationPreference:
description: "Describes the instance's Capacity Reservation
preferences. Possible preferences include: \n * open
- The instance can run in any open Capacity Reservation
that has matching attributes (instance type, platform,
Availability Zone). \n * none - The instance avoids running
in a Capacity Reservation even if one is available. The
instance runs in On-Demand capacity."
type: string
capacityReservationTarget:
description: Information about the targeted Capacity Reservation.
properties:
capacityReservationId:
description: The ID of the Capacity Reservation.
type: string
type: object
required:
- capacityReservationPreference
type: object
clientToken:
type: string
cpuOptions:
description: CPUOptionsRequest defines the options for the instance.
Both the core count and threads per core must be specified in
the request.
properties:
coreCount:
description: The number of CPU cores for the instance.
format: int32
type: integer
threadsPerCore:
description: The number of threads per CPU core. To disable
multithreading for the instance, specify a value of 1. Otherwise,
specify the default value of 2.
format: int32
type: integer
required:
- coreCount
- threadsPerCore
type: object
ebs:
type: string
ebsOptimized:
type: boolean
elasticGpuAssociation:
items:
description: ElasticGPUAssociation describes the association
between an instance and an Elastic Graphics accelerator.
properties:
elasticGpuAssociationId:
description: The ID of the association.
type: string
elasticGpuAssociationState:
description: The state of the association between the instance
and the Elastic Graphics accelerator.
type: string
elasticGpuAssociationTime:
description: The time the Elastic Graphics accelerator was
associated with the instance.
type: string
elasticGpuId:
description: The ID of the Elastic Graphics accelerator.
type: string
required:
- elasticGpuAssociationId
- elasticGpuAssociationState
- elasticGpuAssociationTime
- elasticGpuId
type: object
type: array
elasticInferenceAcceleratorAssociations:
items:
description: ElasticInferenceAcceleratorAssociation describes
the association between an instance and an elastic inference
accelerator.
properties:
elasticInferenceAcceleratorArn:
description: The Amazon Resource Name (ARN) of the elastic
inference accelerator.
type: string
elasticInferenceAcceleratorAssociationId:
description: The ID of the association.
type: string
elasticInferenceAcceleratorAssociationState:
description: The state of the elastic inference accelerator.
type: string
elasticInferenceAcceleratorAssociationTime:
description: The time at which the elastic inference accelerator
is associated with an instance.
format: date-time
type: string
required:
- elasticInferenceAcceleratorArn
- elasticInferenceAcceleratorAssociationId
- elasticInferenceAcceleratorAssociationState
- elasticInferenceAcceleratorAssociationTime
type: object
type: array
enaSupport:
type: boolean
hibernationOptions:
description: HibernationOptionsRequest indicates whether your
instance is configured for hibernation. This parameter is valid
only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites).
For more information, see Hibernate Your Instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html)
in the Amazon Elastic Compute Cloud User Guide.
properties:
configured:
description: "If you set this parameter to true, your instance
is enabled for hibernation. \n Default: false"
type: boolean
type: object
hypervisor:
type: string
iamInstanceProfile:
description: IAMInstanceProfile Describes an IAM instance profile.
properties:
arn:
description: The Amazon Resource Name (ARN) of the instance
profile.
type: string
id:
description: The ID of the instance profile.
type: string
required:
- arn
- id
type: object
imageId:
type: string
instanceId:
type: string
instanceLifecyle:
type: string
instanceType:
type: string
kernelId:
type: string
launchTime:
format: date-time
type: string
licenseSet:
items:
description: LicenseConfigurationRequest describes a license
configuration
properties:
licenseConfigurationArn:
description: Amazon Resource Name (ARN) of the license configuration
type: string
required:
- licenseConfigurationArn
type: object
type: array
metadataOptions:
description: InstanceMetadataOptionsRequest defines the metadata
options for the instance.
properties:
httpEndpoint:
description: "This parameter enables or disables the HTTP
metadata endpoint on your instances. If the parameter is
not specified, the default state is enabled. \n If you specify
a value of disabled, you will not be able to access your
instance metadata."
enum:
- enabled
- disabled
type: string
httpPutResponseHopLimit:
description: "The desired HTTP PUT response hop limit for
instance metadata requests. The larger the number, the further
instance metadata requests can travel. \n Default: 1 \n
Possible values: Integers from 1 to 64"
format: int32
type: integer
httpTokens:
description: "The state of token usage for your instance metadata
requests. If the parameter is not specified in the request,
the default state is optional. \n If the state is optional,
you can choose to retrieve instance metadata with or without
a signed token header on your request. If you retrieve the
IAM role credentials without a token, the version 1.0 role
credentials are returned. If you retrieve the IAM role credentials
using a valid signed token, the version 2.0 role credentials
are returned. \n If the state is required, you must send
a signed token header with any instance metadata retrieval
requests. In this state, retrieving the IAM role credentials
always returns the version 2.0 credentials; the version
1.0 credentials are not available."
enum:
- optional
- required
type: string
required:
- httpTokens
type: object
monitoring:
description: Monitoring describes the monitoring of an instance.
properties:
state:
description: Indicates whether detailed monitoring is enabled.
Otherwise, basic monitoring is enabled.
type: string
required:
- state
type: object
networkInterfaces:
items:
description: InstanceNetworkInterface describes a network interface.
properties:
association:
description: The association information for an Elastic
IPv4 associated with the network interface.
properties:
ipOwnerId:
description: The ID of the owner of the Elastic IP address.
type: string
publicDnsName:
description: The public DNS name.
type: string
publicIp:
description: The public IP address or Elastic IP address
bound to the network interface.
type: string
type: object
attachment:
description: The network interface attachment.
properties:
attachTime:
description: The time stamp when the attachment initiated.
format: date-time
type: string
attachmentId:
description: The ID of the network interface attachment.
type: string
deleteOnTermination:
description: Indicates whether the network interface
is deleted when the instance is terminated.
type: boolean
deviceIndex:
description: The index of the device on the instance
for the network interface attachment.
format: int32
type: integer
status:
description: The attachment state.
type: string
type: object
description:
description: The description.
type: string
groups:
description: One or more security groups.
items:
description: GroupIdentifier describes a security group
properties:
groupId:
description: GroupID is the security group identifier
type: string
groupName:
description: GroupName is the name of the security
group
type: string
required:
- groupId
- groupName
type: object
type: array
interfaceType:
description: "Describes the type of network interface. \n
Valid values: interface | efa"
type: string
ipv6Addresses:
description: One or more IPv6 addresses associated with
the network interface.
items:
description: InstanceIPv6Address describes an IPv6 address.
properties:
ipv6Address:
description: The IPv6 address.
type: string
required:
- ipv6Address
type: object
type: array
macAddress:
description: The MAC address.
type: string
networkInterfaceId:
description: The ID of the network interface.
type: string
ownerId:
description: The ID of the AWS account that created the
network interface.
type: string
privateDnsName:
description: The private DNS name.
type: string
privateIpAddress:
description: The IPv4 address of the network interface within
the subnet.
type: string
privateIpAddresses:
description: One or more private IPv4 addresses associated
with the network interface.
items:
description: InstancePrivateIPAddress describes a private
IPv4 address.
properties:
association:
description: The association information for an Elastic
IP address for the network interface.
properties:
ipOwnerId:
description: The ID of the owner of the Elastic
IP address.
type: string
publicDnsName:
description: The public DNS name.
type: string
publicIp:
description: The public IP address or Elastic
IP address bound to the network interface.
type: string
type: object
primary:
description: Indicates whether this IPv4 address is
the primary private IP address of the network interface.
type: boolean
privateDnsName:
description: The private IPv4 DNS name.
type: string
privateIpAddress:
description: The private IPv4 address of the network
interface.
type: string
required:
- association
- primary
- privateDnsName
- privateIpAddress
type: object
type: array
sourceDestCheck:
description: Indicates whether to validate network traffic
to or from this network interface.
type: boolean
status:
description: The status of the network interface.
type: string
subnetId:
description: The ID of the subnet.
type: string
vpcId:
description: The ID of the VPC.
type: string
required:
- status
type: object
type: array
outpostArn:
type: string
placement:
description: Placement describes the placement of an instance.
properties:
affinity:
description: "The affinity setting for the instance on the
Dedicated Host. This parameter is not supported for the
ImportInstance (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html)
command. \n This parameter is not supported by CreateFleet
(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet)."
type: string
availabilityZone:
description: "The Availability Zone of the instance. \n If
not specified, an Availability Zone will be automatically
chosen for you based on the load balancing criteria for
the Region. \n This parameter is not supported by CreateFleet
(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet)."
type: string
groupName:
description: The name of the placement group the instance
is in.
type: string
hostId:
description: "The ID of the Dedicated Host on which the instance
resides. This parameter is not supported for the ImportInstance
(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html)
command. \n This parameter is not supported by CreateFleet
(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet)."
type: string
hostResourceGroupArn:
description: "The ARN of the host resource group in which
to launch the instances. If you specify a host resource
group ARN, omit the Tenancy parameter or set it to host.
\n This parameter is not supported by CreateFleet (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet)."
type: string
partitionNumber:
description: "The number of the partition the instance is
in. Valid only if the placement group strategy is set to
partition. \n This parameter is not supported by CreateFleet
(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet)."
format: int32
type: integer
spreadDomain:
description: "Reserved for future use. \n This parameter is
not supported by CreateFleet (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet)."
type: string
tenancy:
description: "The tenancy of the instance (if the instance
is running in a VPC). An instance with a tenancy of dedicated
runs on single-tenant hardware. The host tenancy is not
supported for the ImportInstance (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html)
command. \n This parameter is not supported by CreateFleet
(https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet)."
type: string
required:
- groupName
type: object
platform:
type: string
privateDnsName:
type: string
privateIpAddress:
type: string
productCodes:
items:
description: ProductCode describes a product code.
properties:
productCodeId:
description: The product code.
type: string
productCodeType:
description: The type of product code.
type: string
required:
- productCodeId
- productCodeType
type: object
type: array
publicDnsName:
type: string
publicIpAddress:
type: string
ramDiskId:
type: string
rootDeviceType:
type: string
securityGroups:
items:
description: GroupIdentifier describes a security group
properties:
groupId:
description: GroupID is the security group identifier
type: string
groupName:
description: GroupName is the name of the security group
type: string
required:
- groupId
- groupName
type: object
type: array
sourceDestCheck:
type: boolean
spotInstanceId:
type: string
sriovNetSupport:
type: string
state:
type: string
stateReason:
description: StateReason describes a state change.
properties:
code:
description: The reason code for the state change.
type: string
message:
description: "The message for the state change. \n * Server.InsufficientInstanceCapacity:
There was insufficient capacity available to satisfy
the launch request. \n * Server.InternalError: An internal
error caused the instance to terminate during launch.
\n * Server.ScheduledStop: The instance was stopped due
to a scheduled retirement. \n * Server.SpotInstanceShutdown:
The instance was stopped because the number of Spot requests
with a maximum price equal to or higher than the Spot price
exceeded available capacity or because of an increase in
the Spot price. \n * Server.SpotInstanceTermination:
The instance was terminated because the number of Spot
requests with a maximum price equal to or higher than the
Spot price exceeded available capacity or because of an
increase in the Spot price. \n * Client.InstanceInitiatedShutdown:
The instance was shut down using the shutdown -h command
from the instance. \n * Client.InstanceTerminated: The
instance was terminated or rebooted during AMI creation.
\n * Client.InternalError: A client error caused the
instance to terminate during launch. \n * Client.InvalidSnapshot.NotFound:
The specified snapshot was not found. \n * Client.UserInitiatedHibernate:
Hibernation was initiated on the instance. \n * Client.UserInitiatedShutdown:
The instance was shut down using the Amazon EC2 API.
\n * Client.VolumeLimitExceeded: The limit on the number
of EBS volumes or total storage was exceeded. Decrease
usage or request an increase in your account limits."
type: string
required:
- code
- message
type: object
stateTransitionReason:
type: string
subnetId:
type: string
tags:
items:
description: Tag defines a tag
properties:
key:
description: Key is the name of the tag.
type: string
value:
description: Value is the value of the tag.
type: string
required:
- key
- value
type: object
type: array
virualizationType:
type: string
vpcId:
type: string
required:
- architecture
- instanceType
- platform
- rootDeviceType
- state
- virualizationType
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: launchtemplates.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: LaunchTemplate
listKind: LaunchTemplateList
plural: launchtemplates
singular: launchtemplate
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: LaunchTemplate is the Schema for the LaunchTemplates API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: LaunchTemplateSpec defines the desired state of LaunchTemplate
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: LaunchTemplateParameters defines the desired state of
LaunchTemplate
properties:
launchTemplateData:
description: The information for the launch template.
properties:
blockDeviceMappings:
items:
properties:
deviceName:
type: string
ebs:
description: The parameters for a block device for an
EBS volume.
properties:
deleteOnTermination:
type: boolean
encrypted:
type: boolean
iops:
format: int64
type: integer
kmsKeyID:
type: string
snapshotID:
type: string
throughput:
format: int64
type: integer
volumeSize:
format: int64
type: integer
volumeType:
type: string
type: object
noDevice:
type: string
virtualName:
type: string
type: object
type: array
capacityReservationSpecification:
description: Describes an instance's Capacity Reservation
targeting option. You can specify only one option at a time.
Use the CapacityReservationPreference parameter to configure
the instance to run in On-Demand capacity or to run in any
open Capacity Reservation that has matching attributes (instance
type, platform, Availability Zone). Use the CapacityReservationTarget
parameter to explicitly target a specific Capacity Reservation
or a Capacity Reservation group.
properties:
capacityReservationPreference:
type: string
capacityReservationTarget:
description: Describes a target Capacity Reservation or
Capacity Reservation group.
properties:
capacityReservationID:
type: string
capacityReservationResourceGroupARN:
type: string
type: object
type: object
cpuOptions:
description: The CPU options for the instance. Both the core
count and threads per core must be specified in the request.
properties:
coreCount:
format: int64
type: integer
threadsPerCore:
format: int64
type: integer
type: object
creditSpecification:
description: The credit option for CPU usage of a T2, T3,
or T3a instance.
properties:
cpuCredits:
type: string
type: object
disableAPITermination:
type: boolean
ebsOptimized:
type: boolean
elasticGPUSpecifications:
items:
properties:
type_:
type: string
type: object
type: array
elasticInferenceAccelerators:
items:
properties:
count:
format: int64
type: integer
type_:
type: string
type: object
type: array
enclaveOptions:
description: Indicates whether the instance is enabled for
AWS Nitro Enclaves. For more information, see What is AWS
Nitro Enclaves? (https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html)
in the AWS Nitro Enclaves User Guide.
properties:
enabled:
type: boolean
type: object
hibernationOptions:
description: Indicates whether the instance is configured
for hibernation. This parameter is valid only if the instance
meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites).
properties:
configured:
type: boolean
type: object
iamInstanceProfile:
description: An IAM instance profile.
properties:
arn:
type: string
name:
type: string
type: object
imageID:
type: string
instanceInitiatedShutdownBehavior:
type: string
instanceMarketOptions:
description: The market (purchasing) option for the instances.
properties:
marketType:
type: string
spotOptions:
description: The options for Spot Instances.
properties:
blockDurationMinutes:
format: int64
type: integer
instanceInterruptionBehavior:
type: string
maxPrice:
type: string
spotInstanceType:
type: string
validUntil:
format: date-time
type: string
type: object
type: object
instanceType:
type: string
kernelID:
type: string
keyName:
type: string
licenseSpecifications:
items:
properties:
licenseConfigurationARN:
type: string
type: object
type: array
metadataOptions:
description: The metadata options for the instance. For more
information, see Instance Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html)
in the Amazon Elastic Compute Cloud User Guide.
properties:
httpEndpoint:
type: string
httpPutResponseHopLimit:
format: int64
type: integer
httpTokens:
type: string
type: object
monitoring:
description: Describes the monitoring for the instance.
properties:
enabled:
type: boolean
type: object
networkInterfaces:
items:
properties:
associateCarrierIPAddress:
type: boolean
associatePublicIPAddress:
type: boolean
deleteOnTermination:
type: boolean
description:
type: string
deviceIndex:
format: int64
type: integer
groups:
items:
type: string
type: array
interfaceType:
type: string
ipv6AddressCount:
format: int64
type: integer
ipv6Addresses:
items:
properties:
ipv6Address:
type: string
type: object
type: array
networkCardIndex:
format: int64
type: integer
networkInterfaceID:
type: string
privateIPAddress:
type: string
privateIPAddresses:
items:
properties:
primary:
type: boolean
privateIPAddress:
type: string
type: object
type: array
secondaryPrivateIPAddressCount:
format: int64
type: integer
subnetID:
type: string
type: object
type: array
placement:
description: Describes the placement of an instance.
properties:
affinity:
type: string
availabilityZone:
type: string
groupName:
type: string
hostID:
type: string
hostResourceGroupARN:
type: string
partitionNumber:
format: int64
type: integer
spreadDomain:
type: string
tenancy:
type: string
type: object
ramDiskID:
type: string
securityGroupIDs:
items:
type: string
type: array
securityGroups:
items:
type: string
type: array
tagSpecifications:
items:
properties:
resourceType:
type: string
tags:
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
type: object
type: array
userData:
type: string
type: object
launchTemplateName:
description: A name for the launch template.
type: string
region:
description: Region is which region the LaunchTemplate will be
created.
type: string
tagSpecifications:
description: The tags to apply to the launch template during creation.
items:
properties:
resourceType:
type: string
tags:
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
type: object
type: array
tags:
description: Metadata tagging key value pairs
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
versionDescription:
description: A description for the first version of the launch
template.
type: string
required:
- launchTemplateData
- launchTemplateName
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: LaunchTemplateStatus defines the observed state of LaunchTemplate.
properties:
atProvider:
description: LaunchTemplateObservation defines the observed state
of LaunchTemplate
properties:
launchTemplate:
description: Information about the launch template.
properties:
createTime:
format: date-time
type: string
createdBy:
type: string
defaultVersionNumber:
format: int64
type: integer
latestVersionNumber:
format: int64
type: integer
launchTemplateID:
type: string
launchTemplateName:
type: string
tags:
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
type: object
warning:
description: If the launch template contains parameters or parameter
combinations that are not valid, an error code and an error
message are returned for each issue that's found.
properties:
errors:
items:
properties:
code:
type: string
message:
type: string
type: object
type: array
type: object
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: launchtemplateversions.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: LaunchTemplateVersion
listKind: LaunchTemplateVersionList
plural: launchtemplateversions
singular: launchtemplateversion
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: LaunchTemplateVersion is the Schema for the LaunchTemplateVersions
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: LaunchTemplateVersionSpec defines the desired state of LaunchTemplateVersion
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: LaunchTemplateVersionParameters defines the desired state
of LaunchTemplateVersion
properties:
launchTemplateData:
description: The information for the launch template.
properties:
blockDeviceMappings:
items:
properties:
deviceName:
type: string
ebs:
description: The parameters for a block device for an
EBS volume.
properties:
deleteOnTermination:
type: boolean
encrypted:
type: boolean
iops:
format: int64
type: integer
kmsKeyID:
type: string
snapshotID:
type: string
throughput:
format: int64
type: integer
volumeSize:
format: int64
type: integer
volumeType:
type: string
type: object
noDevice:
type: string
virtualName:
type: string
type: object
type: array
capacityReservationSpecification:
description: Describes an instance's Capacity Reservation
targeting option. You can specify only one option at a time.
Use the CapacityReservationPreference parameter to configure
the instance to run in On-Demand capacity or to run in any
open Capacity Reservation that has matching attributes (instance
type, platform, Availability Zone). Use the CapacityReservationTarget
parameter to explicitly target a specific Capacity Reservation
or a Capacity Reservation group.
properties:
capacityReservationPreference:
type: string
capacityReservationTarget:
description: Describes a target Capacity Reservation or
Capacity Reservation group.
properties:
capacityReservationID:
type: string
capacityReservationResourceGroupARN:
type: string
type: object
type: object
cpuOptions:
description: The CPU options for the instance. Both the core
count and threads per core must be specified in the request.
properties:
coreCount:
format: int64
type: integer
threadsPerCore:
format: int64
type: integer
type: object
creditSpecification:
description: The credit option for CPU usage of a T2, T3,
or T3a instance.
properties:
cpuCredits:
type: string
type: object
disableAPITermination:
type: boolean
ebsOptimized:
type: boolean
elasticGPUSpecifications:
items:
properties:
type_:
type: string
type: object
type: array
elasticInferenceAccelerators:
items:
properties:
count:
format: int64
type: integer
type_:
type: string
type: object
type: array
enclaveOptions:
description: Indicates whether the instance is enabled for
AWS Nitro Enclaves. For more information, see What is AWS
Nitro Enclaves? (https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html)
in the AWS Nitro Enclaves User Guide.
properties:
enabled:
type: boolean
type: object
hibernationOptions:
description: Indicates whether the instance is configured
for hibernation. This parameter is valid only if the instance
meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites).
properties:
configured:
type: boolean
type: object
iamInstanceProfile:
description: An IAM instance profile.
properties:
arn:
type: string
name:
type: string
type: object
imageID:
type: string
instanceInitiatedShutdownBehavior:
type: string
instanceMarketOptions:
description: The market (purchasing) option for the instances.
properties:
marketType:
type: string
spotOptions:
description: The options for Spot Instances.
properties:
blockDurationMinutes:
format: int64
type: integer
instanceInterruptionBehavior:
type: string
maxPrice:
type: string
spotInstanceType:
type: string
validUntil:
format: date-time
type: string
type: object
type: object
instanceType:
type: string
kernelID:
type: string
keyName:
type: string
licenseSpecifications:
items:
properties:
licenseConfigurationARN:
type: string
type: object
type: array
metadataOptions:
description: The metadata options for the instance. For more
information, see Instance Metadata and User Data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html)
in the Amazon Elastic Compute Cloud User Guide.
properties:
httpEndpoint:
type: string
httpPutResponseHopLimit:
format: int64
type: integer
httpTokens:
type: string
type: object
monitoring:
description: Describes the monitoring for the instance.
properties:
enabled:
type: boolean
type: object
networkInterfaces:
items:
properties:
associateCarrierIPAddress:
type: boolean
associatePublicIPAddress:
type: boolean
deleteOnTermination:
type: boolean
description:
type: string
deviceIndex:
format: int64
type: integer
groups:
items:
type: string
type: array
interfaceType:
type: string
ipv6AddressCount:
format: int64
type: integer
ipv6Addresses:
items:
properties:
ipv6Address:
type: string
type: object
type: array
networkCardIndex:
format: int64
type: integer
networkInterfaceID:
type: string
privateIPAddress:
type: string
privateIPAddresses:
items:
properties:
primary:
type: boolean
privateIPAddress:
type: string
type: object
type: array
secondaryPrivateIPAddressCount:
format: int64
type: integer
subnetID:
type: string
type: object
type: array
placement:
description: Describes the placement of an instance.
properties:
affinity:
type: string
availabilityZone:
type: string
groupName:
type: string
hostID:
type: string
hostResourceGroupARN:
type: string
partitionNumber:
format: int64
type: integer
spreadDomain:
type: string
tenancy:
type: string
type: object
ramDiskID:
type: string
securityGroupIDs:
items:
type: string
type: array
securityGroups:
items:
type: string
type: array
tagSpecifications:
items:
properties:
resourceType:
type: string
tags:
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
type: object
type: array
userData:
type: string
type: object
launchTemplateId:
description: The ID of the Launch Template. You must specify this
parameter in the request.
type: string
launchTemplateIdRef:
description: LaunchTemplateIDRef is a reference to an API used
to set the LaunchTemplateID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
launchTemplateIdSelector:
description: LaunchTemplateIDSelector selects references to API
used to set the LaunchTemplateID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
launchTemplateName:
description: The Name of the Launch Template. You must specify
this parameter in the request.
type: string
launchTemplateNameRef:
description: LaunchTemplateNameRef is a reference to an API used
to set the LaunchTemplateName.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
launchTemplateNameSelector:
description: LaunchTemplateNameSelector selects references to
API used to set the LaunchTemplateName.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
region:
description: Region is which region the LaunchTemplateVersion
will be created.
type: string
sourceVersion:
description: The version number of the launch template version
on which to base the new version. The new version inherits the
same launch parameters as the source version, except for parameters
that you specify in LaunchTemplateData. Snapshots applied to
the block device mapping are ignored when creating a new version
unless they are explicitly included.
type: string
versionDescription:
description: A description for the version of the launch template.
type: string
required:
- launchTemplateData
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: LaunchTemplateVersionStatus defines the observed state of
LaunchTemplateVersion.
properties:
atProvider:
description: LaunchTemplateVersionObservation defines the observed
state of LaunchTemplateVersion
properties:
launchTemplateVersion:
description: Information about the launch template version.
properties:
createTime:
format: date-time
type: string
createdBy:
type: string
defaultVersion:
type: boolean
launchTemplateData:
description: The information for a launch template.
properties:
blockDeviceMappings:
items:
properties:
deviceName:
type: string
ebs:
description: Describes a block device for an EBS
volume.
properties:
deleteOnTermination:
type: boolean
encrypted:
type: boolean
iops:
format: int64
type: integer
kmsKeyID:
type: string
snapshotID:
type: string
throughput:
format: int64
type: integer
volumeSize:
format: int64
type: integer
volumeType:
type: string
type: object
noDevice:
type: string
virtualName:
type: string
type: object
type: array
capacityReservationSpecification:
description: Information about the Capacity Reservation
targeting option.
properties:
capacityReservationPreference:
type: string
capacityReservationTarget:
description: Describes a target Capacity Reservation
or Capacity Reservation group.
properties:
capacityReservationID:
type: string
capacityReservationResourceGroupARN:
type: string
type: object
type: object
cpuOptions:
description: The CPU options for the instance.
properties:
coreCount:
format: int64
type: integer
threadsPerCore:
format: int64
type: integer
type: object
creditSpecification:
description: Describes the credit option for CPU usage
of a T2, T3, or T3a instance.
properties:
cpuCredits:
type: string
type: object
disableAPITermination:
type: boolean
ebsOptimized:
type: boolean
elasticGPUSpecifications:
items:
properties:
type_:
type: string
type: object
type: array
elasticInferenceAccelerators:
items:
properties:
count:
format: int64
type: integer
type_:
type: string
type: object
type: array
enclaveOptions:
description: Indicates whether the instance is enabled
for AWS Nitro Enclaves.
properties:
enabled:
type: boolean
type: object
hibernationOptions:
description: Indicates whether an instance is configured
for hibernation.
properties:
configured:
type: boolean
type: object
iamInstanceProfile:
description: Describes an IAM instance profile.
properties:
arn:
type: string
name:
type: string
type: object
imageID:
type: string
instanceInitiatedShutdownBehavior:
type: string
instanceMarketOptions:
description: The market (purchasing) option for the instances.
properties:
marketType:
type: string
spotOptions:
description: The options for Spot Instances.
properties:
blockDurationMinutes:
format: int64
type: integer
instanceInterruptionBehavior:
type: string
maxPrice:
type: string
spotInstanceType:
type: string
validUntil:
format: date-time
type: string
type: object
type: object
instanceType:
type: string
kernelID:
type: string
keyName:
type: string
licenseSpecifications:
items:
properties:
licenseConfigurationARN:
type: string
type: object
type: array
metadataOptions:
description: The metadata options for the instance. For
more information, see Instance Metadata and User Data
(https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html)
in the Amazon Elastic Compute Cloud User Guide.
properties:
httpEndpoint:
type: string
httpPutResponseHopLimit:
format: int64
type: integer
httpTokens:
type: string
state:
type: string
type: object
monitoring:
description: Describes the monitoring for the instance.
properties:
enabled:
type: boolean
type: object
networkInterfaces:
items:
properties:
associateCarrierIPAddress:
type: boolean
associatePublicIPAddress:
type: boolean
deleteOnTermination:
type: boolean
description:
type: string
deviceIndex:
format: int64
type: integer
groups:
items:
type: string
type: array
interfaceType:
type: string
ipv6AddressCount:
format: int64
type: integer
ipv6Addresses:
items:
properties:
ipv6Address:
type: string
type: object
type: array
networkCardIndex:
format: int64
type: integer
networkInterfaceID:
type: string
privateIPAddress:
type: string
privateIPAddresses:
items:
properties:
primary:
type: boolean
privateIPAddress:
type: string
type: object
type: array
secondaryPrivateIPAddressCount:
format: int64
type: integer
subnetID:
type: string
type: object
type: array
placement:
description: Describes the placement of an instance.
properties:
affinity:
type: string
availabilityZone:
type: string
groupName:
type: string
hostID:
type: string
hostResourceGroupARN:
type: string
partitionNumber:
format: int64
type: integer
spreadDomain:
type: string
tenancy:
type: string
type: object
ramDiskID:
type: string
securityGroupIDs:
items:
type: string
type: array
securityGroups:
items:
type: string
type: array
tagSpecifications:
items:
properties:
resourceType:
type: string
tags:
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
type: object
type: array
userData:
type: string
type: object
launchTemplateID:
type: string
launchTemplateName:
type: string
versionDescription:
type: string
versionNumber:
format: int64
type: integer
type: object
warning:
description: If the new version of the launch template contains
parameters or parameter combinations that are not valid, an
error code and an error message are returned for each issue
that's found.
properties:
errors:
items:
properties:
code:
type: string
message:
type: string
type: object
type: array
type: object
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: routes.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Route
listKind: RouteList
plural: routes
singular: route
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Route is the Schema for the Routes API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: RouteSpec defines the desired state of Route
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: RouteParameters defines the desired state of Route
properties:
carrierGatewayID:
description: "The ID of the carrier gateway. \n You can only use
this option when the VPC contains a subnet which is associated
with a Wavelength Zone."
type: string
destinationCIDRBlock:
description: The IPv4 CIDR address block used for the destination
match. Routing decisions are based on the most specific match.
We modify the specified CIDR block to its canonical form; for
example, if you specify 100.68.0.18/18, we modify it to 100.68.0.0/18.
type: string
destinationIPv6CIDRBlock:
description: The IPv6 CIDR block used for the destination match.
Routing decisions are based on the most specific match.
type: string
destinationPrefixListID:
description: The ID of a prefix list used for the destination
match.
type: string
egressOnlyInternetGatewayID:
description: '[IPv6 traffic only] The ID of an egress-only internet
gateway.'
type: string
gatewayId:
description: The ID of an internet gateway attached to your VPC.
type: string
gatewayIdRef:
description: GatewayIDRef is a reference to an API used to set
the GatewayID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
gatewayIdSelector:
description: GatewayIDSelector selects references to API used
to set the GatewayID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
instanceId:
description: The ID of a NAT instance in your VPC. The operation
fails if you specify an instance ID unless exactly one network
interface is attached.
type: string
instanceIdRef:
description: InstanceIDRef is a reference to an API used to set
the InstanceID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
instanceIdSelector:
description: InstanceIDSelector selects references to API used
to set the InstanceID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
localGatewayID:
description: The ID of the local gateway.
type: string
natGatewayId:
description: '[IPv4 traffic only] The ID of a NAT gateway.'
type: string
natGatewayIdRef:
description: NATGatewayIDRef is a reference to an API used to
set the NATGatewayID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
natGatewayIdSelector:
description: NATGatewayIDSelector selects references to API used
to set the NATGatewayID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
networkInterfaceID:
description: The ID of a network interface.
type: string
region:
description: Region is which region the Route will be created.
type: string
routeTableId:
description: The ID of the route table for the route. provider-aws
currently provides both a standalone Route resource and a RouteTable
resource with routes defined in-line. At this time you cannot
use a Route Table with in-line routes in conjunction with any
Route resources. Doing so will cause a conflict of rule settings
and will overwrite rules.
type: string
transitGatewayId:
description: The ID of a transit gateway.
type: string
transitGatewayIdRef:
description: TransitGatewayIDRef is a reference to an API used
to set the TransitGatewayID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
transitGatewayIdSelector:
description: TransitGatewayIDSelector selects references to API
used to set the TransitGatewayID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
vpcEndpointID:
description: The ID of a VPC endpoint. Supported for Gateway Load
Balancer endpoints only.
type: string
vpcPeeringConnectionId:
description: The ID of a VPC peering connection.
type: string
vpcPeeringConnectionIdRef:
description: VPCPeeringConnectionIDRef is a reference to an API
used to set the VPCPeeringConnectionID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
vpcPeeringConnectionIdSelector:
description: VPCPeeringConnectionIDSelector selects references
to API used to set the VPCPeeringConnectionID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: RouteStatus defines the observed state of Route.
properties:
atProvider:
description: RouteObservation defines the observed state of Route
properties:
return_:
description: Returns true if the request succeeds; otherwise,
it returns an error.
type: boolean
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: transitgateways.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: TransitGateway
listKind: TransitGatewayList
plural: transitgateways
singular: transitgateway
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: TransitGateway is the Schema for the TransitGateways API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: TransitGatewaySpec defines the desired state of TransitGateway
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: TransitGatewayParameters defines the desired state of
TransitGateway
properties:
description:
description: A description of the transit gateway.
type: string
options:
description: The transit gateway options.
properties:
amazonSideASN:
format: int64
type: integer
autoAcceptSharedAttachments:
type: string
defaultRouteTableAssociation:
type: string
defaultRouteTablePropagation:
type: string
dnsSupport:
type: string
multicastSupport:
type: string
transitGatewayCIDRBlocks:
items:
type: string
type: array
vpnECMPSupport:
type: string
type: object
region:
description: Region is which region the TransitGateway will be
created.
type: string
tagSpecifications:
description: The tags to apply to the transit gateway.
items:
properties:
resourceType:
type: string
tags:
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
type: object
type: array
tags:
description: Metadata tagging key value pairs
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: TransitGatewayStatus defines the observed state of TransitGateway.
properties:
atProvider:
description: TransitGatewayObservation defines the observed state
of TransitGateway
properties:
creationTime:
description: The creation time.
format: date-time
type: string
ownerID:
description: The ID of the AWS account ID that owns the transit
gateway.
type: string
state:
description: The state of the transit gateway.
type: string
tags:
description: The tags for the transit gateway.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
transitGatewayARN:
description: The Amazon Resource Name (ARN) of the transit gateway.
type: string
transitGatewayID:
description: The ID of the transit gateway.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: transitgatewayroutes.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: TransitGatewayRoute
listKind: TransitGatewayRouteList
plural: transitgatewayroutes
singular: transitgatewayroute
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: TransitGatewayRoute is the Schema for the TransitGatewayRoutes
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: TransitGatewayRouteSpec defines the desired state of TransitGatewayRoute
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: TransitGatewayRouteParameters defines the desired state
of TransitGatewayRoute
properties:
blackhole:
description: Indicates whether to drop traffic that matches this
route.
type: boolean
destinationCIDRBlock:
description: The CIDR range used for destination matches. Routing
decisions are based on the most specific match.
type: string
region:
description: Region is which region the TransitGatewayRoute will
be created.
type: string
transitGatewayAttachmentId:
description: The ID of the attachment.
type: string
transitGatewayAttachmentIdRef:
description: TransitGatewayAttachmentIDRef is a reference to an
API used to set the TransitGatewayAttachmentID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
transitGatewayAttachmentIdSelector:
description: TransitGatewayAttachmentIDSelector selects references
to API used to set the TransitGatewayAttachmentID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
transitGatewayRouteTableId:
description: The ID of the transit gateway route table.
type: string
transitGatewayRouteTableIdRef:
description: TransitGatewayRouteTableIDRef is a reference to an
API used to set the TransitGatewayRouteTableID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
transitGatewayRouteTableIdSelector:
description: TransitGatewayRouteTableIDSelector selects references
to API used to set the TransitGatewayRouteTableID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- destinationCIDRBlock
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: TransitGatewayRouteStatus defines the observed state of TransitGatewayRoute.
properties:
atProvider:
description: TransitGatewayRouteObservation defines the observed state
of TransitGatewayRoute
properties:
prefixListID:
description: The ID of the prefix list used for destination matches.
type: string
state:
description: The state of the route.
type: string
transitGatewayAttachments:
description: The attachments.
items:
properties:
resourceID:
type: string
resourceType:
type: string
transitGatewayAttachmentID:
type: string
type: object
type: array
type_:
description: The route type.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: transitgatewayroutetables.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: TransitGatewayRouteTable
listKind: TransitGatewayRouteTableList
plural: transitgatewayroutetables
singular: transitgatewayroutetable
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: TransitGatewayRouteTable is the Schema for the TransitGatewayRouteTables
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: TransitGatewayRouteTableSpec defines the desired state of
TransitGatewayRouteTable
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: TransitGatewayRouteTableParameters defines the desired
state of TransitGatewayRouteTable
properties:
region:
description: Region is which region the TransitGatewayRouteTable
will be created.
type: string
tagSpecifications:
description: The tags to apply to the transit gateway route table.
items:
properties:
resourceType:
type: string
tags:
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
type: object
type: array
tags:
description: Metadata tagging key value pairs
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
transitGatewayId:
description: The ID of the transit gateway.
type: string
transitGatewayIdRef:
description: TransitGatewayIDRef is a reference to an API used
to set the TransitGatewayID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
transitGatewayIdSelector:
description: TransitGatewayIDSelector selects references to API
used to set the TransitGatewayID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: TransitGatewayRouteTableStatus defines the observed state
of TransitGatewayRouteTable.
properties:
atProvider:
description: TransitGatewayRouteTableObservation defines the observed
state of TransitGatewayRouteTable
properties:
creationTime:
description: The creation time.
format: date-time
type: string
defaultAssociationRouteTable:
description: Indicates whether this is the default association
route table for the transit gateway.
type: boolean
defaultPropagationRouteTable:
description: Indicates whether this is the default propagation
route table for the transit gateway.
type: boolean
state:
description: The state of the transit gateway route table.
type: string
tags:
description: Any tags assigned to the route table.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
transitGatewayID:
description: The ID of the transit gateway.
type: string
transitGatewayRouteTableID:
description: The ID of the transit gateway route table.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: transitgatewayvpcattachments.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: TransitGatewayVPCAttachment
listKind: TransitGatewayVPCAttachmentList
plural: transitgatewayvpcattachments
singular: transitgatewayvpcattachment
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: TransitGatewayVPCAttachment is the Schema for the TransitGatewayVPCAttachments
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: TransitGatewayVPCAttachmentSpec defines the desired state
of TransitGatewayVPCAttachment
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: TransitGatewayVPCAttachmentParameters defines the desired
state of TransitGatewayVPCAttachment
properties:
options:
description: The VPC attachment options.
properties:
applianceModeSupport:
type: string
dnsSupport:
type: string
ipv6Support:
type: string
type: object
region:
description: Region is which region the TransitGatewayVPCAttachment
will be created.
type: string
subnetIdRefs:
description: SubnetIDRefs is a list of references to SubnetIDs
used to set the SubnetIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
subnetIdSelector:
description: SubnetIDSelector selects references to SubnetIDs
used to set the SubnetIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
subnetIds:
description: The IDs of one or more subnets. You can specify only
one subnet per Availability Zone. You must specify at least
one subnet, but we recommend that you specify two subnets for
better availability. The transit gateway uses one IP address
from each specified subnet.
items:
type: string
type: array
tagSpecifications:
description: The tags to apply to the VPC attachment.
items:
properties:
resourceType:
type: string
tags:
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
type: object
type: array
tags:
description: Metadata tagging key value pairs
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
transitGatewayId:
description: The ID of the transit gateway.
type: string
transitGatewayIdRef:
description: TransitGatewayIDRef is a reference to an API used
to set the TransitGatewayID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
transitGatewayIdSelector:
description: TransitGatewayIDSelector selects references to API
used to set the TransitGatewayID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
vpcId:
description: The ID of the VPC.
type: string
vpcIdRef:
description: VPCIDRef is a reference to an API used to set the
VPCID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
vpcIdSelector:
description: VPCIDSelector selects references to API used to set
the VPCID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: TransitGatewayVPCAttachmentStatus defines the observed state
of TransitGatewayVPCAttachment.
properties:
atProvider:
description: TransitGatewayVPCAttachmentObservation defines the observed
state of TransitGatewayVPCAttachment
properties:
creationTime:
description: The creation time.
format: date-time
type: string
state:
description: The state of the VPC attachment. Note that the initiating
state has been deprecated.
type: string
subnetIDs:
description: The IDs of the subnets.
items:
type: string
type: array
tags:
description: The tags for the VPC attachment.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
transitGatewayAttachmentID:
description: The ID of the attachment.
type: string
transitGatewayID:
description: The ID of the transit gateway.
type: string
vpcID:
description: The ID of the VPC.
type: string
vpcOwnerID:
description: The ID of the AWS account that owns the VPC.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: volumes.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Volume
listKind: VolumeList
plural: volumes
singular: volume
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Volume is the Schema for the Volumes API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: VolumeSpec defines the desired state of Volume
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: VolumeParameters defines the desired state of Volume
properties:
availabilityZone:
description: The Availability Zone in which to create the volume.
type: string
encrypted:
description: "Indicates whether the volume should be encrypted.
The effect of setting the encryption state to true depends on
the volume origin (new or from a snapshot), starting encryption
state, ownership, and whether encryption by default is enabled.
For more information, see Encryption by default (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default)
in the Amazon Elastic Compute Cloud User Guide. \n Encrypted
Amazon EBS volumes must be attached to instances that support
Amazon EBS encryption. For more information, see Supported instance
types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances)."
type: boolean
iops:
description: "The number of I/O operations per second (IOPS).
For gp3, io1, and io2 volumes, this represents the number of
IOPS that are provisioned for the volume. For gp2 volumes, this
represents the baseline performance of the volume and the rate
at which the volume accumulates I/O credits for bursting. \n
The following are the supported values for each volume type:
\n * gp3: 3,000-16,000 IOPS \n * io1: 100-64,000 IOPS
\n * io2: 100-64,000 IOPS \n For io1 and io2 volumes, we
guarantee 64,000 IOPS only for Instances built on the Nitro
System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances).
Other instance families guarantee performance up to 32,000 IOPS.
\n This parameter is required for io1 and io2 volumes. The default
for gp3 volumes is 3,000 IOPS. This parameter is not supported
for gp2, st1, sc1, or standard volumes."
format: int64
type: integer
kmsKeyId:
description: "The identifier of the AWS Key Management Service
(AWS KMS) customer master key (CMK) to use for Amazon EBS encryption.
If this parameter is not specified, your AWS managed CMK for
EBS is used. If KmsKeyId is specified, the encrypted state must
be true. \n You can specify the CMK using any of the following:
\n * Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.
\n * Key alias. For example, alias/ExampleAlias. \n *
Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.
\n * Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.
\n AWS authenticates the CMK asynchronously. Therefore, if you
specify an ID, alias, or ARN that is not valid, the action can
appear to complete, but eventually fails."
type: string
kmsKeyIdRef:
description: KMSKeyIDRef is a reference to a KMS Key used to set
KMSKeyID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
kmsKeyIdSelector:
description: KMSKeyIDSelector selects a reference to a KMS Key
used to set KMSKeyID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
multiAttachEnabled:
description: Indicates whether to enable Amazon EBS Multi-Attach.
If you enable Multi-Attach, you can attach the volume to up
to 16 Instances built on the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances)
in the same Availability Zone. This parameter is supported with
io1 and io2 volumes only. For more information, see Amazon EBS
Multi-Attach (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volumes-multi.html)
in the Amazon Elastic Compute Cloud User Guide.
type: boolean
outpostARN:
description: The Amazon Resource Name (ARN) of the Outpost.
type: string
region:
description: Region is which region the Volume will be created.
type: string
size:
description: "The size of the volume, in GiBs. You must specify
either a snapshot ID or a volume size. If you specify a snapshot,
the default is the snapshot size. You can specify a volume size
that is equal to or larger than the snapshot size. \n The following
are the supported volumes sizes for each volume type: \n *
gp2 and gp3: 1-16,384 \n * io1 and io2: 4-16,384 \n *
st1 and sc1: 125-16,384 \n * standard: 1-1,024"
format: int64
type: integer
snapshotID:
description: The snapshot from which to create the volume. You
must specify either a snapshot ID or a volume size.
type: string
tagSpecifications:
description: The tags to apply to the volume during creation.
items:
properties:
resourceType:
type: string
tags:
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
type: object
type: array
throughput:
description: "The throughput to provision for a volume, with a
maximum of 1,000 MiB/s. \n This parameter is valid only for
gp3 volumes. \n Valid Range: Minimum value of 125. Maximum value
of 1000."
format: int64
type: integer
volumeType:
description: "The volume type. This parameter can be one of the
following values: \n * General Purpose SSD: gp2 | gp3 \n
\ * Provisioned IOPS SSD: io1 | io2 \n * Throughput Optimized
HDD: st1 \n * Cold HDD: sc1 \n * Magnetic: standard \n
For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html)
in the Amazon Elastic Compute Cloud User Guide. \n Default:
gp2"
type: string
required:
- availabilityZone
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: VolumeStatus defines the observed state of Volume.
properties:
atProvider:
description: VolumeObservation defines the observed state of Volume
properties:
attachments:
description: Information about the volume attachments.
items:
properties:
attachTime:
format: date-time
type: string
deleteOnTermination:
type: boolean
device:
type: string
instanceID:
type: string
state:
type: string
volumeID:
type: string
type: object
type: array
createTime:
description: The time stamp when volume creation was initiated.
format: date-time
type: string
fastRestored:
description: Indicates whether the volume was created using fast
snapshot restore.
type: boolean
kmsKeyID:
description: The Amazon Resource Name (ARN) of the AWS Key Management
Service (AWS KMS) customer master key (CMK) that was used to
protect the volume encryption key for the volume.
type: string
state:
description: The volume state.
type: string
tags:
description: Any tags assigned to the volume.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
volumeID:
description: The ID of the volume.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: vpcendpoints.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: VPCEndpoint
listKind: VPCEndpointList
plural: vpcendpoints
singular: vpcendpoint
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: VPCEndpoint is the Schema for the VPCEndpoints API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: VPCEndpointSpec defines the desired state of VPCEndpoint
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: VPCEndpointParameters defines the desired state of VPCEndpoint
properties:
clientToken:
description: Unique, case-sensitive identifier that you provide
to ensure the idempotency of the request. For more information,
see How to Ensure Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html).
type: string
policyDocument:
description: (Interface and gateway endpoints) A policy to attach
to the endpoint that controls access to the service. The policy
must be in valid JSON format. If this parameter is not specified,
we attach a default policy that allows full access to the service.
type: string
privateDNSEnabled:
description: "(Interface endpoint) Indicates whether to associate
a private hosted zone with the specified VPC. The private hosted
zone contains a record set for the default public DNS name for
the service for the Region (for example, kinesis.us-east-1.amazonaws.com),
which resolves to the private IP addresses of the endpoint network
interfaces in the VPC. This enables you to make requests to
the default public DNS name for the service instead of the public
DNS names that are automatically generated by the VPC endpoint
service. \n To use a private hosted zone, you must set the following
VPC attributes to true: enableDnsHostnames and enableDnsSupport.
Use ModifyVpcAttribute to set the VPC attributes. \n Private
DNS is not supported for Amazon S3 interface endpoints. \n Default:
true for supported endpoints"
type: boolean
region:
description: Region is which region the VPCEndpoint will be created.
type: string
routeTableIdRefs:
description: RouteTableIDRefs is a list of references to RouteTables
used to set the RouteTableIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
routeTableIdSelector:
description: RouteTableIDsSelector selects references to RouteTables
used to set the RouteTableIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
routeTableIds:
description: (Gateway endpoint) One or more route table IDs.
items:
type: string
type: array
securityGroupIdRefs:
description: SecurityGroupIDRefs is a list of references to SecurityGroups
used to set the SecurityGroupIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
securityGroupIdSelector:
description: SecurityGroupIDsSelector selects references to SecurityGroupID
used to set the SecurityGroupIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
securityGroupIds:
description: (Interface endpoint) The ID of one or more security
groups to associate with the endpoint network interface.
items:
type: string
type: array
serviceName:
description: The service name. To get a list of available services,
use the DescribeVpcEndpointServices request, or get the name
from the service provider.
type: string
subnetIdRefs:
description: SubnetIDRefs is a list of references to Subnets used
to set the SubnetIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
subnetIdSelector:
description: SubnetIDsSelector selects references to Subnets used
to set the SubnetIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
subnetIds:
description: (Interface and Gateway Load Balancer endpoints) The
ID of one or more subnets in which to create an endpoint network
interface. For a Gateway Load Balancer endpoint, you can specify
one subnet only.
items:
type: string
type: array
tagSpecifications:
description: The tags to associate with the endpoint.
items:
properties:
resourceType:
type: string
tags:
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
type: object
type: array
vpcEndpointType:
description: "The type of endpoint. \n Default: Gateway"
type: string
vpcId:
description: The ID of the VPC. You must specify this parameter
in the request.
type: string
vpcIdRef:
description: VPCIDRef is a reference to an API used to set the
VPCID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
vpcIdSelector:
description: VPCIDSelector selects references to API used to set
the VPCID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- region
- serviceName
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: VPCEndpointStatus defines the observed state of VPCEndpoint.
properties:
atProvider:
description: VPCEndpointObservation defines the observed state of
VPCEndpoint
properties:
vpcEndpoint:
description: Information about the endpoint.
properties:
creationTimestamp:
format: date-time
type: string
dnsEntries:
items:
properties:
dnsName:
type: string
hostedZoneID:
type: string
type: object
type: array
groups:
items:
properties:
groupID:
type: string
groupName:
type: string
type: object
type: array
lastError:
description: The last error that occurred for a VPC endpoint.
properties:
code:
type: string
message:
type: string
type: object
networkInterfaceIDs:
items:
type: string
type: array
ownerID:
type: string
policyDocument:
type: string
privateDNSEnabled:
type: boolean
requesterManaged:
type: boolean
routeTableIDs:
items:
type: string
type: array
serviceName:
type: string
state:
type: string
subnetIDs:
items:
type: string
type: array
tags:
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
vpcEndpointID:
type: string
vpcEndpointType:
type: string
vpcID:
type: string
type: object
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: vpcendpointserviceconfigurations.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: VPCEndpointServiceConfiguration
listKind: VPCEndpointServiceConfigurationList
plural: vpcendpointserviceconfigurations
singular: vpcendpointserviceconfiguration
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: VPCEndpointServiceConfiguration is the Schema for the VPCEndpointServiceConfigurations
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: VPCEndpointServiceConfigurationSpec defines the desired state
of VPCEndpointServiceConfiguration
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: VPCEndpointServiceConfigurationParameters defines the
desired state of VPCEndpointServiceConfiguration
properties:
acceptanceRequired:
description: Indicates whether requests from service consumers
to create an endpoint to your service must be accepted. To accept
a request, use AcceptVpcEndpointConnections.
type: boolean
gatewayLoadBalancerARNRefs:
description: GatewayLoadBalancerARNRefs is a list of references
to GatewayLoadBalancerARNs used to set the GatewayLoadBalancerARNs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
gatewayLoadBalancerARNSelector:
description: GatewayLoadBalancerARNSelector selects references
to GatewayLoadBalancerARNs used to set the GatewayLoadBalancerARNs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
gatewayLoadBalancerARNs:
description: The Amazon Resource Names (ARNs) of one or more Gateway
Load Balancers.
items:
type: string
type: array
networkLoadBalancerARNRefs:
description: NetworkLoadBalancerARNRefs is a list of references
to NetworkLoadBalancerARNs used to set the NetworkLoadBalancerARNs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
networkLoadBalancerARNSelector:
description: NetworkLoadBalancerARNSelector selects references
to NetworkLoadBalancerARNs used to set the NetworkLoadBalancerARNs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
networkLoadBalancerARNs:
description: The Amazon Resource Names (ARNs) of one or more Network
Load Balancers for your service.
items:
type: string
type: array
privateDNSName:
description: (Interface endpoint configuration) The private DNS
name to assign to the VPC endpoint service.
type: string
region:
description: Region is which region the VPCEndpointServiceConfiguration
will be created.
type: string
tagSpecifications:
description: The tags to associate with the service.
items:
properties:
resourceType:
type: string
tags:
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
type: object
type: array
tags:
description: Metadata tagging key value pairs
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: VPCEndpointServiceConfigurationStatus defines the observed
state of VPCEndpointServiceConfiguration.
properties:
atProvider:
description: VPCEndpointServiceConfigurationObservation defines the
observed state of VPCEndpointServiceConfiguration
properties:
clientToken:
description: Unique, case-sensitive identifier that you provide
to ensure the idempotency of the request.
type: string
serviceConfiguration:
description: Information about the service configuration.
properties:
acceptanceRequired:
type: boolean
availabilityZones:
items:
type: string
type: array
baseEndpointDNSNames:
items:
type: string
type: array
gatewayLoadBalancerARNs:
items:
type: string
type: array
managesVPCEndpoints:
type: boolean
networkLoadBalancerARNs:
items:
type: string
type: array
privateDNSName:
type: string
privateDNSNameConfiguration:
description: Information about the private DNS name for the
service endpoint. For more information about these parameters,
see VPC Endpoint Service Private DNS Name Verification (https://docs.aws.amazon.com/vpc/latest/userguide/ndpoint-services-dns-validation.html)
in the Amazon Virtual Private Cloud User Guide.
properties:
name:
type: string
state:
type: string
type_:
type: string
value:
type: string
type: object
serviceID:
type: string
serviceName:
type: string
serviceState:
type: string
serviceType:
items:
properties:
serviceType:
type: string
type: object
type: array
tags:
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
type: object
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: vpcpeeringconnections.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: VPCPeeringConnection
listKind: VPCPeeringConnectionList
plural: vpcpeeringconnections
singular: vpcpeeringconnection
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: VPCPeeringConnection is the Schema for the VPCPeeringConnections
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: VPCPeeringConnectionSpec defines the desired state of VPCPeeringConnection
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: VPCPeeringConnectionParameters defines the desired state
of VPCPeeringConnection
properties:
acceptRequest:
description: Automatically accepts the peering connection. If
this is not set, the peering connection will be created, but
will be in pending-acceptance state. This will only lead to
an active connection if both VPCs are in the same tenant.
type: boolean
peerOwnerID:
description: "The AWS account ID of the owner of the accepter
VPC. \n Default: Your AWS account ID"
type: string
peerRegion:
description: "The Region code for the accepter VPC, if the accepter
VPC is located in a Region other than the Region in which you
make the request. \n Default: The Region in which you make the
request."
type: string
peerVPCID:
description: The ID of the VPC with which you are creating the
VPC peering connection. You must specify this parameter in the
request.
type: string
peerVPCIDRef:
description: PeerVPCIDRef is a reference to an API used to set
the PeerVPCID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
peerVPCIDSelector:
description: PeerVPCIDSelector selects references to API used
to set the PeerVPCID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
region:
description: Region is which region the VPCPeeringConnection will
be created.
type: string
tagSpecifications:
description: The tags to assign to the peering connection.
items:
properties:
resourceType:
type: string
tags:
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
type: object
type: array
vpcID:
description: The ID of the requester VPC. You must specify this
parameter in the request.
type: string
vpcIDRef:
description: VPCIDRef is a reference to an API used to set the
VPCID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
vpcIDSelector:
description: VPCIDSelector selects references to API used to set
the VPCID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: VPCPeeringConnectionStatus defines the observed state of
VPCPeeringConnection.
properties:
atProvider:
description: VPCPeeringConnectionObservation defines the observed
state of VPCPeeringConnection
properties:
accepterVPCInfo:
description: Information about the accepter VPC. CIDR block information
is only returned when describing an active VPC peering connection.
properties:
cidrBlock:
type: string
cidrBlockSet:
items:
properties:
cidrBlock:
type: string
type: object
type: array
ipv6CIDRBlockSet:
items:
properties:
ipv6CIDRBlock:
type: string
type: object
type: array
ownerID:
type: string
peeringOptions:
description: Describes the VPC peering connection options.
properties:
allowDNSResolutionFromRemoteVPC:
type: boolean
allowEgressFromLocalClassicLinkToRemoteVPC:
type: boolean
allowEgressFromLocalVPCToRemoteClassicLink:
type: boolean
type: object
region:
type: string
vpcID:
type: string
type: object
expirationTime:
description: The time that an unaccepted VPC peering connection
will expire.
format: date-time
type: string
requesterVPCInfo:
description: Information about the requester VPC. CIDR block information
is only returned when describing an active VPC peering connection.
properties:
cidrBlock:
type: string
cidrBlockSet:
items:
properties:
cidrBlock:
type: string
type: object
type: array
ipv6CIDRBlockSet:
items:
properties:
ipv6CIDRBlock:
type: string
type: object
type: array
ownerID:
type: string
peeringOptions:
description: Describes the VPC peering connection options.
properties:
allowDNSResolutionFromRemoteVPC:
type: boolean
allowEgressFromLocalClassicLinkToRemoteVPC:
type: boolean
allowEgressFromLocalVPCToRemoteClassicLink:
type: boolean
type: object
region:
type: string
vpcID:
type: string
type: object
status:
description: The status of the VPC peering connection.
properties:
code:
type: string
message:
type: string
type: object
tags:
description: Any tags assigned to the resource.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
vpcPeeringConnectionID:
description: The ID of the VPC peering connection.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: addresses.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Address
listKind: AddressList
plural: addresses
singular: address
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: ID
type: string
- jsonPath: .status.atProvider.publicIp
name: IP
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: An Address is a managed resource that represents an AWS Elastic
IP Address.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: An AddressSpec defines the desired state of an Address.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: AddressParameters define the desired state of an AWS
Elastic IP
properties:
address:
description: '[EC2-VPC] The Elastic IP address to recover or an
IPv4 address from an address pool.'
type: string
customerOwnedIPv4Pool:
description: The ID of a customer-owned address pool. Use this
parameter to let Amazon EC2 select an address from the address
pool. Alternatively, specify a specific address from the address
pool
type: string
domain:
description: 'Set to vpc to allocate the address for use with
instances in a VPC. Default: The address is for use with instances
in EC2-Classic.'
enum:
- vpc
- standard
type: string
networkBorderGroup:
description: "The location from which the IP address is advertised.
Use this parameter to limit the address to this location. \n
A network border group is a unique set of Availability Zones
or Local Zones from where AWS advertises IP addresses and limits
the addresses to the group. IP addresses cannot move between
network border groups. \n Use DescribeAvailabilityZones (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html)
to view the network border groups. \n You cannot use a network
border group with EC2 Classic. If you attempt this operation
on EC2 classic, you will receive an InvalidParameterCombination
error. For more information, see Error Codes (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html)."
type: string
publicIpv4Pool:
description: The ID of an address pool that you own. Use this
parameter to let Amazon EC2 select an address from the address
pool. To specify a specific address from the address pool, use
the Address parameter instead.
type: string
region:
description: Region is the region you'd like your Address to be
created in.
type: string
tags:
description: Tags represents to current ec2 tags.
items:
description: Tag defines a tag
properties:
key:
description: Key is the name of the tag.
type: string
value:
description: Value is the value of the tag.
type: string
required:
- key
- value
type: object
type: array
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An AddressStatus represents the observed state of an Address.
properties:
atProvider:
description: AddressObservation keeps the state for the external resource
properties:
allocationId:
description: The ID representing the allocation of the address
for use with EC2-VPC.
type: string
associationId:
description: The ID representing the association of the address
with an instance in a VPC.
type: string
customerOwnedIp:
description: The customer-owned IP address.
type: string
customerOwnedIpv4Pool:
description: The ID of the customer-owned address pool.
type: string
domain:
description: Indicates whether this Elastic IP address is for
use with instances in EC2-Classic (standard) or instances in
a VPC (vpc).
type: string
instanceId:
description: The ID of the instance that the address is associated
with (if any).
type: string
networkBorderGroup:
description: The name of the location from which the IP address
is advertised.
type: string
networkInterfaceId:
description: The ID of the network interface.
type: string
networkInterfaceOwnerId:
description: The ID of the AWS account that owns the network interface.
type: string
privateIpAddress:
description: The private IP address associated with the Elastic
IP address.
type: string
publicIp:
description: The Elastic IP address.
type: string
publicIpv4Pool:
description: The ID of an address pool.
type: string
required:
- domain
- networkInterfaceId
- privateIpAddress
- publicIp
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: internetgateways.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: InternetGateway
listKind: InternetGatewayList
plural: internetgateways
singular: internetgateway
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: ID
type: string
- jsonPath: .spec.forProvider.vpcId
name: VPC
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: An InternetGateway is a managed resource that represents an AWS
VPC Internet Gateway.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: An InternetGatewaySpec defines the desired state of an InternetGateway.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: InternetGatewayParameters define the desired state of
an AWS VPC Internet Gateway.
properties:
region:
description: Region is the region you'd like your VPC to be created
in.
type: string
tags:
description: Tags represents to current ec2 tags.
items:
description: Tag defines a tag
properties:
key:
description: Key is the name of the tag.
type: string
value:
description: Value is the value of the tag.
type: string
required:
- key
- value
type: object
type: array
vpcId:
description: VPCID is the ID of the VPC.
type: string
vpcIdRef:
description: VPCIDRef references a VPC to and retrieves its vpcId
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
vpcIdSelector:
description: VPCIDSelector selects a reference to a VPC to and
retrieves its vpcId
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An InternetGatewayStatus represents the observed state of
an InternetGateway.
properties:
atProvider:
description: InternetGatewayObservation keeps the state for the external
resource
properties:
attachments:
description: Any VPCs attached to the internet gateway.
items:
description: InternetGatewayAttachment describes the attachment
of a VPC to an internet gateway or an egress-only internet
gateway.
properties:
attachmentStatus:
description: The current state of the attachment. For an
internet gateway, the state is available when attached
to a VPC; otherwise, this value is not returned.
enum:
- available
- attaching
- attached
- detaching
- detached
type: string
vpcId:
description: VPCID is the ID of the attached VPC.
type: string
required:
- attachmentStatus
- vpcId
type: object
type: array
internetGatewayId:
description: The ID of the internet gateway.
type: string
ownerID:
description: The ID of the AWS account that owns the internet
gateway.
type: string
required:
- internetGatewayId
- ownerID
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: natgateways.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: NATGateway
listKind: NATGatewayList
plural: natgateways
singular: natgateway
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: ID
type: string
- jsonPath: .status.atProvider.vpcId
name: VPC
type: string
- jsonPath: .spec.forProvider.subnetId
name: SUBNET
type: string
- jsonPath: .spec.forProvider.allocationId
name: ALLOCATION ID
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: A NATGateway is a managed resource that represents an AWS VPC
NAT Gateway.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: NATGatewaySpec defines the desired state of a NAT Gateway
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: NATGatewayParameters defined the desired state of an
AWS VPC NAT Gateway
properties:
allocationId:
description: AllocationID is the Elastic IP allocation ID
type: string
allocationIdRef:
description: AllocationIDRef references an EIP and retrieves it's
allocation id
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
allocationIdSelector:
description: AllocationIDSelector references an EIP by selector
and retrieves it's allocation id
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
connectivityType:
description: Indicates whether the NAT gateway supports public
or private connectivity. The default is public connectivity.
enum:
- public
- private
type: string
region:
description: Region is the region you'd like your NATGateway to
be created in.
type: string
subnetId:
description: SubnetID is the subnet the NAT gateways needs to
be associated to
type: string
subnetIdRef:
description: SubnetIDRef references a subnet and retrives it's
subnet id
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
subnetIdSelector:
description: SubnetIDSelector references a subnet by selector
and retrives it's subnet id
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
tags:
description: Tags represents to current ec2 tags.
items:
description: Tag defines a tag
properties:
key:
description: Key is the name of the tag.
type: string
value:
description: Value is the value of the tag.
type: string
required:
- key
- value
type: object
type: array
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: NATGatewayStatus describes the observed state
properties:
atProvider:
description: NATGatewayObservation keeps the state for the CR
properties:
createTime:
format: date-time
type: string
deleteTime:
format: date-time
type: string
failureCode:
type: string
failureMessage:
type: string
natGatewayAddresses:
items:
description: NATGatewayAddress describes the details of network
properties:
allocationId:
type: string
networkInterfaceId:
type: string
privateIp:
type: string
publicIp:
type: string
type: object
type: array
natGatewayId:
type: string
state:
type: string
vpcId:
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: routetables.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: RouteTable
listKind: RouteTableList
plural: routetables
singular: routetable
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: ID
type: string
- jsonPath: .spec.forProvider.vpcId
name: VPC
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: A RouteTable is a managed resource that represents an AWS VPC
Route Table.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A RouteTableSpec defines the desired state of a RouteTable.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: RouteTableParameters define the desired state of an AWS
VPC Route Table.
properties:
associations:
description: The associations between the route table and one
or more subnets.
items:
description: Association describes an association between a
route table and a subnet.
properties:
subnetId:
description: The ID of the subnet. A subnet ID is not returned
for an implicit association.
type: string
subnetIdRef:
description: A referencer to retrieve the ID of a subnet
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
subnetIdSelector:
description: A selector to select a referencer to retrieve
the ID of a subnet
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
type: object
type: array
region:
description: Region is the region you'd like your VPC to be created
in.
type: string
routes:
description: the routes in the route table
items:
description: RouteBeta describes a route in a route table. provider-aws
currently provides both a standalone Route resource and a
RouteTable resource with routes defined in-line. At this time
you cannot use a Route Table with in-line routes in conjunction
with any Route resources. Doing so will cause a conflict of
rule settings and will overwrite rules.
properties:
destinationCidrBlock:
description: The IPv4 CIDR address block used for the destination
match. Routing decisions are based on the most specific
match.
type: string
destinationIpv6CidrBlock:
description: The IPv6 CIDR address block used for the destination
match. Routing decisions are based on the most specific
match.
type: string
egressOnlyInternetGatewayId:
description: '[IPv6 traffic only] The ID of an egress-only
internet gateway.'
type: string
gatewayId:
description: The ID of an internet gateway or virtual private
gateway attached to your VPC.
type: string
gatewayIdRef:
description: A referencer to retrieve the ID of a gateway
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
gatewayIdSelector:
description: A selector to select a referencer to retrieve
the ID of a gateway
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
instanceId:
description: The ID of a NAT instance in your VPC. The operation
fails if you specify an instance ID unless exactly one
network interface is attached.
type: string
localGatewayId:
description: The ID of the local gateway.
type: string
natGatewayId:
description: '[IPv4 traffic only] The ID of a NAT gateway.'
type: string
natGatewayIdRef:
description: A referencer to retrieve the ID of a NAT gateway
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
natGatewayIdSelector:
description: A selector to select a referencer to retrieve
the ID of a NAT gateway
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
networkInterfaceId:
description: The ID of a network interface.
type: string
transitGatewayId:
description: The ID of a transit gateway.
type: string
vpcPeeringConnectionId:
description: The ID of a VPC peering connection.
type: string
type: object
type: array
tags:
description: Tags represents to current ec2 tags.
items:
description: Tag defines a tag
properties:
key:
description: Key is the name of the tag.
type: string
value:
description: Value is the value of the tag.
type: string
required:
- key
- value
type: object
type: array
vpcId:
description: VPCID is the ID of the VPC.
type: string
vpcIdRef:
description: VPCIDRef references a VPC to retrieve its vpcId
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
vpcIdSelector:
description: VPCIDSelector selects a reference to a VPC to retrieve
its vpcId
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- associations
- region
- routes
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: A RouteTableStatus represents the observed state of a RouteTable.
properties:
atProvider:
description: RouteTableObservation keeps the state for the external
resource
properties:
associations:
description: The actual associations created for the route table.
items:
description: AssociationState describes an association state
in the route table.
properties:
associationId:
description: The ID of the association between a route table
and a subnet.
type: string
main:
description: Indicates whether this is the main route table.
type: boolean
state:
description: The state of the association.
type: string
subnetId:
description: The ID of the subnet. A subnet ID is not returned
for an implicit association.
type: string
required:
- main
type: object
type: array
ownerId:
description: The ID of the AWS account that owns the route table.
type: string
routeTableId:
description: RouteTableID is the ID of the RouteTable.
type: string
routes:
description: The actual routes created for the route table.
items:
description: RouteState describes a route state in the route
table.
properties:
destinationCidrBlock:
description: The IPv4 CIDR address block used for the destination
match. Routing decisions are based on the most specific
match.
type: string
destinationIpv6CidrBlock:
description: The IPv6 CIDR address block used for the destination
match. Routing decisions are based on the most specific
match.
type: string
gatewayId:
description: The ID of an internet gateway or virtual private
gateway attached to your VPC.
type: string
instanceId:
description: The ID of a NAT instance in your VPC. The operation
fails if you specify an instance ID unless exactly one
network interface is attached.
type: string
localGatewayId:
description: The ID of the local gateway.
type: string
natGatewayId:
description: '[IPv4 traffic only] The ID of a NAT gateway.'
type: string
networkInterfaceId:
description: The ID of a network interface.
type: string
state:
description: The state of the route. The blackhole state
indicates that the route's target isn't available (for
example, the specified gateway isn't attached to the VPC,
or the specified NAT instance has been terminated).
type: string
transitGatewayId:
description: The ID of a transit gateway.
type: string
vpcPeeringConnectionId:
description: The ID of a VPC peering connection.
type: string
type: object
type: array
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: securitygroups.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: SecurityGroup
listKind: SecurityGroupList
plural: securitygroups
singular: securitygroup
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: ID
type: string
- jsonPath: .spec.forProvider.vpcId
name: VPC
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: A SecurityGroup is a managed resource that represents an AWS
VPC Security Group.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A SecurityGroupSpec defines the desired state of a SecurityGroup.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: SecurityGroupParameters define the desired state of an
AWS VPC Security Group.
properties:
description:
description: A description of the security group.
type: string
egress:
description: '[EC2-VPC] One or more outbound rules associated
with the security group.'
items:
description: IPPermission Describes a set of permissions for
a security group rule.
properties:
fromPort:
description: The start of port range for the TCP and UDP
protocols, or an ICMP/ICMPv6 type number. A value of -1
indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6
types, you must specify all codes.
format: int32
type: integer
ipProtocol:
description: "The IP protocol name (tcp, udp, icmp, icmpv6)
or number (see Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)).
\n [VPC only] Use -1 to specify all protocols. When authorizing
security group rules, specifying -1 or a protocol number
other than tcp, udp, icmp, or icmpv6 allows traffic on
all ports, regardless of any port range you specify. For
tcp, udp, and icmp, you must specify a port range. For
icmpv6, the port range is optional; if you omit the port
range, traffic for all types and codes is allowed."
type: string
ipRanges:
description: The IPv4 ranges.
items:
description: IPRange describes an IPv4 range.
properties:
cidrIp:
description: The IPv4 CIDR range. You can either specify
a CIDR range or a source security group, not both.
To specify a single IPv4 address, use the /32 prefix
length.
type: string
description:
description: "A description for the security group
rule that references this IPv4 address range. \n
Constraints: Up to 255 characters in length. Allowed
characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*"
type: string
required:
- cidrIp
type: object
type: array
ipv6Ranges:
description: "The IPv6 ranges. \n [VPC only]"
items:
description: IPv6Range describes an IPv6 range.
properties:
cidrIPv6:
description: The IPv6 CIDR range. You can either specify
a CIDR range or a source security group, not both.
To specify a single IPv6 address, use the /128 prefix
length.
type: string
description:
description: "A description for the security group
rule that references this IPv6 address range. \n
Constraints: Up to 255 characters in length. Allowed
characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*"
type: string
required:
- cidrIPv6
type: object
type: array
prefixListIds:
description: "PrefixListIDs for an AWS service. With outbound
rules, this is the AWS service to access through a VPC
endpoint from instances associated with the security group.
\n [VPC only]"
items:
description: PrefixListID describes a prefix list ID.
properties:
description:
description: "A description for the security group
rule that references this prefix list ID. \n Constraints:
Up to 255 characters in length. Allowed characters
are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*"
type: string
prefixListId:
description: The ID of the prefix.
type: string
required:
- prefixListId
type: object
type: array
toPort:
description: The end of port range for the TCP and UDP protocols,
or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6
codes. If you specify all ICMP/ICMPv6 types, you must
specify all codes.
format: int32
type: integer
userIdGroupPairs:
description: UserIDGroupPairs are the source security group
and AWS account ID pairs. It contains one or more accounts
and security groups to allow flows from security groups
of other accounts.
items:
description: UserIDGroupPair describes a security group
and AWS account ID pair.
properties:
description:
description: "A description for the security group
rule that references this user ID group pair. \n
Constraints: Up to 255 characters in length. Allowed
characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*"
type: string
groupId:
description: The ID of the security group.
type: string
groupIdRef:
description: GroupIDRef reference a security group
to retrieve its GroupID
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
groupIdSelector:
description: GroupIDSelector selects reference to
a security group to retrieve its GroupID
properties:
matchControllerRef:
description: MatchControllerRef ensures an object
with the same controller reference as the selecting
object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with
matching labels is selected.
type: object
type: object
groupName:
description: "The name of the security group. In a
request, use this parameter for a security group
in EC2-Classic or a default VPC only. For a security
group in a nondefault VPC, use the security group
ID. \n For a referenced security group in another
VPC, this value is not returned if the referenced
security group is deleted."
type: string
userId:
description: "The ID of an AWS account. \n For a referenced
security group in another VPC, the account ID of
the referenced security group is returned in the
response. If the referenced security group is deleted,
this value is not returned. \n [EC2-Classic] Required
when adding or removing rules that reference a security
group in another AWS account."
type: string
vpcId:
description: The ID of the VPC for the referenced
security group, if applicable.
type: string
vpcIdRef:
description: VPCIDRef reference a VPC to retrieve
its vpcId
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
vpcIdSelector:
description: VPCIDSelector selects reference to a
VPC to retrieve its vpcId
properties:
matchControllerRef:
description: MatchControllerRef ensures an object
with the same controller reference as the selecting
object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with
matching labels is selected.
type: object
type: object
vpcPeeringConnectionId:
description: The ID of the VPC peering connection,
if applicable.
type: string
type: object
type: array
required:
- ipProtocol
type: object
type: array
groupName:
description: The name of the security group.
type: string
ingress:
description: One or more inbound rules associated with the security
group.
items:
description: IPPermission Describes a set of permissions for
a security group rule.
properties:
fromPort:
description: The start of port range for the TCP and UDP
protocols, or an ICMP/ICMPv6 type number. A value of -1
indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6
types, you must specify all codes.
format: int32
type: integer
ipProtocol:
description: "The IP protocol name (tcp, udp, icmp, icmpv6)
or number (see Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)).
\n [VPC only] Use -1 to specify all protocols. When authorizing
security group rules, specifying -1 or a protocol number
other than tcp, udp, icmp, or icmpv6 allows traffic on
all ports, regardless of any port range you specify. For
tcp, udp, and icmp, you must specify a port range. For
icmpv6, the port range is optional; if you omit the port
range, traffic for all types and codes is allowed."
type: string
ipRanges:
description: The IPv4 ranges.
items:
description: IPRange describes an IPv4 range.
properties:
cidrIp:
description: The IPv4 CIDR range. You can either specify
a CIDR range or a source security group, not both.
To specify a single IPv4 address, use the /32 prefix
length.
type: string
description:
description: "A description for the security group
rule that references this IPv4 address range. \n
Constraints: Up to 255 characters in length. Allowed
characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*"
type: string
required:
- cidrIp
type: object
type: array
ipv6Ranges:
description: "The IPv6 ranges. \n [VPC only]"
items:
description: IPv6Range describes an IPv6 range.
properties:
cidrIPv6:
description: The IPv6 CIDR range. You can either specify
a CIDR range or a source security group, not both.
To specify a single IPv6 address, use the /128 prefix
length.
type: string
description:
description: "A description for the security group
rule that references this IPv6 address range. \n
Constraints: Up to 255 characters in length. Allowed
characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*"
type: string
required:
- cidrIPv6
type: object
type: array
prefixListIds:
description: "PrefixListIDs for an AWS service. With outbound
rules, this is the AWS service to access through a VPC
endpoint from instances associated with the security group.
\n [VPC only]"
items:
description: PrefixListID describes a prefix list ID.
properties:
description:
description: "A description for the security group
rule that references this prefix list ID. \n Constraints:
Up to 255 characters in length. Allowed characters
are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*"
type: string
prefixListId:
description: The ID of the prefix.
type: string
required:
- prefixListId
type: object
type: array
toPort:
description: The end of port range for the TCP and UDP protocols,
or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6
codes. If you specify all ICMP/ICMPv6 types, you must
specify all codes.
format: int32
type: integer
userIdGroupPairs:
description: UserIDGroupPairs are the source security group
and AWS account ID pairs. It contains one or more accounts
and security groups to allow flows from security groups
of other accounts.
items:
description: UserIDGroupPair describes a security group
and AWS account ID pair.
properties:
description:
description: "A description for the security group
rule that references this user ID group pair. \n
Constraints: Up to 255 characters in length. Allowed
characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*"
type: string
groupId:
description: The ID of the security group.
type: string
groupIdRef:
description: GroupIDRef reference a security group
to retrieve its GroupID
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
groupIdSelector:
description: GroupIDSelector selects reference to
a security group to retrieve its GroupID
properties:
matchControllerRef:
description: MatchControllerRef ensures an object
with the same controller reference as the selecting
object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with
matching labels is selected.
type: object
type: object
groupName:
description: "The name of the security group. In a
request, use this parameter for a security group
in EC2-Classic or a default VPC only. For a security
group in a nondefault VPC, use the security group
ID. \n For a referenced security group in another
VPC, this value is not returned if the referenced
security group is deleted."
type: string
userId:
description: "The ID of an AWS account. \n For a referenced
security group in another VPC, the account ID of
the referenced security group is returned in the
response. If the referenced security group is deleted,
this value is not returned. \n [EC2-Classic] Required
when adding or removing rules that reference a security
group in another AWS account."
type: string
vpcId:
description: The ID of the VPC for the referenced
security group, if applicable.
type: string
vpcIdRef:
description: VPCIDRef reference a VPC to retrieve
its vpcId
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
vpcIdSelector:
description: VPCIDSelector selects reference to a
VPC to retrieve its vpcId
properties:
matchControllerRef:
description: MatchControllerRef ensures an object
with the same controller reference as the selecting
object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with
matching labels is selected.
type: object
type: object
vpcPeeringConnectionId:
description: The ID of the VPC peering connection,
if applicable.
type: string
type: object
type: array
required:
- ipProtocol
type: object
type: array
region:
description: Region is the region you'd like your SecurityGroup
to be created in.
type: string
tags:
description: Tags represents to current ec2 tags.
items:
description: Tag defines a tag
properties:
key:
description: Key is the name of the tag.
type: string
value:
description: Value is the value of the tag.
type: string
required:
- key
- value
type: object
type: array
vpcId:
description: VPCID is the ID of the VPC.
type: string
vpcIdRef:
description: VPCIDRef references a VPC to and retrieves its vpcId
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
vpcIdSelector:
description: VPCIDSelector selects a reference to a VPC to and
retrieves its vpcId
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- description
- groupName
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: A SecurityGroupStatus represents the observed state of a
SecurityGroup.
properties:
atProvider:
description: SecurityGroupObservation keeps the state for the external
resource
properties:
ownerId:
description: The AWS account ID of the owner of the security group.
type: string
securityGroupID:
description: SecurityGroupID is the ID of the SecurityGroup.
type: string
required:
- ownerId
- securityGroupID
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: subnets.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Subnet
listKind: SubnetList
plural: subnets
singular: subnet
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: ID
type: string
- jsonPath: .spec.forProvider.vpcId
name: VPC
type: string
- jsonPath: .spec.forProvider.cidrBlock
name: CIDR
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: A Subnet is a managed resource that represents an AWS VPC Subnet.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A SubnetSpec defines the desired state of a Subnet.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: SubnetParameters define the desired state of an AWS VPC
Subnet.
properties:
assignIpv6AddressOnCreation:
description: Indicates whether a network interface created in
this subnet (including a network interface created by RunInstances)
receives an IPv6 address.
type: boolean
availabilityZone:
description: 'The Availability Zone for the subnet. Default: AWS
selects one for you. If you create more than one subnet in your
VPC, we may not necessarily select a different zone for each
subnet.'
type: string
availabilityZoneId:
description: The AZ ID or the Local Zone ID of the subnet.
type: string
cidrBlock:
description: CIDRBlock is the IPv4 network range for the Subnet,
in CIDR notation. For example, 10.0.0.0/18.
type: string
ipv6CIDRBlock:
description: The IPv6 network range for the subnet, in CIDR notation.
The subnet size must use a /64 prefix length.
type: string
mapPublicIPOnLaunch:
description: Indicates whether instances launched in this subnet
receive a public IPv4 address.
type: boolean
region:
description: Region is the region you'd like your Subnet to be
created in.
type: string
tags:
description: Tags represents to current ec2 tags.
items:
description: Tag defines a tag
properties:
key:
description: Key is the name of the tag.
type: string
value:
description: Value is the value of the tag.
type: string
required:
- key
- value
type: object
type: array
vpcId:
description: VPCID is the ID of the VPC.
type: string
vpcIdRef:
description: VPCIDRef reference a VPC to retrieve its vpcId
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
vpcIdSelector:
description: VPCIDSelector selects reference to a VPC to retrieve
its vpcId
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- cidrBlock
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: A SubnetStatus represents the observed state of a Subnet.
properties:
atProvider:
description: SubnetObservation keeps the state for the external resource
properties:
availableIpAddressCount:
description: The number of unused private IPv4 addresses in the
subnet.
format: int32
type: integer
defaultForAz:
description: Indicates whether this is the default subnet for
the Availability Zone.
type: boolean
subnetId:
description: SubnetID is the ID of the Subnet.
type: string
subnetState:
description: SubnetState is the current state of the Subnet.
enum:
- pending
- available
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: vpcs.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: VPC
listKind: VPCList
plural: vpcs
singular: vpc
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: ID
type: string
- jsonPath: .spec.forProvider.cidrBlock
name: CIDR
type: string
- jsonPath: .spec.forProvider.ipv6CidrBlock
name: IPV6CIDR
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: A VPC is a managed resource that represents an AWS Virtual Private
Cloud.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A VPCSpec defines the desired state of a VPC.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: VPCParameters define the desired state of an AWS Virtual
Private Cloud.
properties:
amazonProvidedIpv6CidrBlock:
description: Requests an Amazon-provided IPv6 CIDR block with
a /56 prefix length for the VPC. You cannot specify the range
of IP addresses, or the size of the CIDR block.
type: boolean
cidrBlock:
description: CIDRBlock is the IPv4 network range for the VPC,
in CIDR notation. For example, 10.0.0.0/16.
type: string
enableDnsHostNames:
description: Indicates whether the instances launched in the VPC
get DNS hostnames.
type: boolean
enableDnsSupport:
description: A boolean flag to enable/disable DNS support in the
VPC
type: boolean
instanceTenancy:
description: The allowed tenancy of instances launched into the
VPC.
type: string
ipv6CidrBlock:
description: The IPv6 CIDR block from the IPv6 address pool. You
must also specify Ipv6Pool in the request. To let Amazon choose
the IPv6 CIDR block for you, omit this parameter.
type: string
ipv6Pool:
description: The ID of an IPv6 address pool from which to allocate
the IPv6 CIDR block.
type: string
region:
description: Region is the region you'd like your VPC to be created
in.
type: string
tags:
description: Tags are used as identification helpers between AWS
resources.
items:
description: Tag defines a tag
properties:
key:
description: Key is the name of the tag.
type: string
value:
description: Value is the value of the tag.
type: string
required:
- key
- value
type: object
type: array
required:
- cidrBlock
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: A VPCStatus represents the observed state of a VPC.
properties:
atProvider:
description: VPCObservation keeps the state for the external resource
properties:
cidrBlockAssociationSet:
description: Information about the IPv4 CIDR blocks associated
with the VPC.
items:
description: VPCCIDRBlockAssociation represents the association
of IPv4 CIDR blocks with the VPC.
properties:
associationId:
description: The association ID for the IPv4 CIDR block.
type: string
cidrBlock:
description: The IPv4 CIDR block.
type: string
cidrBlockState:
description: Information about the state of the CIDR block.
properties:
state:
description: The state of the CIDR block.
type: string
statusMessage:
description: A message about the status of the CIDR
block, if applicable.
type: string
type: object
type: object
type: array
dhcpOptionsId:
description: The ID of the set of DHCP options you've associated
with the VPC.
type: string
ipv6CidrBlockAssociationSet:
description: Information about the IPv6 CIDR blocks associated
with the VPC.
items:
description: VPCIPv6CidrBlockAssociation represents the association
of IPv6 CIDR blocks with the VPC.
properties:
associationId:
description: The association ID for the IPv6 CIDR block.
type: string
ipv6CidrBlock:
description: The IPv6 CIDR block.
type: string
ipv6CidrBlockState:
description: Information about the state of the CIDR block.
properties:
state:
description: The state of the CIDR block.
type: string
statusMessage:
description: A message about the status of the CIDR
block, if applicable.
type: string
type: object
ipv6Pool:
description: The ID of the IPv6 address pool from which
the IPv6 CIDR block is allocated.
type: string
networkBorderGroup:
description: The name of the location from which we advertise
the IPV6 CIDR block.
type: string
type: object
type: array
isDefault:
description: Indicates whether the VPC is the default VPC.
type: boolean
ownerId:
description: The ID of the AWS account that owns the VPC.
type: string
vpcState:
description: VPCState is the current state of the VPC.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: vpccidrblocks.ec2.aws.crossplane.io
spec:
group: ec2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: VPCCIDRBlock
listKind: VPCCIDRBlockList
plural: vpccidrblocks
singular: vpccidrblock
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: ID
type: string
- jsonPath: .status.atProvider.cidrBlock
name: CIDR
type: string
- jsonPath: .status.atProvider.ipv6CIDRBlock
name: IPv6CIDR
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: 'A VPCCIDRBlock is a managed resource that represents an secondary
CIDR block for a VPC Deprecated: Please use v1beta1 version of this resource.'
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A VPCCIDRBlockSpec defines the desired state of a VPCCIDRBlock.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: VPCCIDRBlockParameters define the desired state of an
VPC CIDR Block
properties:
amazonProvidedIpv6CidrBlock:
description: Requests an Amazon-provided IPv6 CIDR block with
a /56 prefix length for the VPC. You cannot specify the range
of IPv6 addresses, or the size of the CIDR block.
type: boolean
cidrBlock:
description: An IPv4 CIDR block to associate with the VPC.
type: string
ipv6CdirBlock:
description: "An IPv6 CIDR block from the IPv6 address pool. You
must also specify Ipv6Pool in the request. \n To let Amazon
choose the IPv6 CIDR block for you, omit this parameter."
type: string
ipv6CidrBlockNetworkBorderGroup:
description: "The name of the location from which we advertise
the IPV6 CIDR block. Use this parameter to limit the CiDR block
to this location. \n You must set AmazonProvidedIpv6CIDRBlock
to true to use this parameter. \n You can have one IPv6 CIDR
block association per network border group."
type: string
ipv6Pool:
description: The ID of an IPv6 address pool from which to allocate
the IPv6 CIDR block.
type: string
region:
description: Region is the region you'd like your VPC CIDR to
be created in.
type: string
vpcId:
description: VPCID is the ID of the VPC.
type: string
vpcIdRef:
description: VPCIDRef references a VPC to and retrieves its vpcId
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
vpcIdSelector:
description: VPCIDSelector selects a reference to a VPC to and
retrieves its vpcId
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: A VPCCIDRBlockStatus represents the observed state of a ElasticIP.
properties:
atProvider:
description: VPCCIDRBlockObservation keeps the state for the external
resource
properties:
associationId:
description: The association ID for the CIDR block.
type: string
cidrBlock:
description: The IPv4 CIDR block.
type: string
cidrBlockState:
description: Information about the state of the CIDR block.
properties:
state:
description: The state of the CIDR block.
type: string
statusMessage:
description: A message about the status of the CIDR block,
if applicable.
type: string
type: object
ipv6CidrBlock:
description: The IPv6 CIDR block.
type: string
ipv6CidrrBlockState:
description: Information about the state of the CIDR block.
properties:
state:
description: The state of the CIDR block.
type: string
statusMessage:
description: A message about the status of the CIDR block,
if applicable.
type: string
type: object
ipv6Pool:
description: The ID of the IPv6 address pool from which the IPv6
CIDR block is allocated.
type: string
networkBorderGroup:
description: The name of the location from which we advertise
the IPV6 CIDR block.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: ID
type: string
- jsonPath: .status.atProvider.cidrBlock
name: CIDR
type: string
- jsonPath: .status.atProvider.ipv6CIDRBlock
name: IPv6CIDR
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: A VPCCIDRBlock is a managed resource that represents an secondary
CIDR block for a VPC
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A VPCCIDRBlockSpec defines the desired state of a VPCCIDRBlock.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: VPCCIDRBlockParameters define the desired state of an
VPC CIDR Block
properties:
amazonProvidedIpv6CidrBlock:
description: Requests an Amazon-provided IPv6 CIDR block with
a /56 prefix length for the VPC. You cannot specify the range
of IPv6 addresses, or the size of the CIDR block.
type: boolean
cidrBlock:
description: An IPv4 CIDR block to associate with the VPC.
type: string
ipv6CdirBlock:
description: "An IPv6 CIDR block from the IPv6 address pool. You
must also specify Ipv6Pool in the request. \n To let Amazon
choose the IPv6 CIDR block for you, omit this parameter."
type: string
ipv6CidrBlockNetworkBorderGroup:
description: "The name of the location from which we advertise
the IPV6 CIDR block. Use this parameter to limit the CiDR block
to this location. \n You must set AmazonProvidedIpv6CIDRBlock
to true to use this parameter. \n You can have one IPv6 CIDR
block association per network border group."
type: string
ipv6Pool:
description: The ID of an IPv6 address pool from which to allocate
the IPv6 CIDR block.
type: string
region:
description: Region is the region you'd like your VPC CIDR to
be created in.
type: string
vpcId:
description: VPCID is the ID of the VPC.
type: string
vpcIdRef:
description: VPCIDRef references a VPC to and retrieves its vpcId
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
vpcIdSelector:
description: VPCIDSelector selects a reference to a VPC to and
retrieves its vpcId
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: A VPCCIDRBlockStatus represents the observed state of a ElasticIP.
properties:
atProvider:
description: VPCCIDRBlockObservation keeps the state for the external
resource
properties:
associationId:
description: The association ID for the CIDR block.
type: string
cidrBlock:
description: The IPv4 CIDR block.
type: string
cidrBlockState:
description: Information about the state of the CIDR block.
properties:
state:
description: The state of the CIDR block.
type: string
statusMessage:
description: A message about the status of the CIDR block,
if applicable.
type: string
type: object
ipv6CidrBlock:
description: The IPv6 CIDR block.
type: string
ipv6CidrrBlockState:
description: Information about the state of the CIDR block.
properties:
state:
description: The state of the CIDR block.
type: string
statusMessage:
description: A message about the status of the CIDR block,
if applicable.
type: string
type: object
ipv6Pool:
description: The ID of the IPv6 address pool from which the IPv6
CIDR block is allocated.
type: string
networkBorderGroup:
description: The name of the location from which we advertise
the IPV6 CIDR block.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: repositories.ecr.aws.crossplane.io
spec:
group: ecr.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Repository
listKind: RepositoryList
plural: repositories
singular: repository
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: ID
type: string
- jsonPath: .status.atProvider.repositoryUri
name: URI
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: 'A Repository is a managed resource that represents an Elastic
Container Repository Deprecated: Please use v1beta1 version of this resource.'
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A RepositorySpec defines the desired state of a Elastic Container
Repository.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: RepositoryParameters define the desired state of an AWS
Elastic Container Repository
properties:
forceDelete:
description: If a repository contains images, forces the deletion.
type: boolean
imageScanningConfiguration:
description: The image scanning configuration for the repository.
This determines whether images are scanned for known vulnerabilities
after being pushed to the repository.
properties:
scanOnPush:
description: The setting that determines whether images are
scanned after being pushed to a repository. If set to true,
images will be scanned after being pushed. If this parameter
is not specified, it will default to false and images will
not be scanned unless a scan is manually started with the
StartImageScan API.
type: boolean
required:
- scanOnPush
type: object
imageTagMutability:
description: The tag mutability setting for the repository. If
this parameter is omitted, the default setting of MUTABLE will
be used which will allow image tags to be overwritten. If IMMUTABLE
is specified, all image tags within the repository will be immutable
which will prevent them from being overwritten.
enum:
- MUTABLE
- IMMUTABLE
type: string
region:
description: Region is the region you'd like your Repository to
be created in.
type: string
tags:
description: Metadata tagging key value pairs
items:
description: Tag defines a tag
properties:
key:
description: Key is the name of the tag.
type: string
value:
description: Value is the value of the tag.
type: string
required:
- key
- value
type: object
type: array
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: A RepositoryStatus represents the observed state of a Elastic
Container Repository.
properties:
atProvider:
description: RepositoryObservation keeps the state for the external
resource
properties:
createdAt:
description: The date and time, in JavaScript date format, when
the repository was created.
format: date-time
type: string
registryId:
description: The AWS account ID associated with the registry that
contains the repository.
type: string
repositoryArn:
description: The Amazon Resource Name (ARN) that identifies the
repository. The ARN contains the arn:aws:ecr namespace, followed
by the region of the repository, AWS account ID of the repository
owner, repository namespace, and repository name. For example,
arn:aws:ecr:region:012345678910:repository/test.
type: string
repositoryName:
description: The name of the repository.
type: string
repositoryUri:
description: The URI for the repository. You can use this URI
for container image push and pull operations.
type: string
required:
- registryId
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: ID
type: string
- jsonPath: .status.atProvider.repositoryUri
name: URI
type: string
name: v1beta1
schema:
openAPIV3Schema:
description: A Repository is a managed resource that represents an Elastic
Container Repository
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A RepositorySpec defines the desired state of a Elastic Container
Repository.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: RepositoryParameters define the desired state of an AWS
Elastic Container Repository
properties:
forceDelete:
description: If a repository contains images, forces the deletion.
type: boolean
imageScanningConfiguration:
description: The image scanning configuration for the repository.
This determines whether images are scanned for known vulnerabilities
after being pushed to the repository.
properties:
scanOnPush:
description: The setting that determines whether images are
scanned after being pushed to a repository. If set to true,
images will be scanned after being pushed. If this parameter
is not specified, it will default to false and images will
not be scanned unless a scan is manually started with the
StartImageScan API.
type: boolean
required:
- scanOnPush
type: object
imageTagMutability:
description: The tag mutability setting for the repository. If
this parameter is omitted, the default setting of MUTABLE will
be used which will allow image tags to be overwritten. If IMMUTABLE
is specified, all image tags within the repository will be immutable
which will prevent them from being overwritten.
enum:
- MUTABLE
- IMMUTABLE
type: string
region:
description: Region is the region you'd like your Repository to
be created in.
type: string
tags:
description: Metadata tagging key value pairs
items:
description: Tag defines a tag
properties:
key:
description: Key is the name of the tag.
type: string
value:
description: Value is the value of the tag.
type: string
required:
- key
- value
type: object
type: array
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: A RepositoryStatus represents the observed state of a Elastic
Container Repository.
properties:
atProvider:
description: RepositoryObservation keeps the state for the external
resource
properties:
createdAt:
description: The date and time, in JavaScript date format, when
the repository was created.
format: date-time
type: string
registryId:
description: The AWS account ID associated with the registry that
contains the repository.
type: string
repositoryArn:
description: The Amazon Resource Name (ARN) that identifies the
repository. The ARN contains the arn:aws:ecr namespace, followed
by the region of the repository, AWS account ID of the repository
owner, repository namespace, and repository name. For example,
arn:aws:ecr:region:012345678910:repository/test.
type: string
repositoryName:
description: The name of the repository.
type: string
repositoryUri:
description: The URI for the repository. You can use this URI
for container image push and pull operations.
type: string
required:
- registryId
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: repositorypolicies.ecr.aws.crossplane.io
spec:
group: ecr.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: RepositoryPolicy
listKind: RepositoryPolicyList
plural: repositorypolicies
singular: repositorypolicy
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: ID
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: 'A RepositoryPolicy is a managed resource that represents an
Elastic Container Repository Policy Deprecated: Please use v1beta1 version
of this resource.'
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A RepositoryPolicySpec defines the desired state of a Elastic
Container Repository.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: RepositoryPolicyParameters define the desired state of
an AWS Elastic Container Repository
properties:
force:
description: If the policy you are attempting to set on a repository
policy would prevent you from setting another policy in the
future, you must force the SetRepositoryPolicy operation. This
is intended to prevent accidental repository lock outs.
type: boolean
policy:
description: Policy is a well defined type which can be parsed
into an JSON Repository Policy either policy or rawPolicy must
be specified in the policy
properties:
id:
description: ID is the policy's optional identifier
type: string
statements:
description: Statements is the list of statement this policy
applies either jsonStatements or statements must be specified
in the policy
items:
description: RepositoryPolicyStatement defines an individual
statement within the RepositoryPolicyBody
properties:
action:
description: Each element of the PolicyAction array
describes the specific action or actions that will
be allowed or denied with this PolicyStatement.
items:
type: string
type: array
condition:
description: Condition specifies where conditions for
policy are in effect. https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticcontainerregistry.html#amazonelasticcontainerregistry-policy-keys
items:
description: Condition represents a set of condition
pairs for a Repository policy
properties:
conditions:
description: Conditions represents each of the
key/value pairs for the operator key
items:
description: ConditionPair represents one condition
inside of the set of conditions for a Repository
policy
properties:
booleanValue:
description: ConditionBooleanValue is the
expected boolean value of the key from
the parent condition
type: boolean
dateValue:
description: ConditionDateValue is the expected
string value of the key from the parent
condition. The date value must be in ISO
8601 format. The time is always midnight
UTC.
format: date-time
type: string
key:
description: ConditionKey is the key condition
being applied to the parent condition
type: string
listValue:
description: ConditionListValue is the list
value of the key from the parent condition
items:
type: string
type: array
numericValue:
description: ConditionNumericValue is the
expected string value of the key from
the parent condition
format: int64
type: integer
stringValue:
description: ConditionStringValue is the
expected string value of the key from
the parent condition
type: string
required:
- key
type: object
type: array
operatorKey:
description: OperatorKey matches the condition
key and value in the policy against values in
the request context
type: string
required:
- conditions
- operatorKey
type: object
type: array
effect:
description: The effect is required and specifies whether
the statement results in an allow or an explicit deny.
Valid values for Effect are Allow and Deny.
enum:
- Allow
- Deny
type: string
notAction:
description: Each element of the NotPolicyAction array
will allow the property to match all but the listed
actions.
items:
type: string
type: array
notPrincipal:
description: Used with the Repository policy to specify
the users which are not included in this policy
properties:
allowAnon:
description: 'This flag indicates if the policy
should be made available to all anonymous users.
Principal: "*"'
type: boolean
awsPrincipals:
description: This list contains the all of the AWS
IAM users which are affected by the policy statement.
items:
description: AWSPrincipal wraps the potential
values a policy principal can take. Only one
of the values should be set.
properties:
awsAccountId:
description: AWSAccountID identifies an AWS
account as the principal
type: string
iamRoleArn:
description: IAMRoleARN contains the ARN of
an IAM role
type: string
iamRoleArnRef:
description: IAMRoleARNRef contains the reference
to an IAMRole
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
iamRoleArnSelector:
description: IAMRoleARNSelector queries for
an IAM role to retrieve its userName
properties:
matchControllerRef:
description: MatchControllerRef ensures
an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object
with matching labels is selected.
type: object
type: object
iamUserArn:
description: UserARN contains the ARN of an
IAM user
type: string
iamUserArnRef:
description: UserARNRef contains the reference
to an User
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
iamUserArnSelector:
description: UserARNSelector queries for an
User to retrieve its userName
properties:
matchControllerRef:
description: MatchControllerRef ensures
an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object
with matching labels is selected.
type: object
type: object
type: object
type: array
raw:
description: Raw string input can be used for *
type: string
service:
description: Service define the services which can
have access to this bucket
items:
type: string
type: array
type: object
notResource:
description: This will explicitly match all resource
paths except the ones specified in this array
items:
type: string
type: array
principal:
description: Used with the Repository policy to specify
the principal that is allowed or denied access to
a resource.
properties:
allowAnon:
description: 'This flag indicates if the policy
should be made available to all anonymous users.
Principal: "*"'
type: boolean
awsPrincipals:
description: This list contains the all of the AWS
IAM users which are affected by the policy statement.
items:
description: AWSPrincipal wraps the potential
values a policy principal can take. Only one
of the values should be set.
properties:
awsAccountId:
description: AWSAccountID identifies an AWS
account as the principal
type: string
iamRoleArn:
description: IAMRoleARN contains the ARN of
an IAM role
type: string
iamRoleArnRef:
description: IAMRoleARNRef contains the reference
to an IAMRole
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
iamRoleArnSelector:
description: IAMRoleARNSelector queries for
an IAM role to retrieve its userName
properties:
matchControllerRef:
description: MatchControllerRef ensures
an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object
with matching labels is selected.
type: object
type: object
iamUserArn:
description: UserARN contains the ARN of an
IAM user
type: string
iamUserArnRef:
description: UserARNRef contains the reference
to an User
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
iamUserArnSelector:
description: UserARNSelector queries for an
User to retrieve its userName
properties:
matchControllerRef:
description: MatchControllerRef ensures
an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object
with matching labels is selected.
type: object
type: object
type: object
type: array
raw:
description: Raw string input can be used for *
type: string
service:
description: Service define the services which can
have access to this bucket
items:
type: string
type: array
type: object
resource:
description: The paths on which this resource will apply
items:
type: string
type: array
sid:
description: Optional identifier for this statement,
must be unique within the policy if provided.
type: string
required:
- effect
type: object
type: array
version:
default: "2012-10-17"
description: Version is the current IAM policy version
enum:
- "2012-10-17"
- "2008-10-17"
type: string
required:
- version
type: object
rawPolicy:
description: Policy stringified version of JSON repository policy
either policy or rawPolicy must be specified in the policy
type: string
region:
description: Region is the region you'd like your RepositoryPolicy
to be created in.
type: string
registryId:
description: The AWS account ID associated with the registry that
contains the repository. If you do not specify a registry, the
default registry is assumed.
type: string
repositoryName:
description: "The name of the repository to receive the policy.
\n One of RepositoryName, RepositoryNameRef, or RepositoryNameSelector
is required."
type: string
repositoryNameRef:
description: A referencer to retrieve the name of a repository
One of RepositoryName, RepositoryNameRef, or RepositoryNameSelector
is required.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
repositoryNameSelector:
description: A selector to select a referencer to retrieve the
name of a repository One of RepositoryName, RepositoryNameRef,
or RepositoryNameSelector is required.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: A RepositoryPolicyStatus represents the observed state of
a repository policy
properties:
atProvider:
description: RepositoryPolicyObservation keeps the state for the external
resource
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: ID
type: string
name: v1beta1
schema:
openAPIV3Schema:
description: A RepositoryPolicy is a managed resource that represents an Elastic
Container Repository Policy
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A RepositoryPolicySpec defines the desired state of a Elastic
Container Repository.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: RepositoryPolicyParameters define the desired state of
an AWS Elastic Container Repository
properties:
force:
description: If the policy you are attempting to set on a repository
policy would prevent you from setting another policy in the
future, you must force the SetRepositoryPolicy operation. This
is intended to prevent accidental repository lock outs.
type: boolean
policy:
description: Policy is a well defined type which can be parsed
into an JSON Repository Policy either policy or rawPolicy must
be specified in the policy
properties:
id:
description: ID is the policy's optional identifier
type: string
statements:
description: Statements is the list of statement this policy
applies either jsonStatements or statements must be specified
in the policy
items:
description: RepositoryPolicyStatement defines an individual
statement within the RepositoryPolicyBody
properties:
action:
description: Each element of the PolicyAction array
describes the specific action or actions that will
be allowed or denied with this PolicyStatement.
items:
type: string
type: array
condition:
description: Condition specifies where conditions for
policy are in effect. https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonelasticcontainerregistry.html#amazonelasticcontainerregistry-policy-keys
items:
description: Condition represents a set of condition
pairs for a Repository policy
properties:
conditions:
description: Conditions represents each of the
key/value pairs for the operator key
items:
description: ConditionPair represents one condition
inside of the set of conditions for a Repository
policy
properties:
booleanValue:
description: ConditionBooleanValue is the
expected boolean value of the key from
the parent condition
type: boolean
dateValue:
description: ConditionDateValue is the expected
string value of the key from the parent
condition. The date value must be in ISO
8601 format. The time is always midnight
UTC.
format: date-time
type: string
key:
description: ConditionKey is the key condition
being applied to the parent condition
type: string
listValue:
description: ConditionListValue is the list
value of the key from the parent condition
items:
type: string
type: array
numericValue:
description: ConditionNumericValue is the
expected string value of the key from
the parent condition
format: int64
type: integer
stringValue:
description: ConditionStringValue is the
expected string value of the key from
the parent condition
type: string
required:
- key
type: object
type: array
operatorKey:
description: OperatorKey matches the condition
key and value in the policy against values in
the request context
type: string
required:
- conditions
- operatorKey
type: object
type: array
effect:
description: The effect is required and specifies whether
the statement results in an allow or an explicit deny.
Valid values for Effect are Allow and Deny.
enum:
- Allow
- Deny
type: string
notAction:
description: Each element of the NotPolicyAction array
will allow the property to match all but the listed
actions.
items:
type: string
type: array
notPrincipal:
description: Used with the Repository policy to specify
the users which are not included in this policy
properties:
allowAnon:
description: 'This flag indicates if the policy
should be made available to all anonymous users.
Principal: "*"'
type: boolean
awsPrincipals:
description: This list contains the all of the AWS
IAM users which are affected by the policy statement.
items:
description: AWSPrincipal wraps the potential
values a policy principal can take. Only one
of the values should be set.
properties:
awsAccountId:
description: AWSAccountID identifies an AWS
account as the principal
type: string
iamRoleArn:
description: IAMRoleARN contains the ARN of
an IAM role
type: string
iamRoleArnRef:
description: IAMRoleARNRef contains the reference
to an IAMRole
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
iamRoleArnSelector:
description: IAMRoleARNSelector queries for
an IAM role to retrieve its userName
properties:
matchControllerRef:
description: MatchControllerRef ensures
an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object
with matching labels is selected.
type: object
type: object
iamUserArn:
description: UserARN contains the ARN of an
IAM user
type: string
iamUserArnRef:
description: UserARNRef contains the reference
to an User
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
iamUserArnSelector:
description: UserARNSelector queries for an
User to retrieve its userName
properties:
matchControllerRef:
description: MatchControllerRef ensures
an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object
with matching labels is selected.
type: object
type: object
type: object
type: array
raw:
description: Raw string input can be used for *
type: string
service:
description: Service define the services which can
have access to this bucket
items:
type: string
type: array
type: object
notResource:
description: This will explicitly match all resource
paths except the ones specified in this array
items:
type: string
type: array
principal:
description: Used with the Repository policy to specify
the principal that is allowed or denied access to
a resource.
properties:
allowAnon:
description: 'This flag indicates if the policy
should be made available to all anonymous users.
Principal: "*"'
type: boolean
awsPrincipals:
description: This list contains the all of the AWS
IAM users which are affected by the policy statement.
items:
description: AWSPrincipal wraps the potential
values a policy principal can take. Only one
of the values should be set.
properties:
awsAccountId:
description: AWSAccountID identifies an AWS
account as the principal
type: string
iamRoleArn:
description: IAMRoleARN contains the ARN of
an IAM role
type: string
iamRoleArnRef:
description: IAMRoleARNRef contains the reference
to an IAMRole
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
iamRoleArnSelector:
description: IAMRoleARNSelector queries for
an IAM role to retrieve its userName
properties:
matchControllerRef:
description: MatchControllerRef ensures
an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object
with matching labels is selected.
type: object
type: object
iamUserArn:
description: UserARN contains the ARN of an
IAM user
type: string
iamUserArnRef:
description: UserARNRef contains the reference
to an User
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
iamUserArnSelector:
description: UserARNSelector queries for an
User to retrieve its userName
properties:
matchControllerRef:
description: MatchControllerRef ensures
an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object
with matching labels is selected.
type: object
type: object
type: object
type: array
raw:
description: Raw string input can be used for *
type: string
service:
description: Service define the services which can
have access to this bucket
items:
type: string
type: array
type: object
resource:
description: The paths on which this resource will apply
items:
type: string
type: array
sid:
description: Optional identifier for this statement,
must be unique within the policy if provided.
type: string
required:
- effect
type: object
type: array
version:
default: "2012-10-17"
description: Version is the current IAM policy version
enum:
- "2012-10-17"
- "2008-10-17"
type: string
required:
- version
type: object
rawPolicy:
description: Policy stringified version of JSON repository policy
either policy or rawPolicy must be specified in the policy
type: string
region:
description: Region is the region you'd like your RepositoryPolicy
to be created in.
type: string
registryId:
description: The AWS account ID associated with the registry that
contains the repository. If you do not specify a registry, the
default registry is assumed.
type: string
repositoryName:
description: "The name of the repository to receive the policy.
\n One of RepositoryName, RepositoryNameRef, or RepositoryNameSelector
is required."
type: string
repositoryNameRef:
description: A referencer to retrieve the name of a repository
One of RepositoryName, RepositoryNameRef, or RepositoryNameSelector
is required.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
repositoryNameSelector:
description: A selector to select a referencer to retrieve the
name of a repository One of RepositoryName, RepositoryNameRef,
or RepositoryNameSelector is required.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: A RepositoryPolicyStatus represents the observed state of
a repository policy
properties:
atProvider:
description: RepositoryPolicyObservation keeps the state for the external
resource
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: filesystems.efs.aws.crossplane.io
spec:
group: efs.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: FileSystem
listKind: FileSystemList
plural: filesystems
singular: filesystem
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: FileSystem is the Schema for the FileSystems API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: FileSystemSpec defines the desired state of FileSystem
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: FileSystemParameters defines the desired state of FileSystem
properties:
encrypted:
description: A Boolean value that, if true, creates an encrypted
file system. When creating an encrypted file system, you have
the option of specifying CreateFileSystemRequest$KmsKeyId for
an existing AWS Key Management Service (AWS KMS) customer master
key (CMK). If you don't specify a CMK, then the default CMK
for Amazon EFS, /aws/elasticfilesystem, is used to protect the
encrypted file system.
type: boolean
kmsKeyID:
description: "The ID of the AWS KMS CMK to be used to protect
the encrypted file system. This parameter is only required if
you want to use a nondefault CMK. If this parameter is not specified,
the default CMK for Amazon EFS is used. This ID can be in one
of the following formats: \n * Key ID - A unique identifier
of the key, for example 1234abcd-12ab-34cd-56ef-1234567890ab.
\n * ARN - An Amazon Resource Name (ARN) for the key, for
example arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab.
\n * Key alias - A previously created display name for a
key, for example alias/projectKey1. \n * Key alias ARN
- An ARN for a key alias, for example arn:aws:kms:us-west-2:444455556666:alias/projectKey1.
\n If KmsKeyId is specified, the CreateFileSystemRequest$Encrypted
parameter must be set to true. \n EFS accepts only symmetric
CMKs. You cannot use asymmetric CMKs with EFS file systems."
type: string
kmsKeyIdRef:
description: KMSKeyIDRef is a reference to an Key used to set
the KMSKeyID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
kmsKeyIdSelector:
description: KMSKeyIDSelector selects references to Key used to
set the KMSKeyID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
performanceMode:
description: The performance mode of the file system. We recommend
generalPurpose performance mode for most file systems. File
systems using the maxIO performance mode can scale to higher
levels of aggregate throughput and operations per second with
a tradeoff of slightly higher latencies for most file operations.
The performance mode can't be changed after the file system
has been created.
type: string
provisionedThroughputInMibps:
description: The throughput, measured in MiB/s, that you want
to provision for a file system that you're creating. Valid values
are 1-1024. Required if ThroughputMode is set to provisioned.
The upper limit for throughput is 1024 MiB/s. You can get this
limit increased by contacting AWS Support. For more information,
see Amazon EFS Limits That You Can Increase (https://docs.aws.amazon.com/efs/latest/ug/limits.html#soft-limits)
in the Amazon EFS User Guide.
format: int64
type: integer
region:
description: Region is which region the FileSystem will be created.
type: string
tags:
description: A value that specifies to create one or more tags
associated with the file system. Each tag is a user-defined
key-value pair. Name your file system on creation by including
a "Key":"Name","Value":"{value}" key-value pair.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
throughputMode:
description: 'The throughput mode for the file system to be created.
There are two throughput modes to choose from for your file
system: bursting and provisioned. If you set ThroughputMode
to provisioned, you must also set a value for ProvisionedThroughPutInMibps.
You can decrease your file system''s throughput in Provisioned
Throughput mode or change between the throughput modes as long
as it’s been more than 24 hours since the last decrease or throughput
mode change. For more, see Specifying Throughput with Provisioned
Mode (https://docs.aws.amazon.com/efs/latest/ug/performance.html#provisioned-throughput)
in the Amazon EFS User Guide.'
type: string
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: FileSystemStatus defines the observed state of FileSystem.
properties:
atProvider:
description: FileSystemObservation defines the observed state of FileSystem
properties:
creationTime:
description: The time that the file system was created, in seconds
(since 1970-01-01T00:00:00Z).
format: date-time
type: string
creationToken:
description: The opaque string specified in the request.
type: string
fileSystemARN:
description: 'The Amazon Resource Name (ARN) for the EFS file
system, in the format arn:aws:elasticfilesystem:region:account-id:file-system/file-system-id
. Example with sample data: arn:aws:elasticfilesystem:us-west-2:1111333322228888:file-system/fs-01234567'
type: string
fileSystemID:
description: The ID of the file system, assigned by Amazon EFS.
type: string
lifeCycleState:
description: The lifecycle phase of the file system.
type: string
name:
description: You can add tags to a file system, including a Name
tag. For more information, see CreateFileSystem. If the file
system has a Name tag, Amazon EFS returns the value in this
field.
type: string
numberOfMountTargets:
description: The current number of mount targets that the file
system has. For more information, see CreateMountTarget.
format: int64
type: integer
ownerID:
description: The AWS account that created the file system. If
the file system was created by an IAM user, the parent account
to which the user belongs is the owner.
type: string
sizeInBytes:
description: The latest known metered size (in bytes) of data
stored in the file system, in its Value field, and the time
at which that size was determined in its Timestamp field. The
Timestamp value is the integer number of seconds since 1970-01-01T00:00:00Z.
The SizeInBytes value doesn't represent the size of a consistent
snapshot of the file system, but it is eventually consistent
when there are no writes to the file system. That is, SizeInBytes
represents actual size only if the file system is not modified
for a period longer than a couple of hours. Otherwise, the value
is not the exact size that the file system was at any point
in time.
properties:
timestamp:
format: date-time
type: string
value:
format: int64
type: integer
valueInIA:
format: int64
type: integer
valueInStandard:
format: int64
type: integer
type: object
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: mounttargets.efs.aws.crossplane.io
spec:
group: efs.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: MountTarget
listKind: MountTargetList
plural: mounttargets
singular: mounttarget
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: MountTarget is the Schema for the MountTargets API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: MountTargetSpec defines the desired state of MountTarget
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: MountTargetParameters defines the desired state of MountTarget
properties:
fileSystemID:
description: The ID of the file system for which to create the
mount target.
type: string
fileSystemIDRef:
description: FileSystemIDRef are references to Filesystem used
to set the FileSystemID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
fileSystemIDSelector:
description: FileSystemIDSelector selects references to Filesystem
used to set the FileSystemID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
ipAddress:
description: Valid IPv4 address within the address range of the
specified subnet.
type: string
region:
description: Region is which region the MountTarget will be created.
type: string
securityGroups:
description: Up to five VPC security group IDs, of the form sg-xxxxxxxx.
These must be for the same VPC as subnet specified.
items:
type: string
type: array
securityGroupsRefs:
description: SecurityGroupIDRefs are references to SecurityGroups
used to set the SecurityGroupIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
securityGroupsSelector:
description: SecurityGroupIDSelector selects references to SecurityGroups
used to set the SecurityGroupIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
subnetID:
description: The ID of the subnet to add the mount target in.
type: string
subnetIDRef:
description: SubnetIDRef are references to Subnet used to set
the SubnetID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
subnetIDSelector:
description: SubnetIDSelector selects references to Subnet used
to set the SubnetID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: MountTargetStatus defines the observed state of MountTarget.
properties:
atProvider:
description: MountTargetObservation defines the observed state of
MountTarget
properties:
availabilityZoneID:
description: The unique and consistent identifier of the Availability
Zone (AZ) that the mount target resides in. For example, use1-az1
is an AZ ID for the us-east-1 Region and it has the same location
in every AWS account.
type: string
availabilityZoneName:
description: The name of the Availability Zone (AZ) that the mount
target resides in. AZs are independently mapped to names for
each AWS account. For example, the Availability Zone us-east-1a
for your AWS account might not be the same location as us-east-1a
for another AWS account.
type: string
fileSystemID:
description: The ID of the file system for which the mount target
is intended.
type: string
lifeCycleState:
description: Lifecycle state of the mount target.
type: string
mountTargetID:
description: System-assigned mount target ID.
type: string
networkInterfaceID:
description: The ID of the network interface that Amazon EFS created
when it created the mount target.
type: string
ownerID:
description: AWS account ID that owns the resource.
type: string
subnetID:
description: The ID of the mount target's subnet.
type: string
vpcID:
description: The Virtual Private Cloud (VPC) ID that the mount
target is configured in.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: addons.eks.aws.crossplane.io
spec:
group: eks.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Addon
listKind: AddonList
plural: addons
singular: addon
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Addon is the Schema for the Addons API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: AddonSpec defines the desired state of Addon
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: AddonParameters defines the desired state of Addon
properties:
addonName:
description: The name of the add-on. The name must match one of
the names returned by ListAddons (https://docs.aws.amazon.com/eks/latest/APIReference/API_ListAddons.html).
type: string
addonVersion:
description: The version of the add-on. The version must match
one of the versions returned by DescribeAddonVersions (https://docs.aws.amazon.com/eks/latest/APIReference/API_DescribeAddonVersions.html).
type: string
clusterName:
description: The name of the cluster to create the add-on for.
type: string
clusterNameRef:
description: ClusterNameRef is a reference to a Cluster used to
set the ClusterName.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
clusterNameSelector:
description: ClusterNameSelector selects references to a Cluster
used to set the ClusterName.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
region:
description: Region is which region the Addon will be created.
type: string
resolveConflicts:
description: How to resolve parameter value conflicts when migrating
an existing add-on to an Amazon EKS add-on.
type: string
serviceAccountRoleARN:
description: "The Amazon Resource Name (ARN) of an existing IAM
role to bind to the add-on's service account. The role must
be assigned the IAM permissions required by the add-on. If you
don't specify an existing IAM role, then the add-on uses the
permissions assigned to the node IAM role. For more information,
see Amazon EKS node IAM role (https://docs.aws.amazon.com/eks/latest/userguide/create-node-role.html)
in the Amazon EKS User Guide. \n To specify an existing IAM
role, you must have an IAM OpenID Connect (OIDC) provider created
for your cluster. For more information, see Enabling IAM roles
for service accounts on your cluster (https://docs.aws.amazon.com/eks/latest/userguide/enable-iam-roles-for-service-accounts.html)
in the Amazon EKS User Guide."
type: string
tags:
additionalProperties:
type: string
description: The metadata to apply to the cluster to assist with
categorization and organization. Each tag consists of a key
and an optional value, both of which you define.
type: object
required:
- addonName
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: AddonStatus defines the observed state of Addon.
properties:
atProvider:
description: AddonObservation defines the observed state of Addon
properties:
addonARN:
description: The Amazon Resource Name (ARN) of the add-on.
type: string
clusterName:
description: The name of the cluster.
type: string
createdAt:
description: The date and time that the add-on was created.
format: date-time
type: string
health:
description: An object that represents the health of the add-on.
properties:
issues:
items:
properties:
code:
type: string
message:
type: string
resourceIDs:
items:
type: string
type: array
type: object
type: array
type: object
modifiedAt:
description: The date and time that the add-on was last modified.
format: date-time
type: string
status:
description: The status of the add-on.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: identityproviderconfigs.eks.aws.crossplane.io
spec:
group: eks.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: IdentityProviderConfig
listKind: IdentityProviderConfigList
plural: identityproviderconfigs
singular: identityproviderconfig
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .spec.forProvider.clusterName
name: CLUSTER
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: An IdentityProviderConfig is a managed resource that represents
an AWS Elastic Kubernetes Service IdentityProviderConfig.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A IdentityProviderConfigSpec defines the desired state of
an EKS identity provider.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: IdentityProviderConfigParameters define the desired state
of an AWS Elastic Kubernetes Service Identity Provider.
properties:
clusterName:
description: The name of the cluster to associate the identity
provider with.
type: string
clusterNameRef:
description: ClusterNameRef is a reference to a Cluster used to
set the ClusterName.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
clusterNameSelector:
description: ClusterNameSelector selects references to a Cluster
used to set the ClusterName.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
oidc:
description: An object that represents an OpenID Connect (OIDC)
identity provider configuration.
properties:
clientId:
description: This is also known as audience. The ID for the
client application that makes authentication requests to
the OpenID identity provider.
type: string
groupsClaim:
description: The JWT claim that the provider uses to return
your groups.
type: string
groupsPrefix:
description: 'The prefix that is prepended to group claims
to prevent clashes with existing names (such as system:
groups). For example, the value oidc: will create group
names like oidc:engineering and oidc:infra.'
type: string
issuerUrl:
description: The URL of the OpenID identity provider that
allows the API server to discover public signing keys for
verifying tokens. The URL must begin with https:// and should
correspond to the iss claim in the provider's OIDC ID tokens.
Per the OIDC standard, path components are allowed but query
parameters are not. Typically the URL consists of only a
hostname, like https://server.example.org or https://example.com.
This URL should point to the level below .well-known/openid-configuration
and must be publicly accessible over the internet.
type: string
requiredClaims:
additionalProperties:
type: string
description: The key value pairs that describe required claims
in the identity token. If set, each claim is verified to
be present in the token with a matching value. For the maximum
number of claims that you can require, see Amazon EKS service
quotas (https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html)
in the Amazon EKS User Guide.
type: object
usernameClaim:
description: The JSON Web Token (JWT) claim to use as the
username. The default is sub, which is expected to be a
unique identifier of the end user. You can choose other
claims, such as email or name, depending on the OpenID identity
provider. Claims other than email are prefixed with the
issuer URL to prevent naming clashes with other plug-ins.
type: string
usernamePrefix:
description: The prefix that is prepended to username claims
to prevent clashes with existing names. If you do not provide
this field, and username is a value other than email, the
prefix defaults to issuerurl#. You can use the value - to
disable all prefixing.
type: string
required:
- clientId
- issuerUrl
type: object
region:
description: Region is the region you'd like the identity provider
to be created in.
type: string
tags:
additionalProperties:
type: string
description: The metadata to apply to the configuration to assist
with categorization and organization. Each tag consists of a
key and an optional value, both of which you define.
type: object
required:
- oidc
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An IdentityProviderConfigStatus represents the observed state
of an EKS associated identity provider.
properties:
atProvider:
description: IdentityProviderConfigObservation is the observed state
of an identity provider.
properties:
identityProviderConfigArn:
type: string
status:
description: The current status of the managed identity provider
config.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: nodegroups.eks.aws.crossplane.io
spec:
group: eks.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: NodeGroup
listKind: NodeGroupList
plural: nodegroups
singular: nodegroup
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .spec.forProvider.clusterName
name: CLUSTER
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: A NodeGroup is a managed resource that represents an AWS Elastic
Kubernetes Service NodeGroup.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A NodeGroupSpec defines the desired state of an EKS NodeGroup.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: NodeGroupParameters define the desired state of an AWS
Elastic Kubernetes Service NodeGroup.
properties:
amiType:
description: The AMI type for your node group. GPU instance can
use AL2_x86_64_GPU AMI type, which uses the Amazon EKS-optimized
Linux AMI with GPU support. Non-GPU instances can use AL2_x86_64
(default) AMI type, which uses the Amazon EKS-optimized Linux
AMI or, BOTTLEROCKET_ARM_64 AMI type, which uses the Amazon
Bottlerocket AMI for ARM instances, or BOTTLEROCKET_x86_64 AMI
type, which uses the Amazon Bottlerocket AMI fir x86_64 instances.
type: string
capacityType:
description: CapacityType for your node group.
enum:
- ON_DEMAND
- SPOT
type: string
clusterName:
description: "The name of the cluster to create the node group
in. \n ClusterName is a required field"
type: string
clusterNameRef:
description: ClusterNameRef is a reference to a Cluster used to
set the ClusterName.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
clusterNameSelector:
description: ClusterNameSelector selects references to a Cluster
used to set the ClusterName.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
diskSize:
description: The root device disk size (in GiB) for your node
group instances. The default disk size is 20 GiB.
format: int32
type: integer
instanceTypes:
description: The instance type to use for your node group. Currently,
you can specify a single instance type for a node group. The
default value for this parameter is t3.medium. If you choose
a GPU instance type, be sure to specify the AL2_x86_64_GPU with
the amiType parameter.
items:
type: string
type: array
labels:
additionalProperties:
type: string
description: The Kubernetes labels to be applied to the nodes
in the node group when they are created.
type: object
launchTemplate:
description: An object representing a node group's launch template
specification. If specified, then do not specify instanceTypes,
diskSize, or remoteAccess and make sure that the launch template
meets the requirements in launchTemplateSpecification.
properties:
id:
description: The ID of the launch template.
type: string
name:
description: The name of the launch template.
type: string
nameRef:
description: NameRef is a reference to a LaunchTemplate used
to set the Name.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
nameSelector:
description: NameSelector selects references to a LaunchTemplate
used to set the Name.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
version:
description: The version of the launch template to use. If
no version is specified, then the template's default version
is used.
type: string
versionRef:
description: VersionRef is a reference to a LaunchTemplateVersion
used to set the Version.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
versionSelector:
description: VersionSelector selects references to a LaunchTemplateVersion
used to set the Version.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
type: object
nodeRole:
description: "The Amazon Resource Name (ARN) of the IAM role to
associate with your node group. The Amazon EKS worker node kubelet
daemon makes calls to AWS APIs on your behalf. Worker nodes
receive permissions for these API calls through an IAM instance
profile and associated policies. Before you can launch worker
nodes and register them into a cluster, you must create an IAM
role for those worker nodes to use when they are launched. For
more information, see Amazon EKS Worker Node IAM Role (https://docs.aws.amazon.com/eks/latest/userguide/worker_node_IAM_role.html)
in the Amazon EKS User Guide . \n NodeRole is a required field"
type: string
nodeRoleRef:
description: NodeRoleRef is a reference to a Cluster used to set
the NodeRole.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
nodeRoleSelector:
description: NodeRoleSelector selects references to a Cluster
used to set the NodeRole.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
region:
description: Region is the region you'd like the NodeGroup to
be created in.
type: string
releaseVersion:
description: The AMI version of the Amazon EKS-optimized AMI to
use with your node group. By default, the latest available AMI
version for the node group's current Kubernetes version is used.
For more information, see Amazon EKS-Optimized Linux AMI Versions
(https://docs.aws.amazon.com/eks/latest/userguide/eks-linux-ami-versions.html)
in the Amazon EKS User Guide.
type: string
remoteAccess:
description: The remote access (SSH) configuration to use with
your node group.
properties:
ec2SSHKey:
description: The Amazon EC2 SSH key that provides access for
SSH communication with the worker nodes in the managed node
group. For more information, see Amazon EC2 Key Pairs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html)
in the Amazon Elastic Compute Cloud User Guide for Linux
Instances.
type: string
sourceSecurityGroupRefs:
description: SourceSecurityGroupRefs are references to SecurityGroups
used to set the SourceSecurityGroups.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
sourceSecurityGroupSelector:
description: SourceSecurityGroupSelector selects references
to SecurityGroups used to set the SourceSecurityGroups.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
sourceSecurityGroups:
description: The security groups that are allowed SSH access
(port 22) to the worker nodes. If you specify an Amazon
EC2 SSH key but do not specify a source security group when
you create a managed node group, then port 22 on the worker
nodes is opened to the internet (0.0.0.0/0). For more information,
see Security Groups for Your VPC (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html)
in the Amazon Virtual Private Cloud User Guide.
items:
type: string
type: array
type: object
scalingConfig:
description: The scaling configuration details for the Auto Scaling
group that is created for your node group.
properties:
desiredSize:
description: The current number of worker nodes that the managed
node group should maintain. This value should be left unset
if another controller, such as cluster-autoscaler, is expected
to manage the desired size of the node group. If not set,
the initial desired size will be the configured minimum
size of the node group.
format: int32
type: integer
maxSize:
description: The maximum number of worker nodes that the managed
node group can scale out to. Managed node groups can support
up to 100 nodes by default.
format: int32
type: integer
minSize:
description: The minimum number of worker nodes that the managed
node group can scale in to. This number must be greater
than zero.
format: int32
type: integer
type: object
subnetRefs:
description: SubnetRefs are references to Subnets used to set
the Subnets.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
subnetSelector:
description: SubnetSelector selects references to Subnets used
to set the Subnets.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
subnets:
description: "The subnets to use for the Auto Scaling group that
is created for your node group. These subnets must have the
tag key kubernetes.io/cluster/CLUSTER_NAME with a value of shared,
where CLUSTER_NAME is replaced with the name of your cluster.
\n Subnets is a required field"
items:
type: string
type: array
tags:
additionalProperties:
type: string
description: The metadata to apply to the node group to assist
with categorization and organization. Each tag consists of a
key and an optional value, both of which you define. Node group
tags do not propagate to any other resources associated with
the node group, such as the Amazon EC2 instances or subnets.
type: object
taints:
description: The Kubernetes taints to be applied to the nodes
in the node group.
items:
description: Taint is a property that allows a node to repel
a set of pods.
properties:
effect:
description: The effect of the taint.
enum:
- NO_SCHEDULE
- NO_EXECUTE
- PREFER_NO_SCHEDULE
type: string
key:
description: The key of the taint.
type: string
value:
description: The value of the taint.
type: string
required:
- effect
type: object
type: array
version:
description: The Kubernetes version to use for your managed nodes.
By default, the Kubernetes version of the cluster is used, and
this is the only accepted specified value.
type: string
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: A NodeGroupStatus represents the observed state of an EKS
NodeGroup.
properties:
atProvider:
description: NodeGroupObservation is the observed state of a NodeGroup.
properties:
createdAt:
description: The Unix epoch timestamp in seconds for when the
managed node group was created.
format: date-time
type: string
modifiedAt:
description: The Unix epoch timestamp in seconds for when the
managed node group was last modified.
format: date-time
type: string
nodeGroupArn:
description: The Amazon Resource Name (ARN) associated with the
managed node group.
type: string
nodeGroupHealth:
description: The health status of the node group. If there are
issues with your node group's health, they are listed here.
properties:
issues:
description: Any issues that are associated with the node
group.
items:
description: Issue is an issue with a NodeGroup.
properties:
code:
description: "A brief description of the error. \n *
AutoScalingGroupNotFound: We couldn't find the Auto
Scaling group associated with the managed node
group. You may be able to recreate an Auto Scaling
\ group with the same settings to recover. \n *
Ec2SecurityGroupNotFound: We couldn't find the cluster
security group for the cluster. You must recreate
your cluster. \n * Ec2SecurityGroupDeletionFailure:
We could not delete the remote access security
group for your managed node group. Remove any dependencies
from the security group. \n * Ec2LaunchTemplateNotFound:
We couldn't find the Amazon EC2 launch template for
your managed node group. You may be able to recreate
a launch template with the same settings to recover.
\n * Ec2LaunchTemplateVersionMismatch: The Amazon
EC2 launch template version for your managed node
group does not match the version that Amazon EKS created.
You may be able to revert to the version that Amazon
EKS created to recover. \n * IamInstanceProfileNotFound:
We couldn't find the IAM instance profile for your
managed node group. You may be able to recreate an
instance profile with the same settings to recover.
\n * IamNodeRoleNotFound: We couldn't find the
IAM role for your managed node group. You may be
able to recreate an IAM role with the same settings
\ to recover. \n * AsgInstanceLaunchFailures:
Your Auto Scaling group is experiencing failures while
attempting to launch instances. \n * NodeCreationFailure:
Your launched instances are unable to register with
your Amazon EKS cluster. Common causes of this failure
are insufficient worker node IAM role (https://docs.aws.amazon.com/eks/latest/userguide/worker_node_IAM_role.html)
\ permissions or lack of outbound internet access
for the nodes. \n * InstanceLimitExceeded: Your
AWS account is unable to launch any more instances
of the specified instance type. You may be able to
request an Amazon EC2 instance limit increase to
recover. \n * InsufficientFreeAddresses: One or
more of the subnets associated with your managed
node group does not have enough available IP addresses
for new nodes. \n * AccessDenied: Amazon EKS
or one or more of your managed nodes is unable to
communicate with your cluster API server. \n *
InternalFailure: These errors are usually caused by
an Amazon EKS server-side issue."
type: string
message:
description: The error message associated with the issue.
type: string
resourceIds:
description: The AWS resources that are afflicted by
this issue.
items:
type: string
type: array
type: object
type: array
type: object
resources:
description: The resources associated with the node group, such
as Auto Scaling groups and security groups for remote access.
properties:
autoScalingGroup:
description: The Auto Scaling groups associated with the node
group.
items:
description: AutoScalingGroup is an autoscaling group associated
with a NodeGroup.
properties:
name:
description: The name of the Auto Scaling group associated
with an Amazon EKS managed node group.
type: string
type: object
type: array
remoteAccessSecurityGroup:
description: The remote access security group associated with
the node group. This security group controls SSH access
to the worker nodes.
type: string
type: object
scalingConfig:
description: The scaling configuration details for the Auto Scaling
group that is created for your node group.
properties:
desiredSize:
description: The current number of worker nodes for the managed
node group.
format: int32
type: integer
type: object
status:
description: The current status of the managed node group.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: clusters.eks.aws.crossplane.io
spec:
group: eks.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Cluster
listKind: ClusterList
plural: clusters
singular: cluster
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: A Cluster is a managed resource that represents an AWS Elastic
Kubernetes Service cluster.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A ClusterSpec defines the desired state of an EKS Cluster.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: ClusterParameters define the desired state of an AWS
Elastic Kubernetes Service cluster.
properties:
encryptionConfig:
description: The encryption configuration for the cluster.
items:
description: EncryptionConfig is the encryption configuration
for a cluster.
properties:
provider:
description: AWS Key Management Service (AWS KMS) customer
master key (CMK). Either the ARN or the alias can be used.
properties:
keyArn:
description: Amazon Resource Name (ARN) or alias of
the customer master key (CMK). The CMK must be symmetric,
created in the same region as the cluster, and if
the CMK was created in a different account, the user
must have access to the CMK. For more information,
see Allowing Users in Other Accounts to Use a CMK
(https://docs.aws.amazon.com/kms/latest/developerguide/key-policy-modifying-external-accounts.html)
in the AWS Key Management Service Developer Guide.
type: string
required:
- keyArn
type: object
resources:
description: Specifies the resources to be encrypted. The
only supported value is "secrets".
items:
type: string
type: array
required:
- provider
- resources
type: object
type: array
logging:
description: "Enable or disable exporting the Kubernetes control
plane logs for your cluster to CloudWatch Logs. By default,
cluster control plane logs aren't exported to CloudWatch Logs.
For more information, see Amazon EKS Cluster Control Plane Logs
(https://docs.aws.amazon.com/eks/latest/userguide/control-plane-logs.html)
in the Amazon EKS User Guide . \n CloudWatch Logs ingestion,
archive storage, and data scanning rates apply to exported control
plane logs. For more information, see Amazon CloudWatch Pricing
(http://aws.amazon.com/cloudwatch/pricing/)."
properties:
clusterLogging:
description: The cluster control plane logging configuration
for your cluster.
items:
description: LogSetup specifies the logging types that are
enabled.
properties:
enabled:
description: If a log type is enabled, that log type
exports its control plane logs to CloudWatch Logs.
If a log type isn't enabled, that log type doesn't
export its control plane logs. Each individual log
type can be enabled or disabled independently.
type: boolean
types:
description: The available cluster control plane log
types.
items:
description: LogType is a type of logging.
type: string
type: array
type: object
type: array
required:
- clusterLogging
type: object
region:
description: Region is the region you'd like your Cluster to be
created in.
type: string
resourcesVpcConfig:
description: "The VPC configuration used by the cluster control
plane. Amazon EKS VPC resources have specific requirements to
work properly with Kubernetes. For more information, see Cluster
VPC Considerations (https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html)
and Cluster Security Group Considerations (https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html)
in the Amazon EKS User Guide. You must specify at least two
subnets. You can specify up to five security groups, but we
recommend that you use a dedicated security group for your cluster
control plane. \n ResourcesVpcConfig is a required field"
properties:
endpointPrivateAccess:
description: Set this value to true to enable private access
for your cluster's Kubernetes API server endpoint. If you
enable private access, Kubernetes API requests from within
your cluster's VPC use the private VPC endpoint. The default
value for this parameter is false, which disables private
access for your Kubernetes API server. For more information,
see Amazon EKS Cluster Endpoint Access Control (https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html)
in the Amazon EKS User Guide.
type: boolean
endpointPublicAccess:
description: Set this value to false to disable public access
for your cluster's Kubernetes API server endpoint. If you
disable public access, your cluster's Kubernetes API server
can receive only requests from within the cluster VPC. The
default value for this parameter is true, which enables
public access for your Kubernetes API server. For more information,
see Amazon EKS Cluster Endpoint Access Control (https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html)
in the Amazon EKS User Guide.
type: boolean
publicAccessCidrs:
description: The CIDR blocks that are allowed access to your
cluster's public Kubernetes API server endpoint. Communication
to the endpoint from addresses outside of the CIDR blocks
that you specify is denied. The default value is 0.0.0.0/0.
If you've disabled private endpoint access and you have
worker nodes or AWS Fargate pods in the cluster, then ensure
that you specify the necessary CIDR blocks. For more information,
see Amazon EKS Cluster Endpoint Access Control (https://docs.aws.amazon.com/eks/latest/userguide/cluster-endpoint.html)
in the Amazon EKS User Guide.
items:
type: string
type: array
securityGroupIdRefs:
description: SecurityGroupIDRefs are references to SecurityGroups
used to set the SecurityGroupIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
securityGroupIdSelector:
description: SecurityGroupIDSelector selects references to
SecurityGroups used to set the SecurityGroupIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
securityGroupIds:
description: Specify one or more security groups for the cross-account
elastic network interfaces that Amazon EKS creates to use
to allow communication between your worker nodes and the
Kubernetes control plane. If you don't specify a security
group, the default security group for your VPC is used.
items:
type: string
type: array
subnetIdRefs:
description: SubnetIDRefs are references to Subnets used to
set the SubnetIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
subnetIdSelector:
description: SubnetIDSelector selects references to Subnets
used to set the SubnetIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
subnetIds:
description: Specify subnets for your Amazon EKS worker nodes.
Amazon EKS creates cross-account elastic network interfaces
in these subnets to allow communication between your worker
nodes and the Kubernetes control plane.
items:
type: string
type: array
type: object
roleArn:
description: "The Amazon Resource Name (ARN) of the IAM role that
provides permissions for Amazon EKS to make calls to other AWS
API operations on your behalf. For more information, see Amazon
EKS Service IAM Role (https://docs.aws.amazon.com/eks/latest/userguide/service_IAM_role.html)
in the Amazon EKS User Guide . \n RoleArn is a required field"
type: string
roleArnRef:
description: RoleArnRef is a reference to an IAMRole used to set
the RoleArn.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
roleArnSelector:
description: RoleArnSelector selects references to IAMRole used
to set the RoleArn.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
tags:
additionalProperties:
type: string
description: The metadata to apply to the cluster to assist with
categorization and organization. Each tag consists of a key
and an optional value, both of which you define.
type: object
version:
description: 'The desired Kubernetes version for your cluster.
If you don''t specify a value here, the latest version available
in Amazon EKS is used. Example: 1.15'
type: string
required:
- resourcesVpcConfig
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: A ClusterStatus represents the observed state of an EKS Cluster.
properties:
atProvider:
description: ClusterObservation is the observed state of a cluster.
properties:
arn:
description: The Amazon Resource Name (ARN) of the cluster.
type: string
createdAt:
description: The Unix epoch timestamp in seconds for when the
cluster was created.
format: date-time
type: string
endpoint:
description: The endpoint for your Kubernetes API server.
type: string
identity:
description: The identity provider information for the cluster.
properties:
oidc:
description: The OpenID Connect (https://openid.net/connect/)
identity provider information for the cluster.
properties:
issuer:
description: The issuer URL for the OpenID Connect identity
provider.
type: string
type: object
type: object
platformVersion:
description: The platform version of your Amazon EKS cluster.
For more information, see Platform Versions (https://docs.aws.amazon.com/eks/latest/userguide/platform-versions.html)
in the Amazon EKS User Guide .
type: string
resourcesVpcConfig:
description: The VPC configuration used by the cluster control
plane. Amazon EKS VPC resources have specific requirements to
work properly with Kubernetes. For more information, see Cluster
VPC Considerations (https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html)
and Cluster Security Group Considerations (https://docs.aws.amazon.com/eks/latest/userguide/sec-group-reqs.html)
in the Amazon EKS User Guide.
properties:
clusterSecurityGroupId:
description: The cluster security group that was created by
Amazon EKS for the cluster. Managed node groups use this
security group for control-plane-to-data-plane communication.
type: string
vpcId:
description: The VPC associated with your cluster.
type: string
type: object
status:
description: The current status of the cluster.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: fargateprofiles.eks.aws.crossplane.io
spec:
group: eks.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: FargateProfile
listKind: FargateProfileList
plural: fargateprofiles
singular: fargateprofile
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .spec.forProvider.clusterName
name: CLUSTER
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: 'A FargateProfile is a managed resource that represents an AWS
Elastic Kubernetes Service FargateProfile. Deprecated: Please use v1beta1
version of this resource.'
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A FargateProfileSpec defines the desired state of an EKS
FargateProfile.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: FargateProfileParameters define the desired state of
an AWS Elastic Kubernetes Service FargateProfile. All fields are
immutable as it is not possible to update a Fargate profile.
properties:
clusterName:
description: "The name of the Amazon EKS cluster to apply the
Fargate profile to. \n ClusterName is a required field"
type: string
clusterNameRef:
description: ClusterNameRef is a reference to a Cluster used to
set the ClusterName.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
clusterNameSelector:
description: ClusterNameSelector selects references to a Cluster
used to set the ClusterName.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
podExecutionRoleArn:
description: "The Amazon Resource Name (ARN) of the pod execution
role to use for pods that match the selectors in the Fargate
profile. The pod execution role allows Fargate infrastructure
to register with your cluster as a node, and it provides read
access to Amazon ECR image repositories. For more information,
see Pod Execution Role (https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html)
in the Amazon EKS User Guide. \n At least one of podExecutionRoleArn,
podExecutionRoleArnRef or podExecutionRoleArnSelector has to
be given"
type: string
podExecutionRoleArnRef:
description: PodExecutionRoleArnRef is a reference to an IAMRole
used to set the PodExecutionRoleArn. At least one of podExecutionRoleArn,
podExecutionRoleArnRef or podExecutionRoleArnSelector has to
be given
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
podExecutionRoleArnSelector:
description: PodExecutionRoleArnSelector selects references to
IAMRole used to set the PodExecutionRoleArn. At least one of
podExecutionRoleArn, podExecutionRoleArnRef or podExecutionRoleArnSelector
has to be given
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
region:
description: Region is the region you'd like the FargateProfile
to be created in.
type: string
selectors:
description: The selectors to match for pods to use this Fargate
profile. Each selector must have an associated namespace. Optionally,
you can also specify labels for a namespace. You may specify
up to five selectors in a Fargate profile.
items:
description: FargateProfileSelector is an object representing
an AWS Fargate profile selector.
properties:
labels:
additionalProperties:
type: string
description: The Kubernetes labels that the selector should
match. A pod must contain all of the labels that are specified
in the selector for it to be considered a match.
type: object
namespace:
description: The Kubernetes namespace that the selector
should match.
type: string
type: object
type: array
subnetRefs:
description: SubnetRefs are references to Subnets used to set
the Subnets.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
subnetSelector:
description: SubnetSelector selects references to Subnets used
to set the Subnets.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
subnets:
description: The IDs of subnets to launch your pods into. At this
time, pods running on Fargate are not assigned public IP addresses,
so only private subnets (with no direct route to an Internet
Gateway) are accepted for this parameter.
items:
type: string
type: array
tags:
additionalProperties:
type: string
description: The metadata to apply to the Fargate profile to assist
with categorization and organization. Each tag consists of a
key and an optional value, both of which you define. Fargate
profile tags do not propagate to any other resources associated
with the Fargate profile, such as the pods that are scheduled
with it.
type: object
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: A FargateProfileStatus represents the observed state of an
EKS FargateProfile.
properties:
atProvider:
description: FargateProfileObservation is the observed state of a
FargateProfile.
properties:
createdAt:
description: The Unix epoch timestamp in seconds for when the
Fargate profile was created.
format: date-time
type: string
fargateProfileArn:
description: The full Amazon Resource Name (ARN) of the Fargate
profile.
type: string
status:
description: The current status of the Fargate profile.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: false
subresources:
status: {}
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .spec.forProvider.clusterName
name: CLUSTER
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: A FargateProfile is a managed resource that represents an AWS
Elastic Kubernetes Service FargateProfile.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: A FargateProfileSpec defines the desired state of an EKS
FargateProfile.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: FargateProfileParameters define the desired state of
an AWS Elastic Kubernetes Service FargateProfile. All fields are
immutable as it is not possible to update a Fargate profile.
properties:
clusterName:
description: "The name of the Amazon EKS cluster to apply the
Fargate profile to. \n ClusterName is a required field"
type: string
clusterNameRef:
description: ClusterNameRef is a reference to a Cluster used to
set the ClusterName.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
clusterNameSelector:
description: ClusterNameSelector selects references to a Cluster
used to set the ClusterName.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
podExecutionRoleArn:
description: "The Amazon Resource Name (ARN) of the pod execution
role to use for pods that match the selectors in the Fargate
profile. The pod execution role allows Fargate infrastructure
to register with your cluster as a node, and it provides read
access to Amazon ECR image repositories. For more information,
see Pod Execution Role (https://docs.aws.amazon.com/eks/latest/userguide/pod-execution-role.html)
in the Amazon EKS User Guide. \n At least one of podExecutionRoleArn,
podExecutionRoleArnRef or podExecutionRoleArnSelector has to
be given"
type: string
podExecutionRoleArnRef:
description: PodExecutionRoleArnRef is a reference to an IAMRole
used to set the PodExecutionRoleArn. At least one of podExecutionRoleArn,
podExecutionRoleArnRef or podExecutionRoleArnSelector has to
be given
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
podExecutionRoleArnSelector:
description: PodExecutionRoleArnSelector selects references to
IAMRole used to set the PodExecutionRoleArn. At least one of
podExecutionRoleArn, podExecutionRoleArnRef or podExecutionRoleArnSelector
has to be given
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
region:
description: Region is the region you'd like the FargateProfile
to be created in.
type: string
selectors:
description: The selectors to match for pods to use this Fargate
profile. Each selector must have an associated namespace. Optionally,
you can also specify labels for a namespace. You may specify
up to five selectors in a Fargate profile.
items:
description: FargateProfileSelector is an object representing
an AWS Fargate profile selector.
properties:
labels:
additionalProperties:
type: string
description: The Kubernetes labels that the selector should
match. A pod must contain all of the labels that are specified
in the selector for it to be considered a match.
type: object
namespace:
description: The Kubernetes namespace that the selector
should match.
type: string
type: object
type: array
subnetRefs:
description: SubnetRefs are references to Subnets used to set
the Subnets.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
subnetSelector:
description: SubnetSelector selects references to Subnets used
to set the Subnets.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
subnets:
description: The IDs of subnets to launch your pods into. At this
time, pods running on Fargate are not assigned public IP addresses,
so only private subnets (with no direct route to an Internet
Gateway) are accepted for this parameter.
items:
type: string
type: array
tags:
additionalProperties:
type: string
description: The metadata to apply to the Fargate profile to assist
with categorization and organization. Each tag consists of a
key and an optional value, both of which you define. Fargate
profile tags do not propagate to any other resources associated
with the Fargate profile, such as the pods that are scheduled
with it.
type: object
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: A FargateProfileStatus represents the observed state of an
EKS FargateProfile.
properties:
atProvider:
description: FargateProfileObservation is the observed state of a
FargateProfile.
properties:
createdAt:
description: The Unix epoch timestamp in seconds for when the
Fargate profile was created.
format: date-time
type: string
fargateProfileArn:
description: The full Amazon Resource Name (ARN) of the Fargate
profile.
type: string
status:
description: The current status of the Fargate profile.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: elbs.elasticloadbalancing.aws.crossplane.io
spec:
group: elasticloadbalancing.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: ELB
listKind: ELBList
plural: elbs
singular: elb
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: ELBNAME
type: string
- jsonPath: .status.atProvider.dnsName
name: DNSNAME
type: string
- jsonPath: .status.atProvider.vpcId
name: VPCID
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: An ELB is a managed resource that represents an AWS Classic Load
Balancer.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: An ELBSpec defines the desired state of an ELB.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: ELBParameters define the desired state of an AWS ELB.
properties:
availabilityZones:
description: One or more Availability Zones from the same region
as the load balancer.
items:
type: string
type: array
healthCheck:
description: Information about the health checks conducted on
the load balancer.
properties:
healthyThreshold:
description: The number of consecutive health checks successes
required before moving the instance to the Healthy state.
format: int32
type: integer
interval:
description: The approximate interval, in seconds, between
health checks of an individual instance.
format: int32
type: integer
target:
description: The instance being checked.
type: string
timeout:
description: The amount of time, in seconds, during which
no response means a failed health check.
format: int32
type: integer
unhealthyThreshold:
description: The number of consecutive health check failures
required before moving the instance to the Unhealthy state.
format: int32
type: integer
required:
- healthyThreshold
- interval
- target
- timeout
- unhealthyThreshold
type: object
listeners:
description: The listeners for this ELB.
items:
description: Listener represents the port binding(s) between
the ELB and EC2 instances.
properties:
instancePort:
description: The port on which the instance is listening.
format: int32
type: integer
instanceProtocol:
description: 'The protocol to use for routing traffic to
instances: HTTP, HTTPS, TCP, or SSL. If not specified,
the value is same as for Protocol.'
type: string
loadBalancerPort:
description: The port on which the load balancer is listening.
format: int32
type: integer
protocol:
description: 'The load balancer transport protocol to use
for routing: HTTP, HTTPS, TCP, or SSL.'
type: string
sslCertificateId:
description: The Amazon Resource Name (ARN) of the server
certificate.
type: string
required:
- instancePort
- loadBalancerPort
- protocol
type: object
type: array
region:
description: Region is the region you'd like your ELB to be created
in.
type: string
scheme:
description: The type of a load balancer. Valid only for load
balancers in a VPC.
type: string
securityGroupIdRefs:
description: SecurityGroupIDRefs references to a SecurityGroup
and retrieves its SecurityGroupID
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
securityGroupIdSelector:
description: SecurityGroupIDSelector selects a set of references
that each retrieve the SecurityGroupID from the referenced SecurityGroup
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
securityGroupIds:
description: The IDs of the security groups to assign to the load
balancer.
items:
type: string
type: array
subnetIdRefs:
description: SubnetRefs references to a Subnet to and retrieves
its SubnetID
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
subnetIdSelector:
description: SubnetSelector selects a set of references that each
retrieve the subnetID from the referenced Subnet
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
subnetIds:
description: The IDs of the subnets in your VPC to attach to the
load balancer. Specify one subnet per Availability Zone specified
in AvailabilityZones.
items:
type: string
type: array
tags:
description: A list of tags to assign to the load balancer.
items:
description: Tag defines a key value pair that can be attached
to an ELB
properties:
key:
description: The key of the tag.
type: string
value:
description: The value of the tag.
type: string
required:
- key
type: object
type: array
required:
- listeners
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An ELBStatus represents the observed state of an ELB.
properties:
atProvider:
description: ELBObservation keeps the state for the external resource
properties:
backendServerDescriptions:
description: Information about the EC2 instances for this ELB.
items:
description: BackendServerDescription provides information about
the instances attached to the ELB.
properties:
instancePort:
description: The port on which the EC2 instance is listening.
format: int32
type: integer
policyNames:
description: The names of the policies enabled for the EC2
instance.
items:
type: string
type: array
type: object
type: array
canonicalHostedZoneName:
description: The DNS name of the load balancer.
type: string
canonicalHostedZoneNameId:
description: The ID of the Amazon Route 53 hosted zone for the
load balancer.
type: string
dnsName:
description: The DNS name of the load balancer.
type: string
vpcId:
description: The ID of the VPC for the load balancer.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: elbattachments.elasticloadbalancing.aws.crossplane.io
spec:
group: elasticloadbalancing.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: ELBAttachment
listKind: ELBAttachmentList
plural: elbattachments
singular: elbattachment
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .spec.forProvider.elbName
name: ELBNAME
type: string
- jsonPath: .spec.forProvider.instanceId
name: INSTANCEID
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: An ELBAttachment is a managed resource that represents attachment
of an AWS Classic Load Balancer and an AWS EC2 instance.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: An ELBAttachmentSpec defines the desired state of an ELBAttachment.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: ELBAttachmentParameters define the desired state of an
AWS ELBAttachment.
properties:
elbName:
description: Name of the Elastic Load Balancer to which the instances
will attach.
type: string
elbNameRef:
description: ELBNameRef references an ELB to and retrieves its
external-name.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
elbNameSelector:
description: ELBNameSelector selects a reference to a ELB to and
retrieves its external-name.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
instanceId:
description: List of identities of the instances to be attached.
type: string
region:
description: Region is the region you'd like your ELBAttachment
to be in.
type: string
required:
- instanceId
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An ELBAttachmentStatus represents the observed state of an
ELBAttachmentAttachment.
properties:
atProvider:
description: ELBAttachmentObservation keeps the state for the external
resource
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: listeners.elbv2.aws.crossplane.io
spec:
group: elbv2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Listener
listKind: ListenerList
plural: listeners
singular: listener
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Listener is the Schema for the Listeners API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ListenerSpec defines the desired state of Listener
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: ListenerParameters defines the desired state of Listener
properties:
alpnPolicy:
description: "[TLS listeners] The name of the Application-Layer
Protocol Negotiation (ALPN) policy. You can specify one policy
name. The following are the possible values: \n * HTTP1Only
\n * HTTP2Only \n * HTTP2Optional \n * HTTP2Preferred
\n * None \n For more information, see ALPN policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#alpn-policies)
in the Network Load Balancers Guide."
items:
type: string
type: array
certificates:
description: '[HTTPS and TLS listeners] The default certificate
for the listener. You must provide exactly one certificate.
Set CertificateArn to the certificate ARN but do not set IsDefault.'
items:
properties:
certificateARN:
type: string
isDefault:
type: boolean
type: object
type: array
defaultActions:
description: The actions for the default rule.
items:
description: "CustomAction includes custom fields for an action.
\n Each rule must include exactly one of the following types
of actions: forward, fixed-response, or redirect, and it must
be the last action to be performed."
properties:
actionType:
description: The type of action.
type: string
authenticateCognitoConfig:
description: Request parameters to use when integrating
with Amazon Cognito to authenticate users.
properties:
authenticationRequestExtraParams:
additionalProperties:
type: string
type: object
onUnauthenticatedRequest:
type: string
scope:
type: string
sessionCookieName:
type: string
sessionTimeout:
format: int64
type: integer
userPoolARN:
type: string
userPoolClientID:
type: string
userPoolDomain:
type: string
type: object
authenticateOidcConfig:
description: Request parameters when using an identity provider
(IdP) that is compliant with OpenID Connect (OIDC) to
authenticate users.
properties:
authenticationRequestExtraParams:
additionalProperties:
type: string
type: object
authorizationEndpoint:
type: string
clientID:
type: string
clientSecret:
type: string
issuer:
type: string
onUnauthenticatedRequest:
type: string
scope:
type: string
sessionCookieName:
type: string
sessionTimeout:
format: int64
type: integer
tokenEndpoint:
type: string
useExistingClientSecret:
type: boolean
userInfoEndpoint:
type: string
type: object
fixedResponseConfig:
description: Information about an action that returns a
custom HTTP response.
properties:
contentType:
type: string
messageBody:
type: string
statusCode:
type: string
type: object
forwardConfig:
description: Information about a forward action.
properties:
targetGroupStickinessConfig:
description: Information about the target group stickiness
for a rule.
properties:
durationSeconds:
format: int64
type: integer
enabled:
type: boolean
type: object
targetGroups:
description: One or more target groups. For Network
Load Balancers, you can specify a single target group.
items:
description: CustomTargetGroupTuple includes custom
fields about target groups. Only used with ForwardActionConfig
to route to multiple target groups.
properties:
targetGroupARN:
type: string
targetGroupArnRef:
description: Reference to TargetGroupARN used
to set TargetGroupARN
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
targetGroupArnSelector:
description: Selector for references to TargetGroup
for TargetGroupARN
properties:
matchControllerRef:
description: MatchControllerRef ensures an
object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object
with matching labels is selected.
type: object
type: object
weight:
format: int64
type: integer
type: object
type: array
type: object
order:
description: The order for the action. This value is required
for rules with multiple actions. The action with the lowest
value for order is performed first.
format: int64
type: integer
redirectConfig:
description: "Information about a redirect action. \n A
URI consists of the following components: protocol://hostname:port/path?query.
You must modify at least one of the following components
to avoid a redirect loop: protocol, hostname, port, or
path. Any components that you do not modify retain their
original values. \n You can reuse URI components using
the following reserved keywords: \n * #{protocol} \n
\ * #{host} \n * #{port} \n * #{path} (the leading
\"/\" is removed) \n * #{query} \n For example, you
can change the path to \"/new/#{path}\", the hostname
to \"example.#{host}\", or the query to \"#{query}&value=xyz\"."
properties:
host:
type: string
path:
type: string
port:
type: string
protocol:
type: string
query:
type: string
statusCode:
type: string
type: object
targetGroupArn:
description: The Amazon Resource Name (ARN) of the target
group. Specify only when actionType is forward and you
want to route to a single target group. To route to one
or more target groups, use ForwardConfig instead.
type: string
targetGroupArnRef:
description: Reference to TargetGroupARN used to set TargetGroupARN
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
targetGroupArnSelector:
description: Selector for references to TargetGroups for
TargetGroupARNs
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
required:
- actionType
type: object
type: array
loadBalancerArn:
description: The Amazon Resource Name (ARN) of the load balancer.
type: string
loadBalancerArnRef:
description: Ref to loadbalancer ARN
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
loadBalancerArnSelector:
description: Selector for references to LoadBalancer for LoadBalancerARN
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
port:
description: The port on which the load balancer is listening.
You cannot specify a port for a Gateway Load Balancer.
format: int64
type: integer
protocol:
description: The protocol for connections from clients to the
load balancer. For Application Load Balancers, the supported
protocols are HTTP and HTTPS. For Network Load Balancers, the
supported protocols are TCP, TLS, UDP, and TCP_UDP. You can’t
specify the UDP or TCP_UDP protocol if dual-stack mode is enabled.
You cannot specify a protocol for a Gateway Load Balancer.
type: string
region:
description: Region is which region the Listener will be created.
type: string
sslPolicy:
description: "[HTTPS and TLS listeners] The security policy that
defines which protocols and ciphers are supported. \n For more
information, see Security policies (https://docs.aws.amazon.com/elasticloadbalancing/latest/application/create-https-listener.html#describe-ssl-policies)
in the Application Load Balancers Guide and Security policies
(https://docs.aws.amazon.com/elasticloadbalancing/latest/network/create-tls-listener.html#describe-ssl-policies)
in the Network Load Balancers Guide."
type: string
tags:
description: The tags to assign to the listener.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- defaultActions
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: ListenerStatus defines the observed state of Listener.
properties:
atProvider:
description: ListenerObservation defines the observed state of Listener
properties:
listeners:
description: Information about the listener.
items:
properties:
alpnPolicy:
items:
type: string
type: array
certificates:
items:
properties:
certificateARN:
type: string
isDefault:
type: boolean
type: object
type: array
defaultActions:
items:
properties:
authenticateCognitoConfig:
description: Request parameters to use when integrating
with Amazon Cognito to authenticate users.
properties:
authenticationRequestExtraParams:
additionalProperties:
type: string
type: object
onUnauthenticatedRequest:
type: string
scope:
type: string
sessionCookieName:
type: string
sessionTimeout:
format: int64
type: integer
userPoolARN:
type: string
userPoolClientID:
type: string
userPoolDomain:
type: string
type: object
authenticateOIDCConfig:
description: Request parameters when using an identity
provider (IdP) that is compliant with OpenID Connect
(OIDC) to authenticate users.
properties:
authenticationRequestExtraParams:
additionalProperties:
type: string
type: object
authorizationEndpoint:
type: string
clientID:
type: string
clientSecret:
type: string
issuer:
type: string
onUnauthenticatedRequest:
type: string
scope:
type: string
sessionCookieName:
type: string
sessionTimeout:
format: int64
type: integer
tokenEndpoint:
type: string
useExistingClientSecret:
type: boolean
userInfoEndpoint:
type: string
type: object
fixedResponseConfig:
description: Information about an action that returns
a custom HTTP response.
properties:
contentType:
type: string
messageBody:
type: string
statusCode:
type: string
type: object
forwardConfig:
description: Information about a forward action.
properties:
targetGroupStickinessConfig:
description: Information about the target group
stickiness for a rule.
properties:
durationSeconds:
format: int64
type: integer
enabled:
type: boolean
type: object
targetGroups:
items:
properties:
targetGroupARN:
type: string
weight:
format: int64
type: integer
type: object
type: array
type: object
order:
format: int64
type: integer
redirectConfig:
description: "Information about a redirect action.
\n A URI consists of the following components: protocol://hostname:port/path?query.
You must modify at least one of the following components
to avoid a redirect loop: protocol, hostname, port,
or path. Any components that you do not modify retain
their original values. \n You can reuse URI components
using the following reserved keywords: \n * #{protocol}
\n * #{host} \n * #{port} \n * #{path}
(the leading \"/\" is removed) \n * #{query}
\n For example, you can change the path to \"/new/#{path}\",
the hostname to \"example.#{host}\", or the query
to \"#{query}&value=xyz\"."
properties:
host:
type: string
path:
type: string
port:
type: string
protocol:
type: string
query:
type: string
statusCode:
type: string
type: object
targetGroupARN:
type: string
type_:
type: string
type: object
type: array
listenerARN:
type: string
loadBalancerARN:
type: string
port:
format: int64
type: integer
protocol:
type: string
sslPolicy:
type: string
type: object
type: array
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: loadbalancers.elbv2.aws.crossplane.io
spec:
group: elbv2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: LoadBalancer
listKind: LoadBalancerList
plural: loadbalancers
singular: loadbalancer
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: LoadBalancer is the Schema for the LoadBalancers API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: LoadBalancerSpec defines the desired state of LoadBalancer
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: LoadBalancerParameters defines the desired state of LoadBalancer
properties:
customerOwnedIPv4Pool:
description: '[Application Load Balancers on Outposts] The ID
of the customer-owned address pool (CoIP pool).'
type: string
ipAddressType:
description: The type of IP addresses used by the subnets for
your load balancer. The possible values are ipv4 (for IPv4 addresses)
and dualstack (for IPv4 and IPv6 addresses). Internal load balancers
must use ipv4.
type: string
loadBalancerType:
description: The type of load balancer. The default is application.
type: string
name:
description: "The name of the load balancer. \n This name must
be unique per region per account, can have a maximum of 32 characters,
must contain only alphanumeric characters or hyphens, must not
begin or end with a hyphen, and must not begin with \"internal-\"."
type: string
region:
description: Region is which region the LoadBalancer will be created.
type: string
scheme:
description: "The nodes of an Internet-facing load balancer have
public IP addresses. The DNS name of an Internet-facing load
balancer is publicly resolvable to the public IP addresses of
the nodes. Therefore, Internet-facing load balancers can route
requests from clients over the internet. \n The nodes of an
internal load balancer have only private IP addresses. The DNS
name of an internal load balancer is publicly resolvable to
the private IP addresses of the nodes. Therefore, internal load
balancers can route requests only from clients with access to
the VPC for the load balancer. \n The default is an Internet-facing
load balancer. \n You cannot specify a scheme for a Gateway
Load Balancer."
type: string
securityGroupRefs:
description: Reference to Security Groups for SecurityGroups field
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
securityGroupSelector:
description: Selector for references to SecurityGroups
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
securityGroups:
description: '[Application Load Balancers] The IDs of the security
groups for the load balancer.'
items:
type: string
type: array
subnetMappings:
description: "The IDs of the public subnets. You can specify only
one subnet per Availability Zone. You must specify either subnets
or subnet mappings. \n [Application Load Balancers] You must
specify subnets from at least two Availability Zones. You cannot
specify Elastic IP addresses for your subnets. \n [Application
Load Balancers on Outposts] You must specify one Outpost subnet.
\n [Application Load Balancers on Local Zones] You can specify
subnets from one or more Local Zones. \n [Network Load Balancers]
You can specify subnets from one or more Availability Zones.
You can specify one Elastic IP address per subnet if you need
static IP addresses for your internet-facing load balancer.
For internal load balancers, you can specify one private IP
address per subnet from the IPv4 range of the subnet. For internet-facing
load balancer, you can specify one IPv6 address per subnet.
\n [Gateway Load Balancers] You can specify subnets from one
or more Availability Zones. You cannot specify Elastic IP addresses
for your subnets."
items:
properties:
allocationID:
type: string
iPv6Address:
type: string
privateIPv4Address:
type: string
subnetID:
type: string
type: object
type: array
subnetRefs:
description: Reference to Subnets for Subnets field
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
subnetSelector:
description: Selector for references to Subnets
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
subnets:
description: "The IDs of the public subnets. You can specify only
one subnet per Availability Zone. You must specify either subnets
or subnet mappings. \n [Application Load Balancers] You must
specify subnets from at least two Availability Zones. \n [Application
Load Balancers on Outposts] You must specify one Outpost subnet.
\n [Application Load Balancers on Local Zones] You can specify
subnets from one or more Local Zones. \n [Network Load Balancers]
You can specify subnets from one or more Availability Zones.
\n [Gateway Load Balancers] You can specify subnets from one
or more Availability Zones."
items:
type: string
type: array
tags:
description: The tags to assign to the load balancer.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- name
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: LoadBalancerStatus defines the observed state of LoadBalancer.
properties:
atProvider:
description: LoadBalancerObservation defines the observed state of
LoadBalancer
properties:
loadBalancers:
description: Information about the load balancer.
items:
properties:
availabilityZones:
items:
properties:
loadBalancerAddresses:
items:
properties:
allocationID:
type: string
iPv6Address:
type: string
ipAddress:
type: string
privateIPv4Address:
type: string
type: object
type: array
outpostID:
type: string
subnetID:
type: string
zoneName:
type: string
type: object
type: array
canonicalHostedZoneID:
type: string
createdTime:
format: date-time
type: string
customerOwnedIPv4Pool:
type: string
dnsName:
type: string
ipAddressType:
type: string
loadBalancerARN:
type: string
loadBalancerName:
type: string
scheme:
type: string
securityGroups:
items:
type: string
type: array
state:
description: Information about the state of the load balancer.
properties:
code:
type: string
reason:
type: string
type: object
type_:
type: string
vpcID:
type: string
type: object
type: array
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: targetgroups.elbv2.aws.crossplane.io
spec:
group: elbv2.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: TargetGroup
listKind: TargetGroupList
plural: targetgroups
singular: targetgroup
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: TargetGroup is the Schema for the TargetGroups API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: TargetGroupSpec defines the desired state of TargetGroup
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: TargetGroupParameters defines the desired state of TargetGroup
properties:
healthCheckEnabled:
description: Indicates whether health checks are enabled. If the
target type is lambda, health checks are disabled by default
but can be enabled. If the target type is instance or ip, health
checks are always enabled and cannot be disabled.
type: boolean
healthCheckIntervalSeconds:
description: The approximate amount of time, in seconds, between
health checks of an individual target. If the target group protocol
is TCP, TLS, UDP, or TCP_UDP, the supported values are 10 and
30 seconds. If the target group protocol is HTTP or HTTPS, the
default is 30 seconds. If the target group protocol is GENEVE,
the default is 10 seconds. If the target type is lambda, the
default is 35 seconds.
format: int64
type: integer
healthCheckPath:
description: "[HTTP/HTTPS health checks] The destination for health
checks on the targets. \n [HTTP1 or HTTP2 protocol version]
The ping path. The default is /. \n [GRPC protocol version]
The path of a custom health check method with the format /package.service/method.
The default is /AWS.ALB/healthcheck."
type: string
healthCheckPort:
description: The port the load balancer uses when performing health
checks on targets. If the protocol is HTTP, HTTPS, TCP, TLS,
UDP, or TCP_UDP, the default is traffic-port, which is the port
on which each target receives traffic from the load balancer.
If the protocol is GENEVE, the default is port 80.
type: string
healthCheckProtocol:
description: The protocol the load balancer uses when performing
health checks on targets. For Application Load Balancers, the
default is HTTP. For Network Load Balancers and Gateway Load
Balancers, the default is TCP. The TCP protocol is not supported
for health checks if the protocol of the target group is HTTP
or HTTPS. The GENEVE, TLS, UDP, and TCP_UDP protocols are not
supported for health checks.
type: string
healthCheckTimeoutSeconds:
description: The amount of time, in seconds, during which no response
from a target means a failed health check. For target groups
with a protocol of HTTP, HTTPS, or GENEVE, the default is 5
seconds. For target groups with a protocol of TCP or TLS, this
value must be 6 seconds for HTTP health checks and 10 seconds
for TCP and HTTPS health checks. If the target type is lambda,
the default is 30 seconds.
format: int64
type: integer
healthyThresholdCount:
description: The number of consecutive health checks successes
required before considering an unhealthy target healthy. For
target groups with a protocol of HTTP or HTTPS, the default
is 5. For target groups with a protocol of TCP, TLS, or GENEVE,
the default is 3. If the target type is lambda, the default
is 5.
format: int64
type: integer
matcher:
description: '[HTTP/HTTPS health checks] The HTTP or gRPC codes
to use when checking for a successful response from a target.'
properties:
grpcCode:
type: string
httpCode:
type: string
type: object
name:
description: "The name of the target group. \n This name must
be unique per region per account, can have a maximum of 32 characters,
must contain only alphanumeric characters or hyphens, and must
not begin or end with a hyphen."
type: string
port:
description: The port on which the targets receive traffic. This
port is used unless you specify a port override when registering
the target. If the target is a Lambda function, this parameter
does not apply. If the protocol is GENEVE, the supported port
is 6081.
format: int64
type: integer
protocol:
description: The protocol to use for routing traffic to the targets.
For Application Load Balancers, the supported protocols are
HTTP and HTTPS. For Network Load Balancers, the supported protocols
are TCP, TLS, UDP, or TCP_UDP. For Gateway Load Balancers, the
supported protocol is GENEVE. A TCP_UDP listener must be associated
with a TCP_UDP target group. If the target is a Lambda function,
this parameter does not apply.
type: string
protocolVersion:
description: '[HTTP/HTTPS protocol] The protocol version. Specify
GRPC to send requests to targets using gRPC. Specify HTTP2 to
send requests to targets using HTTP/2. The default is HTTP1,
which sends requests to targets using HTTP/1.1.'
type: string
region:
description: Region is which region the TargetGroup will be created.
type: string
tags:
description: The tags to assign to the target group.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
targetType:
description: "The type of target that you must specify when registering
targets with this target group. You can't specify targets for
a target group using more than one target type. \n * instance
- Register targets by instance ID. This is the default value.
\n * ip - Register targets by IP address. You can specify
IP addresses from the subnets of the virtual private cloud
(VPC) for the target group, the RFC 1918 range (10.0.0.0/8,
172.16.0.0/12, and 192.168.0.0/16), and the RFC 6598 range
(100.64.0.0/10). You can't specify publicly routable IP addresses.
\n * lambda - Register a single Lambda function as a target."
type: string
unhealthyThresholdCount:
description: The number of consecutive health check failures required
before considering a target unhealthy. If the target group protocol
is HTTP or HTTPS, the default is 2. If the target group protocol
is TCP or TLS, this value must be the same as the healthy threshold
count. If the target group protocol is GENEVE, the default is
3. If the target type is lambda, the default is 2.
format: int64
type: integer
vpcID:
description: The identifier of the virtual private cloud (VPC).
If the target is a Lambda function, this parameter does not
apply. Otherwise, this parameter is required.
type: string
vpcIdRef:
description: Reference to VPC for VPCID
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
vpcIdSelector:
description: Selector for references to VPC for VPCID
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- name
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: TargetGroupStatus defines the observed state of TargetGroup.
properties:
atProvider:
description: TargetGroupObservation defines the observed state of
TargetGroup
properties:
targetGroups:
description: Information about the target group.
items:
properties:
healthCheckEnabled:
type: boolean
healthCheckIntervalSeconds:
format: int64
type: integer
healthCheckPath:
type: string
healthCheckPort:
type: string
healthCheckProtocol:
type: string
healthCheckTimeoutSeconds:
format: int64
type: integer
healthyThresholdCount:
format: int64
type: integer
loadBalancerARNs:
items:
type: string
type: array
matcher:
description: The codes to use when checking for a successful
response from a target. If the protocol version is gRPC,
these are gRPC codes. Otherwise, these are HTTP codes.
properties:
grpcCode:
type: string
httpCode:
type: string
type: object
port:
format: int64
type: integer
protocol:
type: string
protocolVersion:
type: string
targetGroupARN:
type: string
targetGroupName:
type: string
targetType:
type: string
unhealthyThresholdCount:
format: int64
type: integer
vpcID:
type: string
type: object
type: array
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: classifiers.glue.aws.crossplane.io
spec:
group: glue.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Classifier
listKind: ClassifierList
plural: classifiers
singular: classifier
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Classifier is the Schema for the Classifiers API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ClassifierSpec defines the desired state of Classifier
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: ClassifierParameters defines the desired state of Classifier
properties:
csvClassifier:
description: A CsvClassifier object specifying the classifier
to create.
properties:
allowSingleColumn:
description: Enables the processing of files that contain
only one column.
type: boolean
containsHeader:
description: Indicates whether the CSV file contains a header.
type: string
delimiter:
description: A custom symbol to denote what separates each
column entry in the row.
type: string
disableValueTrimming:
description: Specifies not to trim values before identifying
the type of column values. The default value is true.
type: boolean
header:
description: A list of strings representing column names.
items:
type: string
type: array
quoteSymbol:
description: A custom symbol to denote what combines content
into a single column value. Must be different from the column
delimiter.
type: string
type: object
grokClassifier:
description: A GrokClassifier object specifying the classifier
to create.
properties:
classification:
description: An identifier of the data format that the classifier
matches, such as Twitter, JSON, Omniture logs, Amazon CloudWatch
Logs, and so on.
type: string
customPatterns:
description: Optional custom grok patterns used by this classifier.
type: string
grokPattern:
description: The grok pattern used by this classifier.
type: string
type: object
jsonClassifier:
description: A JsonClassifier object specifying the classifier
to create.
properties:
jsonPath:
description: A JsonPath string defining the JSON data for
the classifier to classify. Glue supports a subset of JsonPath,
as described in Writing JsonPath Custom Classifiers (https://docs.aws.amazon.com/glue/latest/dg/custom-classifier.html#custom-classifier-json).
type: string
type: object
region:
description: Region is which region the Classifier will be created.
type: string
xmlClassifier:
description: A CsvClassifier object specifying the classifier
to create.
properties:
classification:
description: An identifier of the data format that the classifier
matches. Classification is a required field
type: string
rowTag:
description: The XML tag designating the element that contains
each record in an XML document being parsed. This can't
identify a self-closing element (closed by />). An empty
row element that contains only attributes can be parsed
as long as it ends with a closing tag (for example, |
is okay, but |
is not).
type: string
type: object
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: ClassifierStatus defines the observed state of Classifier.
properties:
atProvider:
description: ClassifierObservation defines the observed state of Classifier
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: connections.glue.aws.crossplane.io
spec:
group: glue.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Connection
listKind: ConnectionList
plural: connections
singular: connection
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Connection is the Schema for the Connections API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ConnectionSpec defines the desired state of Connection
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: ConnectionParameters defines the desired state of Connection
properties:
catalogID:
description: The ID of the Data Catalog in which to create the
connection. If none is provided, the AWS account ID is used
by default.
type: string
connectionInput:
description: A ConnectionInput object defining the connection
to create.
properties:
connectionProperties:
additionalProperties:
type: string
description: These key-value pairs define parameters for the
connection.
type: object
connectionType:
description: "The type of the connection. Currently, these
types are supported: \n * JDBC - Designates a connection
to a database through Java Database Connectivity (JDBC).
\n * KAFKA - Designates a connection to an Apache Kafka
streaming platform. \n * MONGODB - Designates a connection
to a MongoDB document database. \n * NETWORK - Designates
a network connection to a data source within an Amazon
Virtual Private Cloud environment (Amazon VPC)."
type: string
description:
description: The description of the connection.
type: string
matchCriteria:
description: A list of criteria that can be used in selecting
this connection.
items:
type: string
type: array
physicalConnectionRequirements:
description: Specifies the physical requirements for a connection.
properties:
availabilityZone:
type: string
securityGroupIDList:
items:
type: string
type: array
securityGroupIDRefs:
description: SecurityGroupIDRefs are references to SecurityGroups
used to set the SecurityGroupIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
securityGroupIDSelector:
description: SecurityGroupIDSelector selects references
to SecurityGroups used to set the SecurityGroupIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object
with the same controller reference as the selecting
object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
subnetID:
type: string
subnetIDRef:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
subnetIDSelector:
description: A Selector selects an object.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object
with the same controller reference as the selecting
object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
type: object
type: object
region:
description: Region is which region the Connection will be created.
type: string
required:
- connectionInput
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: ConnectionStatus defines the observed state of Connection.
properties:
atProvider:
description: ConnectionObservation defines the observed state of Connection
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: crawlers.glue.aws.crossplane.io
spec:
group: glue.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Crawler
listKind: CrawlerList
plural: crawlers
singular: crawler
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Crawler is the Schema for the Crawlers API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: CrawlerSpec defines the desired state of Crawler
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: CrawlerParameters defines the desired state of Crawler
properties:
classifiers:
description: A list of custom classifiers that the user has registered.
By default, all built-in classifiers are included in a crawl,
but these custom classifiers always override the default classifiers
for a given classification.
items:
type: string
type: array
configuration:
description: Crawler configuration information. This versioned
JSON string allows users to specify aspects of a crawler's behavior.
For more information, see Configuring a Crawler (https://docs.aws.amazon.com/glue/latest/dg/crawler-configuration.html).
type: string
crawlerSecurityConfiguration:
description: The name of the SecurityConfiguration structure to
be used by this crawler.
type: string
databaseName:
description: 'The AWS Glue database where results are written,
such as: arn:aws:daylight:us-east-1::database/sometable/*.'
type: string
description:
description: A description of the new crawler.
type: string
lineageConfiguration:
description: Specifies data lineage configuration settings for
the crawler.
properties:
crawlerLineageSettings:
type: string
type: object
recrawlPolicy:
description: A policy that specifies whether to crawl the entire
dataset again, or to crawl only folders that were added since
the last crawler run.
properties:
recrawlBehavior:
type: string
type: object
region:
description: Region is which region the Crawler will be created.
type: string
roleArn:
description: The IAM role or Amazon Resource Name (ARN) of an
IAM role used by the new crawler to access customer resources.
type: string
roleArnRef:
description: RoleArnRef is a reference to an IAMRole used to set
the RoleArn.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
roleArnSelector:
description: RoleArnSelector selects references to IAMRole used
to set the RoleArn.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
schedule:
description: 'A cron expression used to specify the schedule (see
Time-Based Schedules for Jobs and Crawlers (https://docs.aws.amazon.com/glue/latest/dg/monitor-data-warehouse-schedule.html).
For example, to run something every day at 12:15 UTC, you would
specify: cron(15 12 * * ? *).'
type: string
schemaChangePolicy:
description: The policy for the crawler's update and deletion
behavior.
properties:
deleteBehavior:
type: string
updateBehavior:
type: string
type: object
tablePrefix:
description: The table prefix used for catalog tables that are
created.
type: string
tags:
additionalProperties:
type: string
description: The tags to use with this crawler request. You may
use tags to limit access to the crawler. For more information
about tags in AWS Glue, see AWS Tags in AWS Glue (https://docs.aws.amazon.com/glue/latest/dg/monitor-tags.html)
in the developer guide.
type: object
targets:
description: A list of collection of targets to crawl.
properties:
catalogTargets:
items:
properties:
databaseName:
type: string
tables:
items:
type: string
type: array
type: object
type: array
dynamoDBTargets:
items:
properties:
path:
type: string
scanAll:
type: boolean
scanRate:
type: number
type: object
type: array
jdbcTargets:
items:
properties:
connectionName:
type: string
exclusions:
items:
type: string
type: array
path:
type: string
type: object
type: array
mongoDBTargets:
items:
properties:
connectionName:
type: string
path:
type: string
scanAll:
type: boolean
type: object
type: array
s3Targets:
items:
properties:
connectionName:
type: string
exclusions:
items:
type: string
type: array
path:
type: string
type: object
type: array
type: object
required:
- region
- targets
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: CrawlerStatus defines the observed state of Crawler.
properties:
atProvider:
description: CrawlerObservation defines the observed state of Crawler
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: databases.glue.aws.crossplane.io
spec:
group: glue.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Database
listKind: DatabaseList
plural: databases
singular: database
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Database is the Schema for the Databases API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DatabaseSpec defines the desired state of Database
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: DatabaseParameters defines the desired state of Database
properties:
catalogID:
description: The ID of the Data Catalog in which to create the
database. If none is provided, the AWS account ID is used by
default.
type: string
databaseInput:
description: The metadata for the database.
properties:
description:
type: string
locationURI:
type: string
parameters:
additionalProperties:
type: string
type: object
targetDatabase:
description: A structure that describes a target database
for resource linking.
properties:
catalogID:
type: string
databaseName:
type: string
type: object
type: object
region:
description: Region is which region the Database will be created.
type: string
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: DatabaseStatus defines the observed state of Database.
properties:
atProvider:
description: DatabaseObservation defines the observed state of Database
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: jobs.glue.aws.crossplane.io
spec:
group: glue.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Job
listKind: JobList
plural: jobs
singular: job
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Job is the Schema for the Jobs API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: JobSpec defines the desired state of Job
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: JobParameters defines the desired state of Job
properties:
allocatedCapacity:
description: "This parameter is deprecated. Use MaxCapacity instead.
\n The number of AWS Glue data processing units (DPUs) to allocate
to this Job. You can allocate from 2 to 100 DPUs; the default
is 10. A DPU is a relative measure of processing power that
consists of 4 vCPUs of compute capacity and 16 GB of memory.
For more information, see the AWS Glue pricing page (https://aws.amazon.com/glue/pricing/)."
format: int64
type: integer
command:
description: The JobCommand that executes this job.
properties:
name:
type: string
pythonVersion:
type: string
scriptLocation:
type: string
type: object
connections:
description: The connections used for this job.
properties:
connections:
items:
type: string
type: array
type: object
defaultArguments:
additionalProperties:
type: string
description: "The default arguments for this job. \n You can specify
arguments here that your own job-execution script consumes,
as well as arguments that AWS Glue itself consumes. \n For information
about how to specify and consume your own Job arguments, see
the Calling AWS Glue APIs in Python (https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-python-calling.html)
topic in the developer guide. \n For information about the key-value
pairs that AWS Glue consumes to set up your job, see the Special
Parameters Used by AWS Glue (https://docs.aws.amazon.com/glue/latest/dg/aws-glue-programming-etl-glue-arguments.html)
topic in the developer guide."
type: object
description:
description: Description of the job being defined.
type: string
executionProperty:
description: An ExecutionProperty specifying the maximum number
of concurrent runs allowed for this job.
properties:
maxConcurrentRuns:
format: int64
type: integer
type: object
glueVersion:
description: "Glue version determines the versions of Apache Spark
and Python that AWS Glue supports. The Python version indicates
the version supported for jobs of type Spark. \n For more information
about the available AWS Glue versions and corresponding Spark
and Python versions, see Glue version (https://docs.aws.amazon.com/glue/latest/dg/add-job.html)
in the developer guide. \n Jobs that are created without specifying
a Glue version default to Glue 0.9."
type: string
logURI:
description: This field is reserved for future use.
type: string
maxCapacity:
description: "The number of AWS Glue data processing units (DPUs)
that can be allocated when this job runs. A DPU is a relative
measure of processing power that consists of 4 vCPUs of compute
capacity and 16 GB of memory. For more information, see the
AWS Glue pricing page (https://aws.amazon.com/glue/pricing/).
\n Do not set Max Capacity if using WorkerType and NumberOfWorkers.
\n The value that can be allocated for MaxCapacity depends on
whether you are running a Python shell job or an Apache Spark
ETL job: \n * When you specify a Python shell job (JobCommand.Name=\"pythonshell\"),
\ you can allocate either 0.0625 or 1 DPU. The default is
0.0625 DPU. \n * When you specify an Apache Spark ETL job
(JobCommand.Name=\"glueetl\") or Apache Spark streaming ETL
job (JobCommand.Name=\"gluestreaming\"), you can allocate
from 2 to 100 DPUs. The default is 10 DPUs. This job type cannot
have a fractional DPU allocation."
type: number
maxRetries:
description: The maximum number of times to retry this job if
it fails.
format: int64
type: integer
nonOverridableArguments:
additionalProperties:
type: string
description: Non-overridable arguments for this job, specified
as name-value pairs.
type: object
notificationProperty:
description: Specifies configuration properties of a job notification.
properties:
notifyDelayAfter:
format: int64
type: integer
type: object
numberOfWorkers:
description: "The number of workers of a defined workerType that
are allocated when a job runs. \n The maximum number of workers
you can define are 299 for G.1X, and 149 for G.2X."
format: int64
type: integer
region:
description: Region is which region the Job will be created.
type: string
roleArn:
description: The name or Amazon Resource Name (ARN) of the IAM
role associated with this job. RoleArn is a required field
type: string
roleArnRef:
description: RoleArnRef is a reference to an IAMRole used to set
the RoleArn.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
roleArnSelector:
description: RoleArnSelector selects references to IAMRole used
to set the RoleArn.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
securityConfiguration:
description: The name of the SecurityConfiguration structure to
be used with this job.
type: string
tags:
additionalProperties:
type: string
description: The tags to use with this job. You may use tags to
limit access to the job. For more information about tags in
AWS Glue, see AWS Tags in AWS Glue (https://docs.aws.amazon.com/glue/latest/dg/monitor-tags.html)
in the developer guide.
type: object
timeout:
description: The job timeout in minutes. This is the maximum time
that a job run can consume resources before it is terminated
and enters TIMEOUT status. The default is 2,880 minutes (48
hours).
format: int64
type: integer
workerType:
description: "The type of predefined worker that is allocated
when a job runs. Accepts a value of Standard, G.1X, or G.2X.
\n * For the Standard worker type, each worker provides 4
vCPU, 16 GB of memory and a 50GB disk, and 2 executors per
worker. \n * For the G.1X worker type, each worker maps to
1 DPU (4 vCPU, 16 GB of memory, 64 GB disk), and provides
1 executor per worker. We recommend this worker type for
memory-intensive jobs. \n * For the G.2X worker type, each
worker maps to 2 DPU (8 vCPU, 32 GB of memory, 128 GB disk),
and provides 1 executor per worker. We recommend this worker
type for memory-intensive jobs."
type: string
required:
- command
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: JobStatus defines the observed state of Job.
properties:
atProvider:
description: JobObservation defines the observed state of Job
properties:
name:
description: The unique name that was provided for this job definition.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: securityconfigurations.glue.aws.crossplane.io
spec:
group: glue.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: SecurityConfiguration
listKind: SecurityConfigurationList
plural: securityconfigurations
singular: securityconfiguration
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: SecurityConfiguration is the Schema for the SecurityConfigurations
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: SecurityConfigurationSpec defines the desired state of SecurityConfiguration
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: SecurityConfigurationParameters defines the desired state
of SecurityConfiguration
properties:
encryptionConfiguration:
description: The encryption configuration for the new security
configuration.
properties:
cloudWatchEncryption:
description: Specifies how Amazon CloudWatch data should be
encrypted.
properties:
cloudWatchEncryptionMode:
type: string
kmsKeyARN:
type: string
kmsKeyARNRef:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
kmsKeyARNSelector:
description: A Selector selects an object.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object
with the same controller reference as the selecting
object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
type: object
jobBookmarksEncryption:
description: Specifies how job bookmark data should be encrypted.
properties:
jobBookmarksEncryptionMode:
type: string
kmsKeyARN:
type: string
kmsKeyARNRef:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
kmsKeyARNSelector:
description: A Selector selects an object.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object
with the same controller reference as the selecting
object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
type: object
type: object
region:
description: Region is which region the SecurityConfiguration
will be created.
type: string
required:
- encryptionConfiguration
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: SecurityConfigurationStatus defines the observed state of
SecurityConfiguration.
properties:
atProvider:
description: SecurityConfigurationObservation defines the observed
state of SecurityConfiguration
properties:
createdTimestamp:
description: The time at which the new security configuration
was created.
format: date-time
type: string
name:
description: The name assigned to the new security configuration.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: accesskeys.iam.aws.crossplane.io
spec:
group: iam.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: AccessKey
listKind: AccessKeyList
plural: accesskeys
singular: accesskey
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
- jsonPath: .spec.forProvider.accessKeyStatus
name: STATUS
type: string
name: v1beta1
schema:
openAPIV3Schema:
description: An AccessKey is a managed resource that represents an the Access
Key for an AWS IAM User.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: An AccessKeySpec defines the desired state of an IAM Access
Key.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: AccessKeyParameters define the desired state of an AWS
IAM Access Key.
properties:
accessKeyStatus:
description: The current status of this AccessKey on the AWS Must
be either Active or Inactive.
enum:
- Active
- Inactive
type: string
userName:
description: Username contains the name of the User.
type: string
userNameRef:
description: UsernameRef references to an User to retrieve its
userName
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
userNameSelector:
description: UsernameSelector selects a reference to an User to
retrieve its userName
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: AccessKeyStatus represents the observed state of an IAM Access
Key.
properties:
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: groups.iam.aws.crossplane.io
spec:
group: iam.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Group
listKind: GroupList
plural: groups
singular: group
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.atProvider.arn
name: ARN
type: string
- jsonPath: .status.atProvider.groupId
name: ID
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: An Group is a managed resource that represents an AWS IAM Group.
An User is a managed resource that represents an AWS IAM User.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: An GroupSpec defines the desired state of an IAM Group.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: GroupParameters define the desired state of an AWS IAM
Group.
properties:
path:
description: The path for the group name.
type: string
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
type: object
status:
description: An GroupStatus represents the observed state of an IAM Group.
properties:
atProvider:
description: GroupObservation keeps the state for the external resource
properties:
arn:
description: The Amazon Resource Name (ARN) that identifies the
group.
type: string
groupId:
description: The stable and unique string identifying the group.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: grouppolicyattachments.iam.aws.crossplane.io
spec:
group: iam.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: GroupPolicyAttachment
listKind: GroupPolicyAttachmentList
plural: grouppolicyattachments
singular: grouppolicyattachment
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .spec.forProvider.groupName
name: GROUPNAME
type: string
- jsonPath: .spec.forProvider.policyArn
name: POLICYARN
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: An GroupPolicyAttachment is a managed resource that represents
an AWS IAM Group policy attachment.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: An GroupPolicyAttachmentSpec defines the desired state of
an GroupPolicyAttachment.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: GroupPolicyAttachmentParameters define the desired state
of an AWS GroupPolicyAttachment.
properties:
groupName:
description: GroupName presents the name of the Group.
type: string
groupNameRef:
description: GroupNameRef references to an Group to retrieve its
groupName
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
groupNameSelector:
description: GroupNameSelector selects a reference to an Group
to retrieve its groupName
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
policyArn:
description: PolicyARN is the Amazon Resource Name (ARN) of the
IAM policy you want to attach.
type: string
policyArnRef:
description: PolicyARNRef references an Policy to retrieve its
Policy ARN.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
policyArnSelector:
description: PolicyARNSelector selects a reference to an Policy
to retrieve its Policy ARN
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An GroupPolicyAttachmentStatus represents the observed state
of an GroupPolicyAttachment.
properties:
atProvider:
description: GroupPolicyAttachmentObservation keeps the state for
the external resource
properties:
attachedPolicyArn:
description: AttachedPolicyARN is the arn for the attached policy.
If nil, the policy is not yet attached
type: string
required:
- attachedPolicyArn
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: groupusermemberships.iam.aws.crossplane.io
spec:
group: iam.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: GroupUserMembership
listKind: GroupUserMembershipList
plural: groupusermemberships
singular: groupusermembership
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .spec.forProvider.userName
name: USERNAME
type: string
- jsonPath: .spec.forProvider.groupName
name: GROUPNAME
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: An GroupUserMembership is a managed resource that represents
an AWS IAM User group membership.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: An GroupUserMembershipSpec defines the desired state of an
GroupUserMembership.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: GroupUserMembershipParameters define the desired state
of an AWS GroupUserMembership.
properties:
groupName:
description: GroupName is the Amazon IAM Group Name (Group) of
the IAM group you want to add User to.
type: string
groupNameRef:
description: GroupNameRef references to an Group to retrieve its
groupName
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
groupNameSelector:
description: GroupNameSelector selects a reference to an Group
to retrieve its groupName
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
userName:
description: UserName presents the name of the User.
type: string
userNameRef:
description: UserNameRef references to an User to retrieve its
userName
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
userNameSelector:
description: UserNameSelector selects a reference to an User to
retrieve its userName
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An GroupUserMembershipStatus represents the observed state
of an GroupUserMembership.
properties:
atProvider:
description: GroupUserMembershipObservation keeps the state for the
external resource
properties:
attachedGroupArn:
description: AttachedGroupARN is the arn for the attached group.
If nil, the group is not yet attached
type: string
required:
- attachedGroupArn
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: openidconnectproviders.iam.aws.crossplane.io
spec:
group: iam.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: OpenIDConnectProvider
listKind: OpenIDConnectProviderList
plural: openidconnectproviders
shortNames:
- oidcprovider
singular: openidconnectprovider
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .spec.forProvider.url
name: URL
type: string
name: v1beta1
schema:
openAPIV3Schema:
description: OpenIDConnectProvider is the Schema for the OpenIDConnectProviders
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: OpenIDConnectProviderSpec defines the desired state of OpenIDConnectProvider
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: OpenIDConnectProviderParameters defines the desired state
of OpenIDConnectProvider
properties:
clientIDList:
description: "A list of client IDs (also known as audiences).
When a mobile or web app registers with an OpenID Connect provider,
they establish a value that identifies the application. (This
is the value that's sent as the client_id parameter on OAuth
requests.) \n You can register multiple client IDs with the
same provider. For example, you might have multiple applications
that use the same OIDC provider. You cannot register more than
100 client IDs with a single IAM OIDC provider. \n There is
no defined format for a client ID. The CreateOpenIDConnectProviderRequest
operation accepts client IDs up to 255 characters long."
items:
type: string
maxItems: 100
type: array
thumbprintList:
description: "A list of server certificate thumbprints for the
OpenID Connect (OIDC) identity provider's server certificates.
Typically this list includes only one entry. However, IAM lets
you have up to five thumbprints for an OIDC provider. This lets
you maintain multiple thumbprints if the identity provider is
rotating certificates. \n The server certificate thumbprint
is the hex-encoded SHA-1 hash value of the X.509 certificate
used by the domain where the OpenID Connect provider makes its
keys available. It is always a 40-character string. \n You must
provide at least one thumbprint when creating an IAM OIDC provider.
For example, assume that the OIDC provider is server.example.com
and the provider stores its keys at https://keys.server.example.com/openid-connect.
In that case, the thumbprint string would be the hex-encoded
SHA-1 hash value of the certificate used by https://keys.server.example.com.
\n For more information about obtaining the OIDC provider's
thumbprint, see Obtaining the Thumbprint for an OpenID Connect
Provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/identity-providers-oidc-obtain-thumbprint.html)
in the IAM User Guide."
items:
type: string
maxItems: 5
minItems: 1
type: array
url:
description: "The URL of the identity provider. The URL must begin
with https:// and should correspond to the iss claim in the
provider's OpenID Connect ID tokens. Per the OIDC standard,
path components are allowed but query parameters are not. Typically
the URL consists of only a hostname, like https://server.example.org
or https://example.com. \n You cannot register the same provider
multiple times in a single AWS account. If you try to submit
a URL that has already been used for an OpenID Connect provider
in the AWS account, you will get an error."
type: string
required:
- thumbprintList
- url
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: OpenIDConnectProviderStatus defines the observed state of
OpenIDConnectProvider.
properties:
atProvider:
description: OpenIDConnectProviderObservation defines the observed
state of OpenIDConnectProvider
properties:
createDate:
description: The date and time when the IAM OIDC provider resource
object was created in the AWS account.
format: date-time
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: policies.iam.aws.crossplane.io
spec:
group: iam.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Policy
listKind: PolicyList
plural: policies
singular: policy
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.atProvider.arn
name: ARN
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: An Policy is a managed resource that represents an AWS IAM Policy.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: An PolicySpec defines the desired state of an Policy.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: PolicyParameters define the desired state of an AWS IAM
Policy.
properties:
description:
description: A description of the policy.
type: string
document:
description: The JSON policy document that is the content for
the policy.
type: string
name:
description: The name of the policy.
type: string
path:
description: The path to the policy.
type: string
tags:
description: Tags. For more information about tagging, see Tagging
IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
in the IAM User Guide.
items:
description: Tag represents user-provided metadata that can
be associated with a IAM role. For more information about
tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
in the IAM User Guide.
properties:
key:
description: The key name that can be used to look up or
retrieve the associated value. For example, Department
or Cost Center are common choices.
type: string
value:
description: "The value associated with this tag. For example,
tags with a key name of Department could have values such
as Human Resources, Accounting, and Support. Tags with
a key name of Cost Center might have values that consist
of the number associated with the different cost centers
in your company. Typically, many resources have tags with
the same key name but with different values. \n AWS always
interprets the tag Value as a single string. If you need
to store an array, you can store comma-separated values
in the string. However, you must interpret the value in
your code."
type: string
required:
- key
type: object
type: array
required:
- document
- name
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An PolicyStatus represents the observed state of an Policy.
properties:
atProvider:
description: PolicyObservation keeps the state for the external resource
properties:
arn:
description: The Amazon PolicyObservation Name (ARN) of the policy
type: string
attachmentCount:
description: The number of entities (users, groups, and roles)
that the policy is attached to.
format: int32
type: integer
defaultVersionId:
description: The identifier for the version of the policy that
is set as the default version.
type: string
isAttachable:
description: Specifies whether the policy can be attached to an
IAM user, group, or role.
type: boolean
permissionsBoundaryUsageCount:
description: The number of entities (users and roles) for which
the policy is used to set the permissions boundary.
format: int32
type: integer
policyId:
description: The stable and unique string identifying the policy.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: roles.iam.aws.crossplane.io
spec:
group: iam.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Role
listKind: RoleList
plural: roles
shortNames:
- iamrole
singular: role
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: An Role is a managed resource that represents an AWS IAM Role.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: An RoleSpec defines the desired state of an Role.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: RoleParameters define the desired state of an AWS IAM
Role.
properties:
assumeRolePolicyDocument:
description: AssumeRolePolicyDocument is the the trust relationship
policy document that grants an entity permission to assume the
role.
type: string
description:
description: Description is a description of the role.
type: string
maxSessionDuration:
description: 'MaxSessionDuration is the duration (in seconds)
that you want to set for the specified role. The default maximum
of one hour is applied. This setting can have a value from 1
hour to 12 hours. Default: 3600'
format: int32
type: integer
path:
description: 'Path is the path to the role. Default: /'
type: string
permissionsBoundary:
description: PermissionsBoundary is the ARN of the policy that
is used to set the permissions boundary for the role.
type: string
tags:
description: Tags. For more information about tagging, see Tagging
IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
in the IAM User Guide.
items:
description: Tag represents user-provided metadata that can
be associated with a IAM role. For more information about
tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
in the IAM User Guide.
properties:
key:
description: The key name that can be used to look up or
retrieve the associated value. For example, Department
or Cost Center are common choices.
type: string
value:
description: "The value associated with this tag. For example,
tags with a key name of Department could have values such
as Human Resources, Accounting, and Support. Tags with
a key name of Cost Center might have values that consist
of the number associated with the different cost centers
in your company. Typically, many resources have tags with
the same key name but with different values. \n AWS always
interprets the tag Value as a single string. If you need
to store an array, you can store comma-separated values
in the string. However, you must interpret the value in
your code."
type: string
required:
- key
type: object
type: array
required:
- assumeRolePolicyDocument
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An RoleStatus represents the observed state of an Role.
properties:
atProvider:
description: RoleExternalStatus keeps the state for the external resource
properties:
arn:
description: ARN is the Amazon Resource Name (ARN) specifying
the role. For more information about ARNs and how to use them
in policies, see IAM Identifiers (http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
in the IAM User Guide guide.
type: string
roleID:
description: RoleID is the stable and unique string identifying
the role. For more information about IDs, see IAM Identifiers
(http://docs.aws.amazon.com/IAM/latest/UserGuide/Using_Identifiers.html)
in the Using IAM guide.
type: string
required:
- arn
- roleID
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: rolepolicyattachments.iam.aws.crossplane.io
spec:
group: iam.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: RolePolicyAttachment
listKind: RolePolicyAttachmentList
plural: rolepolicyattachments
singular: rolepolicyattachment
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .spec.forProvider.roleName
name: ROLENAME
type: string
- jsonPath: .spec.forProvider.policyArn
name: POLICYARN
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: An RolePolicyAttachment is a managed resource that represents
an AWS IAM Role policy attachment.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: An RolePolicyAttachmentSpec defines the desired state of
an RolePolicyAttachment.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: RolePolicyAttachmentParameters define the desired state
of an AWS IAM Role policy attachment.
properties:
policyArn:
description: PolicyARN is the Amazon Resource Name (ARN) of the
IAM policy you want to attach.
type: string
policyArnRef:
description: PolicyARNRef references an Policy to retrieve its
Policy ARN.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
policyArnSelector:
description: PolicyARNSelector selects a reference to an Policy
to retrieve its Policy ARN
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
roleName:
description: RoleName presents the name of the IAM role.
type: string
roleNameRef:
description: RoleNameRef references an Role to retrieve its Name
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
roleNameSelector:
description: RoleNameSelector selects a reference to an Role to
retrieve its Name
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An RolePolicyAttachmentStatus represents the observed state
of an RolePolicyAttachment.
properties:
atProvider:
description: RolePolicyAttachmentExternalStatus keeps the state for
the external resource
properties:
attachedPolicyArn:
description: AttachedPolicyARN is the arn for the attached policy.
If nil, the policy is not yet attached
type: string
required:
- attachedPolicyArn
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: users.iam.aws.crossplane.io
spec:
group: iam.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: User
listKind: UserList
plural: users
singular: user
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.atProvider.arn
name: ARN
type: string
- jsonPath: .status.atProvider.userId
name: ID
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: An User is a managed resource that represents an AWS IAM User.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: An UserSpec defines the desired state of an IAM User.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: UserParameters define the desired state of an AWS IAM
User.
properties:
path:
description: The path for the user name.
type: string
permissionsBoundary:
description: The ARN of the policy that is used to set the permissions
boundary for the user.
type: string
tags:
description: A list of tags that you want to attach to the newly
created user.
items:
description: Tag represents user-provided metadata that can
be associated with a IAM role. For more information about
tagging, see Tagging IAM Identities (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_tags.html)
in the IAM User Guide.
properties:
key:
description: The key name that can be used to look up or
retrieve the associated value. For example, Department
or Cost Center are common choices.
type: string
value:
description: "The value associated with this tag. For example,
tags with a key name of Department could have values such
as Human Resources, Accounting, and Support. Tags with
a key name of Cost Center might have values that consist
of the number associated with the different cost centers
in your company. Typically, many resources have tags with
the same key name but with different values. \n AWS always
interprets the tag Value as a single string. If you need
to store an array, you can store comma-separated values
in the string. However, you must interpret the value in
your code."
type: string
required:
- key
type: object
type: array
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An UserStatus represents the observed state of an IAM User.
properties:
atProvider:
description: UserObservation keeps the state for the external resource
properties:
arn:
description: The Amazon Resource Name (ARN) that identifies the
user.
type: string
userId:
description: The stable and unique string identifying the user.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: userpolicyattachments.iam.aws.crossplane.io
spec:
group: iam.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: UserPolicyAttachment
listKind: UserPolicyAttachmentList
plural: userpolicyattachments
singular: userpolicyattachment
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .spec.forProvider.userName
name: USERNAME
type: string
- jsonPath: .spec.forProvider.policyArn
name: POLICYARN
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: An UserPolicyAttachment is a managed resource that represents
an AWS IAM User policy attachment.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: An UserPolicyAttachmentSpec defines the desired state of
an UserPolicyAttachment.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: UserPolicyAttachmentParameters define the desired state
of an AWS UserPolicyAttachment.
properties:
policyArn:
description: PolicyARN is the Amazon Resource Name (ARN) of the
IAM policy you want to attach.
type: string
policyArnRef:
description: PolicyARNRef references an Policy to retrieve its
Policy ARN.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
policyArnSelector:
description: PolicyARNSelector selects a reference to an Policy
to retrieve its Policy ARN
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
userName:
description: UserName presents the name of the User.
type: string
userNameRef:
description: UserNameRef references to an User to retrieve its
userName
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
userNameSelector:
description: UserNameSelector selects a reference to an User to
retrieve its userName
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An UserPolicyAttachmentStatus represents the observed state
of an UserPolicyAttachment.
properties:
atProvider:
description: UserPolicyAttachmentObservation keeps the state for the
external resource
properties:
attachedPolicyArn:
description: AttachedPolicyARN is the arn for the attached policy.
If nil, the policy is not yet attached
type: string
required:
- attachedPolicyArn
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: policies.iot.aws.crossplane.io
spec:
group: iot.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Policy
listKind: PolicyList
plural: policies
singular: policy
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Policy is the Schema for the Policies API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: PolicySpec defines the desired state of Policy
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: PolicyParameters defines the desired state of Policy
properties:
policyDocument:
description: The JSON document that describes the policy. policyDocument
must have a minimum length of 1, with a maximum length of 2048,
excluding whitespace.
type: string
region:
description: Region is which region the Policy will be created.
type: string
tags:
description: "Metadata which can be used to manage the policy.
\n For URI Request parameters use format: ...key1=value1&key2=value2...
\n For the CLI command-line parameter use format: &&tags \"key1=value1&key2=value2...\"
\n For the cli-input-json file use format: \"tags\": \"key1=value1&key2=value2...\""
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- policyDocument
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: PolicyStatus defines the observed state of Policy.
properties:
atProvider:
description: PolicyObservation defines the observed state of Policy
properties:
policyARN:
description: The policy ARN.
type: string
policyVersionID:
description: The policy version ID.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: things.iot.aws.crossplane.io
spec:
group: iot.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Thing
listKind: ThingList
plural: things
singular: thing
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Thing is the Schema for the Things API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ThingSpec defines the desired state of Thing
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: ThingParameters defines the desired state of Thing
properties:
attributePayload:
description: "The attribute payload, which consists of up to three
name/value pairs in a JSON document. For example: \n {\\\"attributes\\\":{\\\"string1\\\":\\\"string2\\\"}}"
properties:
attributes:
additionalProperties:
type: string
type: object
merge:
type: boolean
type: object
billingGroupName:
description: The name of the billing group the thing will be added
to.
type: string
region:
description: Region is which region the Thing will be created.
type: string
thingTypeName:
description: The name of the thing type associated with the new
thing.
type: string
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: ThingStatus defines the observed state of Thing.
properties:
atProvider:
description: ThingObservation defines the observed state of Thing
properties:
thingARN:
description: The ARN of the new thing.
type: string
thingID:
description: The thing ID.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: clusters.kafka.aws.crossplane.io
spec:
group: kafka.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Cluster
listKind: ClusterList
plural: clusters
singular: cluster
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Cluster is the Schema for the Clusters API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ClusterSpec defines the desired state of Cluster
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: ClusterParameters defines the desired state of Cluster
properties:
brokerNodeGroupInfo:
description: Information about the brokers
properties:
clientSubnetRefs:
description: ClientSubnetRefs is a list of references to Subnets
used to set the ClientSubnets.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
clientSubnetSelector:
description: ClientSubnetSelector selects references to Subnets
used to set the ClientSubnets.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
clientSubnets:
items:
type: string
type: array
instanceType:
type: string
securityGroupRefs:
description: SecurityGroupRefs is a list of references to
SecurityGroups used to set the SecurityGroups.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
securityGroupSelector:
description: SecurityGroupSelector selects references to SecurityGroup
used to set the SecurityGroups.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
securityGroups:
items:
type: string
type: array
storageInfo:
description: Contains information about storage volumes attached
to MSK broker nodes.
properties:
ebsStorageInfo:
description: Contains information about the EBS storage
volumes attached to Kafka broker nodes.
properties:
volumeSize:
format: int64
type: integer
type: object
type: object
type: object
clientAuthentication:
description: Includes all client authentication related information.
properties:
sasl:
properties:
scram:
properties:
enabled:
type: boolean
type: object
type: object
tls:
description: Details for client authentication using TLS.
properties:
certificateAuthorityARNList:
items:
type: string
type: array
type: object
type: object
configurationInfo:
description: Represents the configuration that you want MSK to
use for the cluster.
properties:
arn:
description: ARN of the configuration to use.
type: string
arnRef:
description: ARNRef is a reference to a Kafka Configuration
used to set ARN.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
arnSelector:
description: ARNSelector selects a reference to a Kafka Configuration
used to set ARN.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
revision:
format: int64
type: integer
type: object
encryptionInfo:
description: Includes all encryption-related information.
properties:
encryptionAtRest:
description: The data-volume encryption details.
properties:
dataVolumeKMSKeyID:
type: string
type: object
encryptionInTransit:
description: The settings for encrypting data in transit.
properties:
clientBroker:
description: Client-broker encryption in transit setting.
type: string
inCluster:
type: boolean
type: object
type: object
enhancedMonitoring:
description: Specifies the level of monitoring for the MSK cluster.
The possible values are DEFAULT, PER_BROKER, PER_TOPIC_PER_BROKER,
and PER_TOPIC_PER_PARTITION.
type: string
kafkaVersion:
description: The version of Apache Kafka.
type: string
loggingInfo:
description: LoggingInfo details.
properties:
brokerLogs:
description: The broker logs configuration for this MSK cluster.
properties:
cloudWatchLogs:
description: Details of the CloudWatch Logs destination
for broker logs.
properties:
enabled:
type: boolean
logGroup:
type: string
type: object
firehose:
description: Firehose details for BrokerLogs.
properties:
deliveryStream:
type: string
enabled:
type: boolean
type: object
s3:
description: The details of the Amazon S3 destination
for broker logs.
properties:
bucket:
type: string
enabled:
type: boolean
prefix:
type: string
type: object
type: object
type: object
numberOfBrokerNodes:
description: The number of Kafka broker nodes in the Amazon MSK
cluster.
format: int64
type: integer
openMonitoring:
description: The settings for open monitoring.
properties:
prometheus:
description: Prometheus settings.
properties:
jmxExporter:
description: Indicates whether you want to enable or disable
the JMX Exporter.
properties:
enabledInBroker:
type: boolean
type: object
nodeExporter:
description: Indicates whether you want to enable or disable
the Node Exporter.
properties:
enabledInBroker:
type: boolean
type: object
type: object
type: object
region:
description: Region is which region the Cluster will be created.
type: string
tags:
additionalProperties:
type: string
description: Create tags when creating the cluster.
type: object
zookeeperConnectString:
description: The connection string to use to connect to the Apache
ZooKeeper cluster.
type: string
zookeeperConnectStringTLS:
description: The connection string to use to connect to zookeeper
cluster on Tls port.
type: string
required:
- kafkaVersion
- numberOfBrokerNodes
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: ClusterStatus defines the observed state of Cluster.
properties:
atProvider:
description: ClusterObservation defines the observed state of Cluster
properties:
clusterARN:
description: The Amazon Resource Name (ARN) of the cluster.
type: string
clusterName:
description: The name of the MSK cluster.
type: string
state:
description: The state of the cluster. The possible states are
ACTIVE, CREATING, DELETING, FAILED, HEALING, MAINTENANCE, REBOOTING_BROKER,
and UPDATING.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: configurations.kafka.aws.crossplane.io
spec:
group: kafka.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Configuration
listKind: ConfigurationList
plural: configurations
singular: configuration
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Configuration is the Schema for the Configurations API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ConfigurationSpec defines the desired state of Configuration
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: ConfigurationParameters defines the desired state of
Configuration
properties:
description:
description: The description of the configuration.
type: string
kafkaVersions:
description: The versions of Apache Kafka with which you can use
this MSK configuration.
items:
type: string
type: array
properties:
description: kafka server configurations
items:
type: string
type: array
region:
description: Region is which region the Configuration will be
created.
type: string
required:
- properties
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: ConfigurationStatus defines the observed state of Configuration.
properties:
atProvider:
description: ConfigurationObservation defines the observed state of
Configuration
properties:
arn:
description: The Amazon Resource Name (ARN) of the configuration.
type: string
creationTime:
description: The time when the configuration was created.
format: date-time
type: string
latestRevision:
description: Latest revision of the configuration.
properties:
creationTime:
format: date-time
type: string
description:
type: string
revision:
format: int64
type: integer
type: object
name:
description: The name of the configuration. Configuration names
are strings that match the regex "^[0-9A-Za-z-]+$".
type: string
state:
description: The state of the configuration. The possible states
are ACTIVE, DELETING and DELETE_FAILED.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: streams.kinesis.aws.crossplane.io
spec:
group: kinesis.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Stream
listKind: StreamList
plural: streams
singular: stream
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Stream is the Schema for the Streams API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: StreamSpec defines the desired state of Stream
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: StreamParameters defines the desired state of Stream
properties:
enforceConsumerDeletion:
description: If this parameter is unset (null) or if you set it
to false, and the stream has registered consumers, the call
to DeleteStream fails with a ResourceInUseException.
type: boolean
enhancedMetrics:
description: "List of shard-level metrics. \n The following are
the valid shard-level metrics. The value \"ALL\" enhances every
metric. \n * IncomingBytes \n * IncomingRecords \n *
OutgoingBytes \n * OutgoingRecords \n * WriteProvisionedThroughputExceeded
\n * ReadProvisionedThroughputExceeded \n * IteratorAgeMilliseconds
\n * ALL \n For more information, see Monitoring the Amazon
Kinesis Data Streams Service with Amazon CloudWatch (https://docs.aws.amazon.com/kinesis/latest/dev/monitoring-with-cloudwatch.html)
in the Amazon Kinesis Data Streams Developer Guide."
items:
properties:
shardLevelMetrics:
items:
type: string
type: array
type: object
type: array
kmsKeyARN:
type: string
kmsKeyARNRef:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
kmsKeyARNSelector:
description: A Selector selects an object.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
region:
description: Region is which region the Stream will be created.
type: string
retentionPeriodHours:
description: 'The retention period of the stream, in hours. Default:
24 hours'
format: int64
type: integer
shardCount:
description: The number of shards that the stream will use. The
throughput of the stream is a function of the number of shards;
more shards are required for greater provisioned throughput.
format: int64
type: integer
tags:
items:
description: CustomTag contains the additional fields for Tag.
properties:
key:
description: A unique identifier for the tag.
type: string
value:
description: An optional string, typically used to describe
or define the tag.
type: string
required:
- key
type: object
type: array
required:
- region
- shardCount
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: StreamStatus defines the observed state of Stream.
properties:
atProvider:
description: StreamObservation defines the observed state of Stream
properties:
encryptionType:
description: "The server-side encryption type used on the stream.
This parameter can be one of the following values: \n * NONE:
Do not encrypt the records in the stream. \n * KMS: Use server-side
encryption on the records in the stream using a customer-managed
AWS KMS key."
type: string
enhancedMonitoring:
description: Represents the current enhanced monitoring settings
of the stream.
items:
properties:
shardLevelMetrics:
items:
type: string
type: array
type: object
type: array
hasMoreShards:
description: If set to true, more shards in the stream are available
to describe.
type: boolean
keyID:
description: "The GUID for the customer-managed AWS KMS key to
use for encryption. This value can be a globally unique identifier,
a fully specified ARN to either an alias or a key, or an alias
name prefixed by \"alias/\".You can also use a master key owned
by Kinesis Data Streams by specifying the alias aws/kinesis.
\n * Key ARN example: arn:aws:kms:us-east-1:123456789012:key/12345678-1234-1234-1234-123456789012
\n * Alias ARN example: arn:aws:kms:us-east-1:123456789012:alias/MyAliasName
\n * Globally unique key ID example: 12345678-1234-1234-1234-123456789012
\n * Alias name example: alias/MyAliasName \n * Master
key owned by Kinesis Data Streams: alias/aws/kinesis"
type: string
retentionPeriodHours:
description: The current retention period, in hours. Minimum value
of 24. Maximum value of 168.
format: int64
type: integer
shards:
description: The shards that comprise the stream.
items:
properties:
adjacentParentShardID:
type: string
hashKeyRange:
description: The range of possible hash key values for the
shard, which is a set of ordered contiguous positive integers.
properties:
endingHashKey:
type: string
startingHashKey:
type: string
type: object
parentShardID:
type: string
sequenceNumberRange:
description: The range of possible sequence numbers for
the shard.
properties:
endingSequenceNumber:
type: string
startingSequenceNumber:
type: string
type: object
shardID:
type: string
type: object
type: array
streamARN:
description: The Amazon Resource Name (ARN) for the stream being
described.
type: string
streamStatus:
description: "The current status of the stream being described.
The stream status is one of the following states: \n * CREATING
- The stream is being created. Kinesis Data Streams immediately
\ returns and sets StreamStatus to CREATING. \n * DELETING
- The stream is being deleted. The specified stream is in the
\ DELETING state until Kinesis Data Streams completes the
deletion. \n * ACTIVE - The stream exists and is ready for
read and write operations or deletion. You should perform
read and write operations only on an ACTIVE stream. \n *
UPDATING - Shards in the stream are being merged or split. Read
and write operations continue to work while the stream is
in the UPDATING state."
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: aliases.kms.aws.crossplane.io
spec:
group: kms.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Alias
listKind: AliasList
plural: aliases
singular: alias
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Alias is the Schema for the Aliases API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: AliasSpec defines the desired state of Alias
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: AliasParameters defines the desired state of Alias
properties:
region:
description: Region is which region the Alias will be created.
type: string
targetKeyId:
description: "Associates the alias with the specified customer
managed CMK (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk).
The CMK must be in the same AWS Region. \n A valid CMK ID is
required. If you supply a null or empty string value, this operation
returns an error. \n For help finding the key ID and ARN, see
Finding the Key ID and ARN (https://docs.aws.amazon.com/kms/latest/developerguide/viewing-keys.html#find-cmk-id-arn)
in the AWS Key Management Service Developer Guide. \n Specify
the key ID or the Amazon Resource Name (ARN) of the CMK. \n
For example: \n * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
\n * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
\n To get the key ID and key ARN for a CMK, use ListKeys or
DescribeKey."
type: string
targetKeyIdRef:
description: TargetKeyIDRef is a reference to a KMS Key used to
set TargetKeyID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
targetKeyIdSelector:
description: TargetKeyIDSelector selects a reference to a KMS
Key used to set TargetKeyID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: AliasStatus defines the observed state of Alias.
properties:
atProvider:
description: AliasObservation defines the observed state of Alias
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: keys.kms.aws.crossplane.io
spec:
group: kms.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Key
listKind: KeyList
plural: keys
singular: key
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Key is the Schema for the Keys API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: KeySpec defines the desired state of Key
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: KeyParameters defines the desired state of Key
properties:
bypassPolicyLockoutSafetyCheck:
description: "A flag to indicate whether to bypass the key policy
lockout safety check. \n Setting this value to true increases
the risk that the CMK becomes unmanageable. Do not set this
value to true indiscriminately. \n For more information, refer
to the scenario in the Default Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam)
section in the AWS Key Management Service Developer Guide .
\n Use this parameter only when you include a policy in the
request and you intend to prevent the principal that is making
the request from making a subsequent PutKeyPolicy request on
the CMK. \n The default value is false."
type: boolean
customKeyStoreID:
description: "Creates the CMK in the specified custom key store
(https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
and the key material in its associated AWS CloudHSM cluster.
To create a CMK in a custom key store, you must also specify
the Origin parameter with a value of AWS_CLOUDHSM. The AWS CloudHSM
cluster that is associated with the custom key store must have
at least two active HSMs, each in a different Availability Zone
in the Region. \n This parameter is valid only for symmetric
CMKs. You cannot create an asymmetric CMK in a custom key store.
\n To find the ID of a custom key store, use the DescribeCustomKeyStores
operation. \n The response includes the custom key store ID
and the ID of the AWS CloudHSM cluster. \n This operation is
part of the Custom Key Store feature (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
feature in AWS KMS, which combines the convenience and extensive
integration of AWS KMS with the isolation and control of a single-tenant
key store."
type: string
customerMasterKeySpec:
description: "Specifies the type of CMK to create. The default
value, SYMMETRIC_DEFAULT, creates a CMK with a 256-bit symmetric
key for encryption and decryption. For help choosing a key spec
for your CMK, see How to Choose Your CMK Configuration (https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-choose.html)
in the AWS Key Management Service Developer Guide. \n The CustomerMasterKeySpec
determines whether the CMK contains a symmetric key or an asymmetric
key pair. It also determines the encryption algorithms or signing
algorithms that the CMK supports. You can't change the CustomerMasterKeySpec
after the CMK is created. To further restrict the algorithms
that can be used with the CMK, use a condition key in its key
policy or IAM policy. For more information, see kms:EncryptionAlgorithm
(https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-encryption-algorithm)
or kms:Signing Algorithm (https://docs.aws.amazon.com/kms/latest/developerguide/policy-conditions.html#conditions-kms-signing-algorithm)
in the AWS Key Management Service Developer Guide. \n AWS services
that are integrated with AWS KMS (http://aws.amazon.com/kms/features/#AWS_Service_Integration)
use symmetric CMKs to protect your data. These services do not
support asymmetric CMKs. For help determining whether a CMK
is symmetric or asymmetric, see Identifying Symmetric and Asymmetric
CMKs (https://docs.aws.amazon.com/kms/latest/developerguide/find-symm-asymm.html)
in the AWS Key Management Service Developer Guide. \n AWS KMS
supports the following key specs for CMKs: \n * Symmetric
key (default) SYMMETRIC_DEFAULT (AES-256-GCM) \n * Asymmetric
RSA key pairs RSA_2048 RSA_3072 RSA_4096 \n * Asymmetric
NIST-recommended elliptic curve key pairs ECC_NIST_P256 (secp256r1)
\ ECC_NIST_P384 (secp384r1) ECC_NIST_P521 (secp521r1) \n *
Other asymmetric elliptic curve key pairs ECC_SECG_P256K1 (secp256k1),
\ commonly used for cryptocurrencies."
type: string
description:
description: "A description of the CMK. \n Use a description that
helps you decide whether the CMK is appropriate for a task."
type: string
enabled:
description: Specifies whether the CMK is enabled.
type: boolean
keyUsage:
description: "Determines the cryptographic operations (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#cryptographic-operations)
for which you can use the CMK. The default value is ENCRYPT_DECRYPT.
This parameter is required only for asymmetric CMKs. You can't
change the KeyUsage value after the CMK is created. \n Select
only one valid value. \n * For symmetric CMKs, omit the parameter
or specify ENCRYPT_DECRYPT. \n * For asymmetric CMKs with
RSA key material, specify ENCRYPT_DECRYPT or SIGN_VERIFY.
\n * For asymmetric CMKs with ECC key material, specify SIGN_VERIFY."
type: string
origin:
description: "The source of the key material for the CMK. You
cannot change the origin after you create the CMK. The default
is AWS_KMS, which means AWS KMS creates the key material. \n
When the parameter value is EXTERNAL, AWS KMS creates a CMK
without key material so that you can import key material from
your existing key management infrastructure. For more information
about importing key material into AWS KMS, see Importing Key
Material (https://docs.aws.amazon.com/kms/latest/developerguide/importing-keys.html)
in the AWS Key Management Service Developer Guide. This value
is valid only for symmetric CMKs. \n When the parameter value
is AWS_CLOUDHSM, AWS KMS creates the CMK in an AWS KMS custom
key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html)
and creates its key material in the associated AWS CloudHSM
cluster. You must also use the CustomKeyStoreId parameter to
identify the custom key store. This value is valid only for
symmetric CMKs."
type: string
pendingWindowInDays:
description: Specifies how many days the Key is retained when
scheduled for deletion. Defaults to 30 days.
format: int64
type: integer
policy:
description: "The key policy to attach to the CMK. \n If you provide
a key policy, it must meet the following criteria: \n * If
you don't set BypassPolicyLockoutSafetyCheck to true, the key
policy must allow the principal that is making the CreateKey
request to make a subsequent PutKeyPolicy request on the
CMK. This reduces the risk that the CMK becomes unmanageable.
For more information, refer to the scenario in the Default
Key Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default-allow-root-enable-iam)
\ section of the AWS Key Management Service Developer Guide
. \n * Each statement in the key policy must contain one
or more principals. The principals in the key policy must
exist and be visible to AWS KMS. When you create a new AWS
principal (for example, an IAM user or role), you might need
to enforce a delay before including the new principal in a
key policy because the new principal might not be immediately
visible to AWS KMS. For more information, see Changes that
I make are not always immediately visible (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_eventual-consistency)
\ in the AWS Identity and Access Management User Guide. \n
If you do not provide a key policy, AWS KMS attaches a default
key policy to the CMK. For more information, see Default Key
Policy (https://docs.aws.amazon.com/kms/latest/developerguide/key-policies.html#key-policy-default)
in the AWS Key Management Service Developer Guide. \n The key
policy size quota is 32 kilobytes (32768 bytes). \n For help
writing and formatting a JSON policy document, see the IAM JSON
Policy Reference (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies.html)
in the IAM User Guide ."
type: string
region:
description: Region is which region the Key will be created.
type: string
tags:
description: "One or more tags. Each tag consists of a tag key
and a tag value. Both the tag key and the tag value are required,
but the tag value can be an empty (null) string. \n When you
add tags to an AWS resource, AWS generates a cost allocation
report with usage and costs aggregated by tags. For information
about adding, changing, deleting and listing tags for CMKs,
see Tagging Keys (https://docs.aws.amazon.com/kms/latest/developerguide/tagging-keys.html).
\n Use this parameter to tag the CMK when it is created. To
add tags to an existing CMK, use the TagResource operation.
\n To use this parameter, you must have kms:TagResource (https://docs.aws.amazon.com/kms/latest/developerguide/kms-api-permissions-reference.html)
permission in an IAM policy."
items:
properties:
tagKey:
type: string
tagValue:
type: string
type: object
type: array
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: KeyStatus defines the observed state of Key.
properties:
atProvider:
description: KeyObservation defines the observed state of Key
properties:
arn:
description: The Amazon Resource Name (ARN) of the CMK. For examples,
see AWS Key Management Service (AWS KMS) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-kms)
in the Example ARNs section of the AWS General Reference.
type: string
awsAccountID:
description: The twelve-digit account ID of the AWS account that
owns the CMK.
type: string
cloudHsmClusterID:
description: The cluster ID of the AWS CloudHSM cluster that contains
the key material for the CMK. When you create a CMK in a custom
key store (https://docs.aws.amazon.com/kms/latest/developerguide/custom-key-store-overview.html),
AWS KMS creates the key material for the CMK in the associated
AWS CloudHSM cluster. This value is present only when the CMK
is created in a custom key store.
type: string
creationDate:
description: The date and time when the CMK was created.
format: date-time
type: string
deletionDate:
description: The date and time after which AWS KMS deletes the
CMK. This value is present only when KeyState is PendingDeletion.
format: date-time
type: string
enabled:
description: Specifies whether the CMK is enabled. When KeyState
is Enabled this value is true, otherwise it is false.
type: boolean
encryptionAlgorithms:
description: "The encryption algorithms that the CMK supports.
You cannot use the CMK with other encryption algorithms within
AWS KMS. \n This field appears only when the KeyUsage of the
CMK is ENCRYPT_DECRYPT."
items:
type: string
type: array
expirationModel:
description: Specifies whether the CMK's key material expires.
This value is present only when Origin is EXTERNAL, otherwise
this value is omitted.
type: string
keyID:
description: The globally unique identifier for the CMK.
type: string
keyManager:
description: The manager of the CMK. CMKs in your AWS account
are either customer managed or AWS managed. For more information
about the difference, see Customer Master Keys (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys)
in the AWS Key Management Service Developer Guide.
type: string
keyState:
description: "The current status of the CMK. \n For more information
about how key state affects the use of a CMK, see Key state:
Effect on your CMK (https://docs.aws.amazon.com/kms/latest/developerguide/key-state.html)
in the AWS Key Management Service Developer Guide."
type: string
signingAlgorithms:
description: "The signing algorithms that the CMK supports. You
cannot use the CMK with other signing algorithms within AWS
KMS. \n This field appears only when the KeyUsage of the CMK
is SIGN_VERIFY."
items:
type: string
type: array
validTo:
description: The time at which the imported key material expires.
When the key material expires, AWS KMS deletes the key material
and the CMK becomes unusable. This value is present only for
CMKs whose Origin is EXTERNAL and whose ExpirationModel is KEY_MATERIAL_EXPIRES,
otherwise this value is omitted.
format: date-time
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: functions.lambda.aws.crossplane.io
spec:
group: lambda.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Function
listKind: FunctionList
plural: functions
singular: function
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Function is the Schema for the Functions API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: FunctionSpec defines the desired state of Function
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: FunctionParameters defines the desired state of Function
properties:
code:
description: The code for the function.
properties:
imageURI:
type: string
s3Bucket:
type: string
s3BucketRef:
description: S3BucketRef is a reference to an S3 Bucket.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
s3BucketSelector:
description: S3BucketSelector selects references to an S3
Bucket.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
s3Key:
type: string
s3ObjectVersion:
type: string
type: object
codeSigningConfigARN:
description: To enable code signing for this function, specify
the ARN of a code-signing configuration. A code-signing configuration
includes a set of signing profiles, which define the trusted
publishers for this function.
type: string
deadLetterConfig:
description: A dead letter queue configuration that specifies
the queue or topic where Lambda sends asynchronous events when
they fail processing. For more information, see Dead Letter
Queues (https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#dlq).
properties:
targetARN:
type: string
type: object
description:
description: A description of the function.
type: string
environment:
description: Environment variables that are accessible from function
code during execution.
properties:
variables:
additionalProperties:
type: string
type: object
type: object
fileSystemConfigs:
description: Connection settings for an Amazon EFS file system.
items:
properties:
arn:
type: string
localMountPath:
type: string
type: object
type: array
handler:
description: The name of the method within your code that Lambda
calls to execute your function. The format includes the file
name. It can also include namespaces and other qualifiers, depending
on the runtime. For more information, see Programming Model
(https://docs.aws.amazon.com/lambda/latest/dg/programming-model-v2.html).
type: string
imageConfig:
description: Container image configuration values (https://docs.aws.amazon.com/lambda/latest/dg/images-parms.html)
that override the values in the container image Dockerfile.
properties:
command:
items:
type: string
type: array
entryPoint:
items:
type: string
type: array
workingDirectory:
type: string
type: object
kmsKeyARN:
description: The ARN of the AWS Key Management Service (AWS KMS)
key that's used to encrypt your function's environment variables.
If it's not provided, AWS Lambda uses a default service key.
type: string
kmsKeyARNRef:
description: KMSKeyARNRef is a reference to a kms key used to
set the KMSKeyARN.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
kmsKeyARNSelector:
description: KMSKeyARNSelector selects references to kms key arn
used to set the KMSKeyARN.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
layers:
description: A list of function layers (https://docs.aws.amazon.com/lambda/latest/dg/configuration-layers.html)
to add to the function's execution environment. Specify each
layer by its ARN, including the version.
items:
type: string
type: array
memorySize:
description: The amount of memory available to the function at
runtime. Increasing the function's memory also increases its
CPU allocation. The default value is 128 MB. The value can be
any multiple of 1 MB.
format: int64
type: integer
packageType:
description: The type of deployment package. Set to Image for
container image and set Zip for ZIP archive.
type: string
publish:
description: Set to true to publish the first version of the function
during creation.
type: boolean
region:
description: Region is which region the Function will be created.
type: string
role:
description: The Amazon Resource Name (ARN) of the function's
execution role. One of role, roleRef or roleSelector is required.
type: string
roleRef:
description: RoleRef is a reference to an iam role
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
roleSelector:
description: RoleSelector selects references to iam role arn used
to set the lambda Role.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
runtime:
description: The identifier of the function's runtime (https://docs.aws.amazon.com/lambda/latest/dg/lambda-runtimes.html).
type: string
tags:
additionalProperties:
type: string
description: A list of tags (https://docs.aws.amazon.com/lambda/latest/dg/tagging.html)
to apply to the function.
type: object
timeout:
description: The amount of time that Lambda allows a function
to run before stopping it. The default is 3 seconds. The maximum
allowed value is 900 seconds.
format: int64
type: integer
tracingConfig:
description: Set Mode to Active to sample and trace a subset of
incoming requests with AWS X-Ray.
properties:
mode:
type: string
type: object
vpcConfig:
description: For network connectivity to AWS resources in a VPC,
specify a list of security groups and subnets in the VPC. When
you connect a function to a VPC, it can only access resources
and the internet through that VPC. For more information, see
VPC Settings (https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html).
properties:
securityGroupIDRefs:
description: SecurityGroupIDRefs is a list of references to
SecurityGroups used to set the SecurityGroupIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
securityGroupIDSelector:
description: SecurityGroupIDsSelector selects references to
SecurityGroupID used to set the SecurityGroupIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
securityGroupIDs:
items:
type: string
type: array
subnetIDRefs:
description: SubnetIDRefs is a list of references to Subnets
used to set the SubnetIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
subnetIDSelector:
description: SubnetIDsSelector selects references to Subnets
used to set the SubnetIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
subnetIDs:
items:
type: string
type: array
type: object
required:
- code
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: FunctionStatus defines the observed state of Function.
properties:
atProvider:
description: FunctionObservation defines the observed state of Function
properties:
codeSHA256:
description: The SHA256 hash of the function's deployment package.
type: string
codeSize:
description: The size of the function's deployment package, in
bytes.
format: int64
type: integer
functionARN:
description: The function's Amazon Resource Name (ARN).
type: string
functionName:
description: The name of the function.
type: string
imageConfigResponse:
description: The function's image configuration values.
properties:
error:
description: Error response to GetFunctionConfiguration.
properties:
errorCode:
type: string
message:
type: string
type: object
imageConfig:
description: Configuration values that override the container
image Dockerfile settings. See Container settings (https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms).
properties:
command:
items:
type: string
type: array
entryPoint:
items:
type: string
type: array
workingDirectory:
type: string
type: object
type: object
lastModified:
description: The date and time that the function was last updated,
in ISO-8601 format (https://www.w3.org/TR/NOTE-datetime) (YYYY-MM-DDThh:mm:ss.sTZD).
type: string
lastUpdateStatus:
description: The status of the last update that was performed
on the function. This is first set to Successful after function
creation completes.
type: string
lastUpdateStatusReason:
description: The reason for the last update that was performed
on the function.
type: string
lastUpdateStatusReasonCode:
description: The reason code for the last update that was performed
on the function.
type: string
masterARN:
description: For Lambda@Edge functions, the ARN of the master
function.
type: string
revisionID:
description: The latest updated revision of the function or alias.
type: string
role:
description: The function's execution role.
type: string
signingJobARN:
description: The ARN of the signing job.
type: string
signingProfileVersionARN:
description: The ARN of the signing profile version.
type: string
state:
description: The current state of the function. When the state
is Inactive, you can reactivate the function by invoking it.
type: string
stateReason:
description: The reason for the function's current state.
type: string
stateReasonCode:
description: The reason code for the function's current state.
When the code is Creating, you can't invoke or modify the function.
type: string
version:
description: The version of the Lambda function.
type: string
vpcConfig:
description: The function's networking configuration.
properties:
securityGroupIDs:
items:
type: string
type: array
subnetIDs:
items:
type: string
type: array
vpcID:
type: string
type: object
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: brokers.mq.aws.crossplane.io
spec:
group: mq.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Broker
listKind: BrokerList
plural: brokers
singular: broker
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Broker is the Schema for the Brokers API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: BrokerSpec defines the desired state of Broker
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: BrokerParameters defines the desired state of Broker
properties:
authenticationStrategy:
type: string
autoMinorVersionUpgrade:
type: boolean
configuration:
properties:
id:
type: string
revision:
format: int64
type: integer
type: object
creatorRequestID:
type: string
deploymentMode:
type: string
encryptionOptions:
properties:
kmsKeyID:
type: string
useAWSOwnedKey:
type: boolean
type: object
engineType:
type: string
engineVersion:
type: string
hostInstanceType:
type: string
ldapServerMetadata:
properties:
hosts:
items:
type: string
type: array
roleBase:
type: string
roleName:
type: string
roleSearchMatching:
type: string
roleSearchSubtree:
type: boolean
serviceAccountPassword:
type: string
serviceAccountUsername:
type: string
userBase:
type: string
userRoleName:
type: string
userSearchMatching:
type: string
userSearchSubtree:
type: boolean
type: object
logs:
properties:
audit:
type: boolean
general:
type: boolean
type: object
maintenanceWindowStartTime:
properties:
dayOfWeek:
type: string
timeOfDay:
type: string
timeZone:
type: string
type: object
publiclyAccessible:
type: boolean
region:
description: Region is which region the Broker will be created.
type: string
securityGroupIdRefs:
description: SecurityGroupIDRefs is a list of references to SecurityGroups
used to set the SecurityGroupsIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
securityGroupIdSelector:
description: SecurityGroupIDsSelector selects references to SecurityGroups
used to set the SecurityGroupsIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
securityGroups:
items:
type: string
type: array
storageType:
type: string
subnetIDRefs:
description: SubnetIDRefs is a list of references to Subnets used
to set the SubnetIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
subnetIDSelector:
description: SubnetIDsSelector selects references to Subnets used
to set the SubnetIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
subnetIDs:
items:
type: string
type: array
tags:
additionalProperties:
type: string
type: object
users:
items:
description: CustomUser contains the fields for Users with PasswordSecretRef
properties:
consoleAccess:
type: boolean
groups:
items:
type: string
type: array
passwordSecretRef:
description: A SecretKeySelector is a reference to a secret
key in an arbitrary namespace.
properties:
key:
description: The key to select.
type: string
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- key
- name
- namespace
type: object
username:
type: string
type: object
type: array
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: BrokerStatus defines the observed state of Broker.
properties:
atProvider:
description: BrokerObservation defines the observed state of Broker
properties:
brokerARN:
type: string
brokerID:
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: users.mq.aws.crossplane.io
spec:
group: mq.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: User
listKind: UserList
plural: users
singular: user
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: User is the Schema for the Users API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: UserSpec defines the desired state of User
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: UserParameters defines the desired state of User
properties:
brokerID:
type: string
brokerIDRef:
description: BrokerIDRef is a reference to a Broker used to set
BrokerID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
brokerIDSelector:
description: BrokerIDSelector selects a reference to a Broker
used to set BrokerID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
consoleAccess:
type: boolean
groups:
items:
type: string
type: array
passwordSecretRef:
description: A SecretKeySelector is a reference to a secret key
in an arbitrary namespace.
properties:
key:
description: The key to select.
type: string
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- key
- name
- namespace
type: object
region:
description: Region is which region the User will be created.
type: string
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: UserStatus defines the observed state of User.
properties:
atProvider:
description: UserObservation defines the observed state of User
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: snssubscriptions.notification.aws.crossplane.io
spec:
group: notification.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: SNSSubscription
listKind: SNSSubscriptionList
plural: snssubscriptions
singular: snssubscription
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .spec.forProvider.endpoint
name: ENDPOINT
type: string
- jsonPath: .spec.forProvider.protocol
name: PROTOCOL
type: string
- jsonPath: .status.atProvider.status
name: STATUS
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: SNSSubscription defines a managed resource that represents state
of a AWS SNS Subscription
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: SNSSubscriptionSpec defined the desired state of a AWS SNS
Topic
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: SNSSubscriptionParameters define the desired state of
a AWS SNS Topic
properties:
deliveryPolicy:
description: ' DeliveryPolicy defines how Amazon SNS retries failed deliveries
to HTTP/S endpoints.'
type: string
endpoint:
description: The subscription's endpoint
type: string
filterPolicy:
description: ' The simple JSON object that lets your subscriber
receive only a subset of messages, rather than receiving every
message published to the topic.'
type: string
protocol:
description: The subscription's protocol.
type: string
rawMessageDelivery:
description: ' When set to true, enables raw message delivery to
Amazon SQS or HTTP/S endpoints. This eliminates the need for
the endpoints to process JSON formatting, which is otherwise
created for Amazon SNS metadata.'
type: string
redrivePolicy:
description: ' When specified, sends undeliverable messages to
the specified Amazon SQS dead-letter queue. Messages that can''t
be delivered due to client errors (for example, when the subscribed
endpoint is unreachable) or server errors (for example, when
the service that powers the subscribed endpoint becomes unavailable)
are held in the dead-letter queue for further analysis or reprocessing.'
type: string
region:
description: Region is the region you'd like your SNSSubscription
to be in.
type: string
topicArn:
description: TopicArn is the Arn of the SNS Topic
type: string
topicArnRef:
description: TopicArnRef references a SNS Topic and retrieves
its TopicArn
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
topicArnSelector:
description: TopicArnSelector selects a reference to a SNS Topic
and retrieves its TopicArn
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- endpoint
- protocol
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: SNSSubscriptionStatus is the status of AWS SNS Topic
properties:
atProvider:
description: SNSSubscriptionObservation represents the observed state
of a AWS SNS Topic
properties:
confirmationWasAuthenticated:
description: ConfirmationWasAuthenticated – true if the subscription
confirmation request was authenticated.
type: boolean
owner:
description: The subscription's owner.
type: string
status:
description: Status represents Confirmation Status of SNS Subscription
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: snstopics.notification.aws.crossplane.io
spec:
group: notification.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: SNSTopic
listKind: SNSTopicList
plural: snstopics
singular: snstopic
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .spec.forProvider.name
name: TOPIC-NAME
type: string
- jsonPath: .spec.forProvider.displayName
name: DISPLAY-NAME
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: SNSTopic defines a managed resource that represents state of
a AWS SNSTopic
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: SNSTopicSpec defined the desired state of a AWS SNS Topic
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: SNSTopicParameters define the desired state of a AWS
SNS Topic
properties:
deliveryPolicy:
description: DeliveryRetryPolicy - the JSON serialization of the
effective delivery policy, taking system defaults into account
type: string
displayName:
description: The display name to use for a topic with SNS subscriptions.
type: string
kmsMasterKeyId:
description: "Setting this enables server side encryption at-rest
to your topic. The ID of an AWS-managed customer master key
(CMK) for Amazon SNS or a custom CMK \n For more examples, see
KeyId (https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters)
in the AWS Key Management Service API Reference."
type: string
name:
description: Name refers to the name of the AWS SNS Topic
type: string
policy:
description: The policy that defines who can access your topic.
By default, only the topic owner can publish or subscribe to
the topic.
type: string
region:
description: Region is the region you'd like your SNSTopic to
be created in.
type: string
tags:
description: Tags represetnt a list of user-provided metadata
that can be associated with a SNS Topic. For more information
about tagging, see Tagging SNS Topics (https://docs.aws.amazon.com/sns/latest/dg/sns-tags.html)
in the SNS User Guide.
items:
description: Tag represent a user-provided metadata that can
be associated with a SNS Topic. For more information about
tagging, see Tagging SNS Topics (https://docs.aws.amazon.com/sns/latest/dg/sns-tags.html)
in the SNS User Guide.
properties:
key:
description: The key name that can be used to look up or
retrieve the associated value. For example, Department
or Cost Center are common choices.
type: string
value:
description: "The value associated with this tag. For example,
tags with a key name of Department could have values such
as Human Resources, Accounting, and Support. Tags with
a key name of Cost Center might have values that consist
of the number associated with the different cost centers
in your company. Typically, many resources have tags with
the same key name but with different values. \n AWS always
interprets the tag Value as a single string. If you need
to store an array, you can store comma-separated values
in the string. However, you must interpret the value in
your code."
type: string
required:
- key
type: object
type: array
required:
- name
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: SNSTopicStatus is the status of AWS SNS Topic
properties:
atProvider:
description: SNSTopicObservation represents the observed state of
a AWS SNS Topic
properties:
arn:
description: ARN is the Amazon Resource Name (ARN) specifying
the SNS Topic.
type: string
confirmedSubscriptions:
description: ConfirmedSubscriptions - The no of confirmed subscriptions
format: int64
type: integer
deletedSubscriptions:
description: DeletedSubscriptions - The no of deleted subscriptions
format: int64
type: integer
owner:
description: Owner refers to owner of SNS Topic
type: string
pendingSubscriptions:
description: PendingSubscriptions - The no of pending subscriptions
format: int64
type: integer
required:
- arn
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: resourceshares.ram.aws.crossplane.io
spec:
group: ram.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: ResourceShare
listKind: ResourceShareList
plural: resourceshares
singular: resourceshare
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: ResourceShare is the Schema for the ResourceShares API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ResourceShareSpec defines the desired state of ResourceShare
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: ResourceShareParameters defines the desired state of
ResourceShare
properties:
allowExternalPrincipals:
description: Indicates whether principals outside your AWS organization
can be associated with a resource share.
type: boolean
clientToken:
description: A unique, case-sensitive identifier that you provide
to ensure the idempotency of the request.
type: string
name:
description: The name of the resource share.
type: string
permissionARNs:
description: The ARNs of the permissions to associate with the
resource share. If you do not specify an ARN for the permission,
AWS RAM automatically attaches the default version of the permission
for each resource type.
items:
type: string
type: array
principals:
description: The principals to associate with the resource share.
The possible values are IDs of AWS accounts, the ARN of an OU
or organization from AWS Organizations.
items:
type: string
type: array
region:
description: Region is which region the ResourceShare will be
created.
type: string
resourceARNs:
description: The Amazon Resource Names (ARN) of the resources
to associate with the resource share.
items:
type: string
type: array
tags:
description: One or more tags.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- name
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: ResourceShareStatus defines the observed state of ResourceShare.
properties:
atProvider:
description: ResourceShareObservation defines the observed state of
ResourceShare
properties:
resourceShare:
description: Information about the resource share.
properties:
allowExternalPrincipals:
type: boolean
creationTime:
format: date-time
type: string
featureSet:
type: string
lastUpdatedTime:
format: date-time
type: string
name:
type: string
owningAccountID:
type: string
resourceShareARN:
type: string
status:
type: string
statusMessage:
type: string
tags:
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
type: object
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: dbclusters.rds.aws.crossplane.io
spec:
group: rds.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: DBCluster
listKind: DBClusterList
plural: dbclusters
singular: dbcluster
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: DBCluster is the Schema for the DBClusters API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DBClusterSpec defines the desired state of DBCluster
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: DBClusterParameters defines the desired state of DBCluster
properties:
applyImmediately:
description: "A value that indicates whether the modifications
in this request and any pending modifications are asynchronously
applied as soon as possible, regardless of the PreferredMaintenanceWindow
setting for the DB cluster. If this parameter is disabled, changes
to the DB cluster are applied during the next maintenance window.
\n The ApplyImmediately parameter only affects the EnableIAMDatabaseAuthentication,
MasterUserPassword values. If the ApplyImmediately parameter
is disabled, then changes to the EnableIAMDatabaseAuthentication,
MasterUserPassword values are applied during the next maintenance
window. All other changes are applied immediately, regardless
of the value of the ApplyImmediately parameter. \n By default,
this parameter is disabled."
type: boolean
availabilityZones:
description: A list of Availability Zones (AZs) where instances
in the DB cluster can be created. For information on AWS Regions
and Availability Zones, see Choosing the Regions and Availability
Zones (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Concepts.RegionsAndAvailabilityZones.html)
in the Amazon Aurora User Guide.
items:
type: string
type: array
backtrackWindow:
description: "The target backtrack window, in seconds. To disable
backtracking, set this value to 0. \n Currently, Backtrack is
only supported for Aurora MySQL DB clusters. \n Default: 0 \n
Constraints: \n * If specified, this value must be set to
a number from 0 to 259,200 (72 hours)."
format: int64
type: integer
backupRetentionPeriod:
description: "The number of days for which automated backups are
retained. \n Default: 1 \n Constraints: \n * Must be a value
from 1 to 35"
format: int64
type: integer
characterSetName:
description: A value that indicates that the DB cluster should
be associated with the specified CharacterSet.
type: string
copyTagsToSnapshot:
description: A value that indicates whether to copy all tags from
the DB cluster to snapshots of the DB cluster. The default is
not to copy them.
type: boolean
databaseName:
description: The name for your database of up to 64 alphanumeric
characters. If you do not provide a name, Amazon RDS doesn't
create a database in the DB cluster you are creating.
type: string
dbClusterParameterGroupName:
description: "The name of the DB cluster parameter group to associate
with this DB cluster. If you do not specify a value, then the
default DB cluster parameter group for the specified DB engine
and version is used. \n Constraints: \n * If supplied, must
match the name of an existing DB cluster parameter group."
type: string
dbClusterParameterGroupNameRef:
description: DBClusterParameterGroupNameRef is a reference to
a DBClusterParameterGroup used to set DBClusterParameterGroupName.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
dbClusterParameterGroupNameSelector:
description: DBClusterParameterGroupNameSelector selects a reference
to a DBClusterParameterGroup used to set DBClusterParameterGroupName.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
dbSubnetGroupName:
description: "A DB subnet group to associate with this DB cluster.
\n Constraints: Must match the name of an existing DBSubnetGroup.
Must not be default. \n Example: mySubnetgroup"
type: string
dbSubnetGroupNameRef:
description: DBSubnetGroupNameRef is a reference to a DBSubnetGroup
used to set DBSubnetGroupName.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
dbSubnetGroupNameSelector:
description: DBSubnetGroupNameSelector selects a reference to
a DBSubnetGroup used to set DBSubnetGroupName.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
deletionProtection:
description: A value that indicates whether the DB cluster has
deletion protection enabled. The database can't be deleted when
deletion protection is enabled. By default, deletion protection
is disabled.
type: boolean
destinationRegion:
description: DestinationRegion is used for presigning the request
to a given region.
type: string
domain:
description: "The Active Directory directory ID to create the
DB cluster in. \n For Amazon Aurora DB clusters, Amazon RDS
can use Kerberos Authentication to authenticate users that connect
to the DB cluster. For more information, see Kerberos Authentication
(https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/kerberos-authentication.html)
in the Amazon Aurora User Guide."
type: string
domainIAMRoleName:
description: Specify the name of the IAM role to be used when
making API calls to the Directory Service.
type: string
domainIAMRoleNameRef:
description: DomainIAMRoleNameRef is a reference to an IAMRole
used to set DomainIAMRoleName.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
domainIAMRoleNameSelector:
description: DomainIAMRoleNameSelector selects a reference to
an IAMRole used to set DomainIAMRoleName.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
enableCloudwatchLogsExports:
description: "The list of log types that need to be enabled for
exporting to CloudWatch Logs. The values in the list depend
on the DB engine being used. For more information, see Publishing
Database Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch)
in the Amazon Aurora User Guide. \n Aurora MySQL \n Possible
values are audit, error, general, and slowquery. \n Aurora PostgreSQL
\n Possible values are postgresql and upgrade."
items:
type: string
type: array
enableGlobalWriteForwarding:
description: "A value that indicates whether to enable this DB
cluster to forward write operations to the primary cluster of
an Aurora global database (GlobalCluster). By default, write
operations are not allowed on Aurora DB clusters that are secondary
clusters in an Aurora global database. \n You can set this value
only on Aurora DB clusters that are members of an Aurora global
database. With this parameter enabled, a secondary cluster can
forward writes to the current primary cluster and the resulting
changes are replicated back to this cluster. For the primary
DB cluster of an Aurora global database, this value is used
immediately if the primary is demoted by the FailoverGlobalCluster
API operation, but it does nothing until then."
type: boolean
enableHTTPEndpoint:
description: "A value that indicates whether to enable the HTTP
endpoint for an Aurora Serverless DB cluster. By default, the
HTTP endpoint is disabled. \n When enabled, the HTTP endpoint
provides a connectionless web service API for running SQL queries
on the Aurora Serverless DB cluster. You can also query your
database from inside the RDS console with the query editor.
\n For more information, see Using the Data API for Aurora Serverless
(https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html)
in the Amazon Aurora User Guide."
type: boolean
enableIAMDatabaseAuthentication:
description: "A value that indicates whether to enable mapping
of AWS Identity and Access Management (IAM) accounts to database
accounts. By default, mapping is disabled. \n For more information,
see IAM Database Authentication (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/UsingWithRDS.IAMDBAuth.html)
in the Amazon Aurora User Guide."
type: boolean
engine:
description: "The name of the database engine to be used for this
DB cluster. \n Valid Values: aurora (for MySQL 5.6-compatible
Aurora), aurora-mysql (for MySQL 5.7-compatible Aurora), and
aurora-postgresql"
type: string
engineMode:
description: "The DB engine mode of the DB cluster, either provisioned,
serverless, parallelquery, global, or multimaster. \n The parallelquery
engine mode isn't required for Aurora MySQL version 1.23 and
higher 1.x versions, and version 2.09 and higher 2.x versions.
\n The global engine mode isn't required for Aurora MySQL version
1.22 and higher 1.x versions, and global engine mode isn't required
for any 2.x versions. \n The multimaster engine mode only applies
for DB clusters created with Aurora MySQL version 5.6.10a. \n
For Aurora PostgreSQL, the global engine mode isn't required,
and both the parallelquery and the multimaster engine modes
currently aren't supported. \n Limitations and requirements
apply to some DB engine modes. For more information, see the
following sections in the Amazon Aurora User Guide: \n *
Limitations of Aurora Serverless (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html#aurora-serverless.limitations)
\n * Limitations of Parallel Query (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-mysql-parallel-query.html#aurora-mysql-parallel-query-limitations)
\n * Limitations of Aurora Global Databases (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-global-database.html#aurora-global-database.limitations)
\n * Limitations of Multi-Master Clusters (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-multi-master.html#aurora-multi-master-limitations)"
type: string
engineVersion:
description: "The version number of the database engine to use.
\n To list all of the available engine versions for aurora (for
MySQL 5.6-compatible Aurora), use the following command: \n
aws rds describe-db-engine-versions --engine aurora --query
\"DBEngineVersions[].EngineVersion\" \n To list all of the available
engine versions for aurora-mysql (for MySQL 5.7-compatible Aurora),
use the following command: \n aws rds describe-db-engine-versions
--engine aurora-mysql --query \"DBEngineVersions[].EngineVersion\"
\n To list all of the available engine versions for aurora-postgresql,
use the following command: \n aws rds describe-db-engine-versions
--engine aurora-postgresql --query \"DBEngineVersions[].EngineVersion\"
\n Aurora MySQL \n Example: 5.6.10a, 5.6.mysql_aurora.1.19.2,
5.7.12, 5.7.mysql_aurora.2.04.5 \n Aurora PostgreSQL \n Example:
9.6.3, 10.7"
type: string
finalDBSnapshotIdentifier:
description: "The DB cluster snapshot identifier of the new DB
cluster snapshot created when SkipFinalSnapshot is disabled.
\n Specifying this parameter and also skipping the creation
of a final DB cluster snapshot with the SkipFinalShapshot parameter
results in an error. \n Constraints: \n * Must be 1 to 255
letters, numbers, or hyphens. \n * First character must be
a letter \n * Can't end with a hyphen or contain two consecutive
hyphens"
type: string
globalClusterIdentifier:
description: The global cluster ID of an Aurora cluster that becomes
the primary cluster in the new global database cluster.
type: string
kmsKeyID:
description: "The AWS KMS key identifier for an encrypted DB cluster.
\n The AWS KMS key identifier is the key ARN, key ID, alias
ARN, or alias name for the AWS KMS customer master key (CMK).
To use a CMK in a different AWS account, specify the key ARN
or alias ARN. \n When a CMK isn't specified in KmsKeyId: \n
\ * If ReplicationSourceIdentifier identifies an encrypted
source, then Amazon RDS will use the CMK used to encrypt
the source. Otherwise, Amazon RDS will use your default CMK.
\n * If the StorageEncrypted parameter is enabled and ReplicationSourceIdentifier
\ isn't specified, then Amazon RDS will use your default CMK.
\n There is a default CMK for your AWS account. Your AWS account
has a different default CMK for each AWS Region. \n If you create
a read replica of an encrypted DB cluster in another AWS Region,
you must set KmsKeyId to a AWS KMS key identifier that is valid
in the destination AWS Region. This CMK is used to encrypt the
read replica in that AWS Region."
type: string
kmsKeyIDRef:
description: KMSKeyIDRef is a reference to a KMS Key used to set
KMSKeyID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
kmsKeyIDSelector:
description: KMSKeyIDSelector selects a reference to a KMS Key
used to set KMSKeyID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
masterUserPasswordSecretRef:
description: "The password for the master database user. This
password can contain any printable ASCII character except \"/\",
\"\"\", or \"@\". \n Constraints: Must contain from 8 to 41
characters. Required."
properties:
key:
description: The key to select.
type: string
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- key
- name
- namespace
type: object
masterUsername:
description: "The name of the master user for the DB cluster.
\n Constraints: \n * Must be 1 to 16 letters or numbers.
\n * First character must be a letter. \n * Can't be a
reserved word for the chosen database engine."
type: string
optionGroupName:
description: "A value that indicates that the DB cluster should
be associated with the specified option group. \n Permanent
options can't be removed from an option group. The option group
can't be removed from a DB cluster once it is associated with
a DB cluster."
type: string
port:
description: "The port number on which the instances in the DB
cluster accept connections. \n Default: 3306 if engine is set
as aurora or 5432 if set to aurora-postgresql."
format: int64
type: integer
preSignedURL:
description: "A URL that contains a Signature Version 4 signed
request for the CreateDBCluster action to be called in the source
AWS Region where the DB cluster is replicated from. You only
need to specify PreSignedUrl when you are performing cross-region
replication from an encrypted DB cluster. \n The pre-signed
URL must be a valid request for the CreateDBCluster API action
that can be executed in the source AWS Region that contains
the encrypted DB cluster to be copied. \n The pre-signed URL
request must contain the following parameter values: \n *
KmsKeyId - The AWS KMS key identifier for the key to use to
encrypt the copy of the DB cluster in the destination AWS
Region. This should refer to the same AWS KMS CMK for both
the CreateDBCluster action that is called in the destination
AWS Region, and the action contained in the pre-signed URL.
\n * DestinationRegion - The name of the AWS Region that
Aurora read replica will be created in. \n * ReplicationSourceIdentifier
- The DB cluster identifier for the encrypted DB cluster
to be copied. This identifier must be in the Amazon Resource
\ Name (ARN) format for the source AWS Region. For example,
if you are copying an encrypted DB cluster from the us-west-2
AWS Region, then your ReplicationSourceIdentifier would look
like Example: arn:aws:rds:us-west-2:123456789012:cluster:aurora-cluster1.
\n To learn how to generate a Signature Version 4 signed request,
see Authenticating Requests: Using Query Parameters (AWS Signature
Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html)
and Signature Version 4 Signing Process (https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html).
\n If you are using an AWS SDK tool or the AWS CLI, you can
specify SourceRegion (or --source-region for the AWS CLI) instead
of specifying PreSignedUrl manually. Specifying SourceRegion
autogenerates a pre-signed URL that is a valid request for the
operation that can be executed in the source AWS Region."
type: string
preferredBackupWindow:
description: "The daily time range during which automated backups
are created if automated backups are enabled using the BackupRetentionPeriod
parameter. \n The default is a 30-minute window selected at
random from an 8-hour block of time for each AWS Region. To
see the time blocks available, see Adjusting the Preferred DB
Cluster Maintenance Window (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora)
in the Amazon Aurora User Guide. \n Constraints: \n * Must
be in the format hh24:mi-hh24:mi. \n * Must be in Universal
Coordinated Time (UTC). \n * Must not conflict with the preferred
maintenance window. \n * Must be at least 30 minutes."
type: string
preferredMaintenanceWindow:
description: "The weekly time range during which system maintenance
can occur, in Universal Coordinated Time (UTC). \n Format: ddd:hh24:mi-ddd:hh24:mi
\n The default is a 30-minute window selected at random from
an 8-hour block of time for each AWS Region, occurring on a
random day of the week. To see the time blocks available, see
Adjusting the Preferred DB Cluster Maintenance Window (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow.Aurora)
in the Amazon Aurora User Guide. \n Valid Days: Mon, Tue, Wed,
Thu, Fri, Sat, Sun. \n Constraints: Minimum 30-minute window."
type: string
region:
description: Region is which region the DBCluster will be created.
type: string
replicationSourceIdentifier:
description: The Amazon Resource Name (ARN) of the source DB instance
or DB cluster if this DB cluster is created as a read replica.
type: string
scalingConfiguration:
description: For DB clusters in serverless DB engine mode, the
scaling properties of the DB cluster.
properties:
autoPause:
type: boolean
maxCapacity:
format: int64
type: integer
minCapacity:
format: int64
type: integer
secondsUntilAutoPause:
format: int64
type: integer
timeoutAction:
type: string
type: object
skipFinalSnapshot:
description: "A value that indicates whether to skip the creation
of a final DB cluster snapshot before the DB cluster is deleted.
If skip is specified, no DB cluster snapshot is created. If
skip isn't specified, a DB cluster snapshot is created before
the DB cluster is deleted. By default, skip isn't specified,
and the DB cluster snapshot is created. By default, this parameter
is disabled. \n You must specify a FinalDBSnapshotIdentifier
parameter if SkipFinalSnapshot is disabled."
type: boolean
sourceRegion:
description: SourceRegion is the source region where the resource
exists. This is not sent over the wire and is only used for
presigning. This value should always have the same region as
the source ARN.
type: string
storageEncrypted:
description: A value that indicates whether the DB cluster is
encrypted.
type: boolean
tags:
description: Tags to assign to the DB cluster.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
vpcSecurityGroupIDRefs:
description: VPCSecurityGroupIDRefs are references to VPCSecurityGroups
used to set the VPCSecurityGroupIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
vpcSecurityGroupIDSelector:
description: VPCSecurityGroupIDSelector selects references to
VPCSecurityGroups used to set the VPCSecurityGroupIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
vpcSecurityGroupIDs:
description: A list of EC2 VPC security groups to associate with
this DB cluster.
items:
type: string
type: array
required:
- engine
- masterUserPasswordSecretRef
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: DBClusterStatus defines the observed state of DBCluster.
properties:
atProvider:
description: DBClusterObservation defines the observed state of DBCluster
properties:
activityStreamKMSKeyID:
description: "The AWS KMS key identifier used for encrypting messages
in the database activity stream. \n The AWS KMS key identifier
is the key ARN, key ID, alias ARN, or alias name for the AWS
KMS customer master key (CMK)."
type: string
activityStreamKinesisStreamName:
description: The name of the Amazon Kinesis data stream used for
the database activity stream.
type: string
activityStreamMode:
description: The mode of the database activity stream. Database
events such as a change or access generate an activity stream
event. The database session can handle these events either synchronously
or asynchronously.
type: string
activityStreamStatus:
description: The status of the database activity stream.
type: string
allocatedStorage:
description: For all database engines except Amazon Aurora, AllocatedStorage
specifies the allocated storage size in gibibytes (GiB). For
Aurora, AllocatedStorage always returns 1, because Aurora DB
cluster storage size isn't fixed, but instead automatically
adjusts as needed.
format: int64
type: integer
associatedRoles:
description: Provides a list of the AWS Identity and Access Management
(IAM) roles that are associated with the DB cluster. IAM roles
that are associated with a DB cluster grant permission for the
DB cluster to access other AWS services on your behalf.
items:
properties:
featureName:
type: string
roleARN:
type: string
status:
type: string
type: object
type: array
backtrackConsumedChangeRecords:
description: The number of change records stored for Backtrack.
format: int64
type: integer
capacity:
description: "The current capacity of an Aurora Serverless DB
cluster. The capacity is 0 (zero) when the cluster is paused.
\n For more information about Aurora Serverless, see Using Amazon
Aurora Serverless (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html)
in the Amazon Aurora User Guide."
format: int64
type: integer
cloneGroupID:
description: Identifies the clone group to which the DB cluster
is associated.
type: string
clusterCreateTime:
description: Specifies the time when the DB cluster was created,
in Universal Coordinated Time (UTC).
format: date-time
type: string
crossAccountClone:
description: Specifies whether the DB cluster is a clone of a
DB cluster owned by a different AWS account.
type: boolean
customEndpoints:
description: Identifies all custom endpoints associated with the
cluster.
items:
type: string
type: array
dbClusterARN:
description: The Amazon Resource Name (ARN) for the DB cluster.
type: string
dbClusterIdentifier:
description: Contains a user-supplied DB cluster identifier. This
identifier is the unique key that identifies a DB cluster.
type: string
dbClusterMembers:
description: Provides the list of instances that make up the DB
cluster.
items:
properties:
dbClusterParameterGroupStatus:
type: string
dbInstanceIdentifier:
type: string
isClusterWriter:
type: boolean
promotionTier:
format: int64
type: integer
type: object
type: array
dbClusterOptionGroupMemberships:
description: Provides the list of option group memberships for
this DB cluster.
items:
properties:
dbClusterOptionGroupName:
type: string
status:
type: string
type: object
type: array
dbClusterParameterGroup:
description: Specifies the name of the DB cluster parameter group
for the DB cluster.
type: string
dbClusterResourceID:
description: The AWS Region-unique, immutable identifier for the
DB cluster. This identifier is found in AWS CloudTrail log entries
whenever the AWS KMS CMK for the DB cluster is accessed.
type: string
dbSubnetGroup:
description: Specifies information on the subnet group associated
with the DB cluster, including the name, description, and subnets
in the subnet group.
type: string
domainMemberships:
description: The Active Directory Domain membership records associated
with the DB cluster.
items:
properties:
domain:
type: string
fQDN:
type: string
iamRoleName:
type: string
status:
type: string
type: object
type: array
earliestBacktrackTime:
description: The earliest time to which a DB cluster can be backtracked.
format: date-time
type: string
earliestRestorableTime:
description: The earliest time to which a database can be restored
with point-in-time restore.
format: date-time
type: string
enabledCloudwatchLogsExports:
description: "A list of log types that this DB cluster is configured
to export to CloudWatch Logs. \n Log types vary by DB engine.
For information about the log types for each DB engine, see
Amazon RDS Database Log Files (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/USER_LogAccess.html)
in the Amazon Aurora User Guide."
items:
type: string
type: array
endpoint:
description: Specifies the connection endpoint for the primary
instance of the DB cluster.
type: string
globalWriteForwardingRequested:
description: Specifies whether you have requested to enable write
forwarding for a secondary cluster in an Aurora global database.
Because write forwarding takes time to enable, check the value
of GlobalWriteForwardingStatus to confirm that the request has
completed before using the write forwarding feature for this
cluster.
type: boolean
globalWriteForwardingStatus:
description: Specifies whether a secondary cluster in an Aurora
global database has write forwarding enabled, not enabled, or
is in the process of enabling it.
type: string
hostedZoneID:
description: Specifies the ID that Amazon Route 53 assigns when
you create a hosted zone.
type: string
httpEndpointEnabled:
description: "A value that indicates whether the HTTP endpoint
for an Aurora Serverless DB cluster is enabled. \n When enabled,
the HTTP endpoint provides a connectionless web service API
for running SQL queries on the Aurora Serverless DB cluster.
You can also query your database from inside the RDS console
with the query editor. \n For more information, see Using the
Data API for Aurora Serverless (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/data-api.html)
in the Amazon Aurora User Guide."
type: boolean
iamDatabaseAuthenticationEnabled:
description: A value that indicates whether the mapping of AWS
Identity and Access Management (IAM) accounts to database accounts
is enabled.
type: boolean
latestRestorableTime:
description: Specifies the latest time to which a database can
be restored with point-in-time restore.
format: date-time
type: string
multiAZ:
description: Specifies whether the DB cluster has instances in
multiple Availability Zones.
type: boolean
percentProgress:
description: Specifies the progress of the operation as a percentage.
type: string
readReplicaIdentifiers:
description: Contains one or more identifiers of the read replicas
associated with this DB cluster.
items:
type: string
type: array
readerEndpoint:
description: "The reader endpoint for the DB cluster. The reader
endpoint for a DB cluster load-balances connections across the
Aurora Replicas that are available in a DB cluster. As clients
request new connections to the reader endpoint, Aurora distributes
the connection requests among the Aurora Replicas in the DB
cluster. This functionality can help balance your read workload
across multiple Aurora Replicas in your DB cluster. \n If a
failover occurs, and the Aurora Replica that you are connected
to is promoted to be the primary instance, your connection is
dropped. To continue sending your read workload to other Aurora
Replicas in the cluster, you can then reconnect to the reader
endpoint."
type: string
scalingConfigurationInfo:
properties:
autoPause:
type: boolean
maxCapacity:
format: int64
type: integer
minCapacity:
format: int64
type: integer
secondsUntilAutoPause:
format: int64
type: integer
timeoutAction:
type: string
type: object
status:
description: Specifies the current state of this DB cluster.
type: string
tagList:
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
vpcSecurityGroups:
description: Provides a list of VPC security groups that the DB
cluster belongs to.
items:
properties:
status:
type: string
vpcSecurityGroupID:
type: string
type: object
type: array
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: dbclusterparametergroups.rds.aws.crossplane.io
spec:
group: rds.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: DBClusterParameterGroup
listKind: DBClusterParameterGroupList
plural: dbclusterparametergroups
singular: dbclusterparametergroup
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: DBClusterParameterGroup is the Schema for the DBClusterParameterGroups
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DBClusterParameterGroupSpec defines the desired state of
DBClusterParameterGroup
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: DBClusterParameterGroupParameters defines the desired
state of DBClusterParameterGroup
properties:
dbParameterGroupFamily:
description: "The DB cluster parameter group family name. A DB
cluster parameter group can be associated with one and only
one DB cluster parameter group family, and can be applied only
to a DB cluster running a database engine and engine version
compatible with that DB cluster parameter group family. \n Aurora
MySQL \n Example: aurora5.6, aurora-mysql5.7 \n Aurora PostgreSQL
\n Example: aurora-postgresql9.6"
type: string
description:
description: The description for the DB cluster parameter group.
type: string
parameters:
description: A list of parameters to associate with this DB cluster
parameter group
items:
properties:
allowedValues:
type: string
applyMethod:
type: string
applyType:
type: string
dataType:
type: string
description:
type: string
isModifiable:
type: boolean
minimumEngineVersion:
type: string
parameterName:
type: string
parameterValue:
type: string
source:
type: string
supportedEngineModes:
items:
type: string
type: array
type: object
type: array
region:
description: Region is which region the DBClusterParameterGroup
will be created.
type: string
tags:
description: Tags to assign to the DB cluster parameter group.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- dbParameterGroupFamily
- description
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: DBClusterParameterGroupStatus defines the observed state
of DBClusterParameterGroup.
properties:
atProvider:
description: DBClusterParameterGroupObservation defines the observed
state of DBClusterParameterGroup
properties:
dbClusterParameterGroupARN:
description: The Amazon Resource Name (ARN) for the DB cluster
parameter group.
type: string
dbClusterParameterGroupName:
description: The name of the DB cluster parameter group.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: dbinstances.rds.aws.crossplane.io
spec:
group: rds.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: DBInstance
listKind: DBInstanceList
plural: dbinstances
singular: dbinstance
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: DBInstance is the Schema for the DBInstances API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DBInstanceSpec defines the desired state of DBInstance
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: DBInstanceParameters defines the desired state of DBInstance
properties:
allocatedStorage:
description: "The amount of storage (in gibibytes) to allocate
for the DB instance. \n Type: Integer \n Amazon Aurora \n Not
applicable. Aurora cluster volumes automatically grow as the
amount of data in your database increases, though you are only
charged for the space that you use in an Aurora cluster volume.
\n MySQL \n Constraints to the amount of storage for each storage
type are the following: \n * General Purpose (SSD) storage
(gp2): Must be an integer from 20 to 65536. \n * Provisioned
IOPS storage (io1): Must be an integer from 100 to 65536. \n
\ * Magnetic storage (standard): Must be an integer from 5
to 3072. \n MariaDB \n Constraints to the amount of storage
for each storage type are the following: \n * General Purpose
(SSD) storage (gp2): Must be an integer from 20 to 65536. \n
\ * Provisioned IOPS storage (io1): Must be an integer from
100 to 65536. \n * Magnetic storage (standard): Must be an
integer from 5 to 3072. \n PostgreSQL \n Constraints to the
amount of storage for each storage type are the following: \n
\ * General Purpose (SSD) storage (gp2): Must be an integer
from 20 to 65536. \n * Provisioned IOPS storage (io1): Must
be an integer from 100 to 65536. \n * Magnetic storage (standard):
Must be an integer from 5 to 3072. \n Oracle \n Constraints
to the amount of storage for each storage type are the following:
\n * General Purpose (SSD) storage (gp2): Must be an integer
from 20 to 65536. \n * Provisioned IOPS storage (io1): Must
be an integer from 100 to 65536. \n * Magnetic storage (standard):
Must be an integer from 10 to 3072. \n SQL Server \n Constraints
to the amount of storage for each storage type are the following:
\n * General Purpose (SSD) storage (gp2): Enterprise and
Standard editions: Must be an integer from 200 to 16384.
Web and Express editions: Must be an integer from 20 to 16384.
\n * Provisioned IOPS storage (io1): Enterprise and Standard
editions: Must be an integer from 200 to 16384. Web and Express
editions: Must be an integer from 100 to 16384. \n * Magnetic
storage (standard): Enterprise and Standard editions: Must be
an integer from 200 to 1024. Web and Express editions: Must
be an integer from 20 to 1024."
format: int64
type: integer
applyImmediately:
description: "A value that indicates whether the modifications
in this request and any pending modifications are asynchronously
applied as soon as possible, regardless of the PreferredMaintenanceWindow
setting for the DB instance. By default, this parameter is disabled.
\n If this parameter is disabled, changes to the DB instance
are applied during the next maintenance window. Some parameter
changes can cause an outage and are applied on the next call
to RebootDBInstance, or the next failure reboot. Review the
table of parameters in Modifying a DB Instance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Modifying.html)
in the Amazon RDS User Guide. to see the impact of enabling
or disabling ApplyImmediately for each modified parameter and
to determine when the changes are applied."
type: boolean
autoMinorVersionUpgrade:
description: A value that indicates whether minor engine upgrades
are applied automatically to the DB instance during the maintenance
window. By default, minor engine upgrades are applied automatically.
type: boolean
autogeneratePassword:
description: "AutogeneratePassword indicates whether the controller
should generate a random password for the master user if one
is not provided via MasterUserPasswordSecretRef. \n If a password
is generated, it will be stored as a secret at the location
specified by MasterUserPasswordSecretRef."
type: boolean
availabilityZone:
description: "The Availability Zone (AZ) where the database will
be created. For information on AWS Regions and Availability
Zones, see Regions and Availability Zones (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html).
\n Default: A random, system-chosen Availability Zone in the
endpoint's AWS Region. \n Example: us-east-1d \n Constraint:
The AvailabilityZone parameter can't be specified if the DB
instance is a Multi-AZ deployment. The specified Availability
Zone must be in the same AWS Region as the current endpoint.
\n If you're creating a DB instance in an RDS on VMware environment,
specify the identifier of the custom Availability Zone to create
the DB instance in. \n For more information about RDS on VMware,
see the RDS on VMware User Guide. (https://docs.aws.amazon.com/AmazonRDS/latest/RDSonVMwareUserGuide/rds-on-vmware.html)"
type: string
backupRetentionPeriod:
description: "The number of days for which automated backups are
retained. Setting this parameter to a positive number enables
backups. Setting this parameter to 0 disables automated backups.
\n Amazon Aurora \n Not applicable. The retention period for
automated backups is managed by the DB cluster. \n Default:
1 \n Constraints: \n * Must be a value from 0 to 35 \n *
Can't be set to 0 if the DB instance is a source to read replicas"
format: int64
type: integer
characterSetName:
description: "For supported engines, indicates that the DB instance
should be associated with the specified CharacterSet. \n Amazon
Aurora \n Not applicable. The character set is managed by the
DB cluster. For more information, see CreateDBCluster."
type: string
copyTagsToSnapshot:
description: "A value that indicates whether to copy tags from
the DB instance to snapshots of the DB instance. By default,
tags are not copied. \n Amazon Aurora \n Not applicable. Copying
tags to snapshots is managed by the DB cluster. Setting this
value for an Aurora DB instance has no effect on the DB cluster
setting."
type: boolean
dbClusterIdentifier:
description: The identifier of the DB cluster that the instance
will belong to.
type: string
dbInstanceClass:
description: The compute and memory capacity of the DB instance,
for example, db.m4.large. Not all DB instance classes are available
in all AWS Regions, or for all database engines. For the full
list of DB instance classes, and availability for your engine,
see DB Instance Class (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.DBInstanceClass.html)
in the Amazon RDS User Guide.
type: string
dbName:
description: "The meaning of this parameter differs according
to the database engine you use. \n MySQL \n The name of the
database to create when the DB instance is created. If this
parameter isn't specified, no database is created in the DB
instance. \n Constraints: \n * Must contain 1 to 64 letters
or numbers. \n * Must begin with a letter. Subsequent characters
can be letters, underscores, or digits (0-9). \n * Can't
be a word reserved by the specified database engine \n MariaDB
\n The name of the database to create when the DB instance is
created. If this parameter isn't specified, no database is created
in the DB instance. \n Constraints: \n * Must contain 1 to
64 letters or numbers. \n * Must begin with a letter. Subsequent
characters can be letters, underscores, or digits (0-9).
\n * Can't be a word reserved by the specified database engine
\n PostgreSQL \n The name of the database to create when the
DB instance is created. If this parameter isn't specified, a
database named postgres is created in the DB instance. \n Constraints:
\n * Must contain 1 to 63 letters, numbers, or underscores.
\n * Must begin with a letter. Subsequent characters can
be letters, underscores, or digits (0-9). \n * Can't be
a word reserved by the specified database engine \n Oracle \n
The Oracle System ID (SID) of the created DB instance. If you
specify null, the default value ORCL is used. You can't specify
the string NULL, or any other reserved word, for DBName. \n
Default: ORCL \n Constraints: \n * Can't be longer than 8
characters \n SQL Server \n Not applicable. Must be null. \n
Amazon Aurora MySQL \n The name of the database to create when
the primary DB instance of the Aurora MySQL DB cluster is created.
If this parameter isn't specified for an Aurora MySQL DB cluster,
no database is created in the DB cluster. \n Constraints: \n
\ * It must contain 1 to 64 alphanumeric characters. \n *
It can't be a word reserved by the database engine. \n Amazon
Aurora PostgreSQL \n The name of the database to create when
the primary DB instance of the Aurora PostgreSQL DB cluster
is created. If this parameter isn't specified for an Aurora
PostgreSQL DB cluster, a database named postgres is created
in the DB cluster. \n Constraints: \n * It must contain 1
to 63 alphanumeric characters. \n * It must begin with a
letter or an underscore. Subsequent characters can be letters,
underscores, or digits (0 to 9). \n * It can't be a word
reserved by the database engine."
type: string
dbParameterGroupName:
description: "The name of the DB parameter group to associate
with this DB instance. If you do not specify a value, then the
default DB parameter group for the specified DB engine and version
is used. \n Constraints: \n * Must be 1 to 255 letters, numbers,
or hyphens. \n * First character must be a letter \n *
Can't end with a hyphen or contain two consecutive hyphens"
type: string
dbParameterGroupNameRef:
description: DBParameterGroupNameRef is a reference to a DBParameterGroup
used to set DBParameterGroupName.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
dbParameterGroupNameSelector:
description: DBParameterGroupNameSelector selects a reference
to a DBParameterGroup used to set DBParameterGroupName.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
dbSecurityGroups:
description: A list of database security groups to associate with
this DB instance
items:
type: string
type: array
dbSubnetGroupName:
description: "A DB subnet group to associate with this DB instance.
\n If there is no DB subnet group, then it is a non-VPC DB instance."
type: string
dbSubnetGroupNameRef:
description: DBSubnetGroupNameRef is a reference to a DBSubnetGroup
used to set DBSubnetGroupName.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
dbSubnetGroupNameSelector:
description: DBSubnetGroupNameSelector selects a reference to
a DBSubnetGroup used to set DBSubnetGroupName.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
deletionProtection:
description: "A value that indicates whether the DB instance has
deletion protection enabled. The database can't be deleted when
deletion protection is enabled. By default, deletion protection
is disabled. For more information, see Deleting a DB Instance
(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_DeleteInstance.html).
\n Amazon Aurora \n Not applicable. You can enable or disable
deletion protection for the DB cluster. For more information,
see CreateDBCluster. DB instances in a DB cluster can be deleted
even when deletion protection is enabled for the DB cluster."
type: boolean
domain:
description: "The Active Directory directory ID to create the
DB instance in. Currently, only MySQL, Microsoft SQL Server,
Oracle, and PostgreSQL DB instances can be created in an Active
Directory Domain. \n For more information, see Kerberos Authentication
(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/kerberos-authentication.html)
in the Amazon RDS User Guide."
type: string
domainIAMRoleName:
description: Specify the name of the IAM role to be used when
making API calls to the Directory Service.
type: string
domainIAMRoleNameRef:
description: DomainIAMRoleNameRef is a reference to an IAMRole
used to set DomainIAMRoleName.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
domainIAMRoleNameSelector:
description: DomainIAMRoleNameSelector selects a reference to
an IAMRole used to set DomainIAMRoleName.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
enableCloudwatchLogsExports:
description: "The list of log types that need to be enabled for
exporting to CloudWatch Logs. The values in the list depend
on the DB engine being used. For more information, see Publishing
Database Logs to Amazon CloudWatch Logs (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html#USER_LogAccess.Procedural.UploadtoCloudWatch)
in the Amazon Relational Database Service User Guide. \n Amazon
Aurora \n Not applicable. CloudWatch Logs exports are managed
by the DB cluster. \n MariaDB \n Possible values are audit,
error, general, and slowquery. \n Microsoft SQL Server \n Possible
values are agent and error. \n MySQL \n Possible values are
audit, error, general, and slowquery. \n Oracle \n Possible
values are alert, audit, listener, trace, and oemagent. \n PostgreSQL
\n Possible values are postgresql and upgrade."
items:
type: string
type: array
enableCustomerOwnedIP:
description: "A value that indicates whether to enable a customer-owned
IP address (CoIP) for an RDS on Outposts DB instance. \n A CoIP
provides local or external connectivity to resources in your
Outpost subnets through your on-premises network. For some use
cases, a CoIP can provide lower latency for connections to the
DB instance from outside of its virtual private cloud (VPC)
on your local network. \n For more information about RDS on
Outposts, see Working with Amazon RDS on AWS Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html)
in the Amazon RDS User Guide. \n For more information about
CoIPs, see Customer-owned IP addresses (https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#ip-addressing)
in the AWS Outposts User Guide."
type: boolean
enableIAMDatabaseAuthentication:
description: "A value that indicates whether to enable mapping
of AWS Identity and Access Management (IAM) accounts to database
accounts. By default, mapping is disabled. \n This setting doesn't
apply to Amazon Aurora. Mapping AWS IAM accounts to database
accounts is managed by the DB cluster. \n For more information,
see IAM Database Authentication for MySQL and PostgreSQL (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/UsingWithRDS.IAMDBAuth.html)
in the Amazon RDS User Guide."
type: boolean
enablePerformanceInsights:
description: "A value that indicates whether to enable Performance
Insights for the DB instance. \n For more information, see Using
Amazon Performance Insights (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PerfInsights.html)
in the Amazon Relational Database Service User Guide."
type: boolean
engine:
description: "The name of the database engine to be used for this
instance. \n Not every database engine is available for every
AWS Region. \n Valid Values: \n * aurora (for MySQL 5.6-compatible
Aurora) \n * aurora-mysql (for MySQL 5.7-compatible Aurora)
\n * aurora-postgresql \n * mariadb \n * mysql \n *
oracle-ee \n * oracle-se2 \n * oracle-se1 \n * oracle-se
\n * postgres \n * sqlserver-ee \n * sqlserver-se \n
\ * sqlserver-ex \n * sqlserver-web"
type: string
engineVersion:
description: "The version number of the database engine to use.
\n For a list of valid engine versions, use the DescribeDBEngineVersions
action. \n The following are the database engines and links
to information about the major and minor versions that are available
with Amazon RDS. Not every database engine is available for
every AWS Region. \n Amazon Aurora \n Not applicable. The version
number of the database engine to be used by the DB instance
is managed by the DB cluster. \n MariaDB \n See MariaDB on Amazon
RDS Versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MariaDB.html#MariaDB.Concepts.VersionMgmt)
in the Amazon RDS User Guide. \n Microsoft SQL Server \n See
Microsoft SQL Server Versions on Amazon RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.VersionSupport)
in the Amazon RDS User Guide. \n MySQL \n See MySQL on Amazon
RDS Versions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_MySQL.html#MySQL.Concepts.VersionMgmt)
in the Amazon RDS User Guide. \n Oracle \n See Oracle Database
Engine Release Notes (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Appendix.Oracle.PatchComposition.html)
in the Amazon RDS User Guide. \n PostgreSQL \n See Amazon RDS
for PostgreSQL versions and extensions (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_PostgreSQL.html#PostgreSQL.Concepts)
in the Amazon RDS User Guide."
type: string
finalDBSnapshotIdentifier:
description: "The DB instance snapshot identifier of the new DB
instance snapshot created when SkipFinalSnapshot is disabled.
\n Specifying this parameter and also skipping the creation
of a final DB instance snapshot with the SkipFinalShapshot parameter
results in an error. \n Constraints: \n * Must be 1 to 255
letters, numbers, or hyphens. \n * First character must be
a letter \n * Can't end with a hyphen or contain two consecutive
hyphens"
type: string
iops:
description: "The amount of Provisioned IOPS (input/output operations
per second) to be initially allocated for the DB instance. For
information about valid Iops values, see Amazon RDS Provisioned
IOPS Storage to Improve Performance (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_Storage.html#USER_PIOPS)
in the Amazon RDS User Guide. \n Constraints: For MariaDB, MySQL,
Oracle, and PostgreSQL DB instances, must be a multiple between
.5 and 50 of the storage amount for the DB instance. For SQL
Server DB instances, must be a multiple between 1 and 50 of
the storage amount for the DB instance."
format: int64
type: integer
kmsKeyID:
description: "The AWS KMS key identifier for an encrypted DB instance.
\n The AWS KMS key identifier is the key ARN, key ID, alias
ARN, or alias name for the AWS KMS customer master key (CMK).
To use a CMK in a different AWS account, specify the key ARN
or alias ARN. \n Amazon Aurora \n Not applicable. The AWS KMS
key identifier is managed by the DB cluster. For more information,
see CreateDBCluster. \n If StorageEncrypted is enabled, and
you do not specify a value for the KmsKeyId parameter, then
Amazon RDS uses your default CMK. There is a default CMK for
your AWS account. Your AWS account has a different default CMK
for each AWS Region."
type: string
licenseModel:
description: "License model information for this DB instance.
\n Valid values: license-included | bring-your-own-license |
general-public-license"
type: string
masterUserPasswordSecretRef:
description: "The password for the master database user. This
password can contain any printable ASCII character except \"/\",
\"\"\", or \"@\". \n Constraints: Must contain from 8 to 41
characters."
properties:
key:
description: The key to select.
type: string
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- key
- name
- namespace
type: object
masterUsername:
description: "The name for the master user. \n Amazon Aurora \n
Not applicable. The name for the master user is managed by the
DB cluster. \n MariaDB \n Constraints: \n * Required for
MariaDB. \n * Must be 1 to 16 letters or numbers. \n *
Can't be a reserved word for the chosen database engine. \n
Microsoft SQL Server \n Constraints: \n * Required for SQL
Server. \n * Must be 1 to 128 letters or numbers. \n *
The first character must be a letter. \n * Can't be a reserved
word for the chosen database engine. \n MySQL \n Constraints:
\n * Required for MySQL. \n * Must be 1 to 16 letters
or numbers. \n * First character must be a letter. \n *
Can't be a reserved word for the chosen database engine. \n
Oracle \n Constraints: \n * Required for Oracle. \n *
Must be 1 to 30 letters or numbers. \n * First character
must be a letter. \n * Can't be a reserved word for the chosen
database engine. \n PostgreSQL \n Constraints: \n * Required
for PostgreSQL. \n * Must be 1 to 63 letters or numbers.
\n * First character must be a letter. \n * Can't be a
reserved word for the chosen database engine."
type: string
maxAllocatedStorage:
description: "The upper limit to which Amazon RDS can automatically
scale the storage of the DB instance. \n For more information
about this setting, including limitations that apply to it,
see Managing capacity automatically with Amazon RDS storage
autoscaling (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_PIOPS.StorageTypes.html#USER_PIOPS.Autoscaling)
in the Amazon RDS User Guide."
format: int64
type: integer
monitoringInterval:
description: "The interval, in seconds, between points when Enhanced
Monitoring metrics are collected for the DB instance. To disable
collecting Enhanced Monitoring metrics, specify 0. The default
is 0. \n If MonitoringRoleArn is specified, then you must also
set MonitoringInterval to a value other than 0. \n Valid Values:
0, 1, 5, 10, 15, 30, 60"
format: int64
type: integer
monitoringRoleARN:
description: "The ARN for the IAM role that permits RDS to send
enhanced monitoring metrics to Amazon CloudWatch Logs. For example,
arn:aws:iam:123456789012:role/emaccess. For information on creating
a monitoring role, go to Setting Up and Enabling Enhanced Monitoring
(https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_Monitoring.OS.html#USER_Monitoring.OS.Enabling)
in the Amazon RDS User Guide. \n If MonitoringInterval is set
to a value other than 0, then you must supply a MonitoringRoleArn
value."
type: string
monitoringRoleArnRef:
description: MonitoringRoleARNRef is a reference to an IAMRole
used to set MonitoringRoleARN.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
monitoringRoleArnSelector:
description: MonitoringRoleARNSelector selects a reference to
an IAMRole used to set MonitoringRoleARN.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
multiAZ:
description: A value that indicates whether the DB instance is
a Multi-AZ deployment. You can't set the AvailabilityZone parameter
if the DB instance is a Multi-AZ deployment.
type: boolean
ncharCharacterSetName:
description: The name of the NCHAR character set for the Oracle
DB instance.
type: string
optionGroupName:
description: "A value that indicates that the DB instance should
be associated with the specified option group. \n Permanent
options, such as the TDE option for Oracle Advanced Security
TDE, can't be removed from an option group. Also, that option
group can't be removed from a DB instance once it is associated
with a DB instance"
type: string
performanceInsightsKMSKeyID:
description: "The AWS KMS key identifier for encryption of Performance
Insights data. \n The AWS KMS key identifier is the key ARN,
key ID, alias ARN, or alias name for the AWS KMS customer master
key (CMK). \n If you do not specify a value for PerformanceInsightsKMSKeyId,
then Amazon RDS uses your default CMK. There is a default CMK
for your AWS account. Your AWS account has a different default
CMK for each AWS Region."
type: string
performanceInsightsRetentionPeriod:
description: The amount of time, in days, to retain Performance
Insights data. Valid values are 7 or 731 (2 years).
format: int64
type: integer
port:
description: "The port number on which the database accepts connections.
\n MySQL \n Default: 3306 \n Valid values: 1150-65535 \n Type:
Integer \n MariaDB \n Default: 3306 \n Valid values: 1150-65535
\n Type: Integer \n PostgreSQL \n Default: 5432 \n Valid values:
1150-65535 \n Type: Integer \n Oracle \n Default: 1521 \n Valid
values: 1150-65535 \n SQL Server \n Default: 1433 \n Valid values:
1150-65535 except 1234, 1434, 3260, 3343, 3389, 47001, and 49152-49156.
\n Amazon Aurora \n Default: 3306 \n Valid values: 1150-65535
\n Type: Integer"
format: int64
type: integer
preferredBackupWindow:
description: "The daily time range during which automated backups
are created if automated backups are enabled, using the BackupRetentionPeriod
parameter. For more information, see The Backup Window (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_WorkingWithAutomatedBackups.html#USER_WorkingWithAutomatedBackups.BackupWindow)
in the Amazon RDS User Guide. \n Amazon Aurora \n Not applicable.
The daily time range for creating automated backups is managed
by the DB cluster. \n The default is a 30-minute window selected
at random from an 8-hour block of time for each AWS Region.
To see the time blocks available, see Adjusting the Preferred
DB Instance Maintenance Window (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#AdjustingTheMaintenanceWindow)
in the Amazon RDS User Guide. \n Constraints: \n * Must be
in the format hh24:mi-hh24:mi. \n * Must be in Universal
Coordinated Time (UTC). \n * Must not conflict with the preferred
maintenance window. \n * Must be at least 30 minutes."
type: string
preferredMaintenanceWindow:
description: "The time range each week during which system maintenance
can occur, in Universal Coordinated Time (UTC). For more information,
see Amazon RDS Maintenance Window (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_UpgradeDBInstance.Maintenance.html#Concepts.DBMaintenance).
\n Format: ddd:hh24:mi-ddd:hh24:mi \n The default is a 30-minute
window selected at random from an 8-hour block of time for each
AWS Region, occurring on a random day of the week. \n Valid
Days: Mon, Tue, Wed, Thu, Fri, Sat, Sun. \n Constraints: Minimum
30-minute window."
type: string
processorFeatures:
description: The number of CPU cores and the number of threads
per core for the DB instance class of the DB instance.
items:
properties:
name:
type: string
value:
type: string
type: object
type: array
promotionTier:
description: "A value that specifies the order in which an Aurora
Replica is promoted to the primary instance after a failure
of the existing primary instance. For more information, see
Fault Tolerance for an Aurora DB Cluster (https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/Aurora.Managing.Backups.html#Aurora.Managing.FaultTolerance)
in the Amazon Aurora User Guide. \n Default: 1 \n Valid Values:
0 - 15"
format: int64
type: integer
publiclyAccessible:
description: "A value that indicates whether the DB instance is
publicly accessible. \n When the DB instance is publicly accessible,
its DNS endpoint resolves to the private IP address from within
the DB instance's VPC, and to the public IP address from outside
of the DB instance's VPC. Access to the DB instance is ultimately
controlled by the security group it uses, and that public access
is not permitted if the security group assigned to the DB instance
doesn't permit it. \n When the DB instance isn't publicly accessible,
it is an internal DB instance with a DNS name that resolves
to a private IP address. \n Default: The default behavior varies
depending on whether DBSubnetGroupName is specified. \n If DBSubnetGroupName
isn't specified, and PubliclyAccessible isn't specified, the
following applies: \n * If the default VPC in the target
region doesn’t have an Internet gateway attached to it, the
DB instance is private. \n * If the default VPC in the target
region has an Internet gateway attached to it, the DB instance
is public. \n If DBSubnetGroupName is specified, and PubliclyAccessible
isn't specified, the following applies: \n * If the subnets
are part of a VPC that doesn’t have an Internet gateway attached
to it, the DB instance is private. \n * If the subnets are
part of a VPC that has an Internet gateway attached to it,
the DB instance is public."
type: boolean
region:
description: Region is which region the DBInstance will be created.
type: string
skipFinalSnapshot:
description: "A value that indicates whether to skip the creation
of a final DB instance snapshot before the DB instance is deleted.
If skip is specified, no DB instance snapshot is created. If
skip isn't specified, a DB instance snapshot is created before
the DB instance is deleted. By default, skip isn't specified,
and the DB instance snapshot is created. By default, this parameter
is disabled. \n You must specify a FinalDBSnapshotIdentifier
parameter if SkipFinalSnapshot is disabled."
type: boolean
storageEncrypted:
description: "A value that indicates whether the DB instance is
encrypted. By default, it isn't encrypted. \n Amazon Aurora
\n Not applicable. The encryption for DB instances is managed
by the DB cluster."
type: boolean
storageType:
description: "Specifies the storage type to be associated with
the DB instance. \n Valid values: standard | gp2 | io1 \n If
you specify io1, you must also include a value for the Iops
parameter. \n Default: io1 if the Iops parameter is specified,
otherwise gp2"
type: string
tags:
description: Tags to assign to the DB instance.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
tdeCredentialARN:
description: The ARN from the key store with which to associate
the instance for TDE encryption.
type: string
tdeCredentialPassword:
description: The password for the given ARN from the key store
in order to access the device.
type: string
timezone:
description: The time zone of the DB instance. The time zone parameter
is currently supported only by Microsoft SQL Server (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/CHAP_SQLServer.html#SQLServer.Concepts.General.TimeZone).
type: string
vpcSecurityGroupIDRefs:
description: VPCSecurityGroupIDRefs are references to VPCSecurityGroups
used to set the VPCSecurityGroupIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
vpcSecurityGroupIDSelector:
description: VPCSecurityGroupIDSelector selects references to
VPCSecurityGroups used to set the VPCSecurityGroupIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
vpcSecurityGroupIDs:
description: A list of EC2 VPC security groups to associate with
this DB instance.
items:
type: string
type: array
required:
- dbInstanceClass
- engine
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: DBInstanceStatus defines the observed state of DBInstance.
properties:
atProvider:
description: DBInstanceObservation defines the observed state of DBInstance
properties:
associatedRoles:
description: The AWS Identity and Access Management (IAM) roles
associated with the DB instance.
items:
properties:
featureName:
type: string
roleARN:
type: string
status:
type: string
type: object
type: array
caCertificateIdentifier:
description: The identifier of the CA certificate for this DB
instance.
type: string
customerOwnedIPEnabled:
description: "Specifies whether a customer-owned IP address (CoIP)
is enabled for an RDS on Outposts DB instance. \n A CoIP provides
local or external connectivity to resources in your Outpost
subnets through your on-premises network. For some use cases,
a CoIP can provide lower latency for connections to the DB instance
from outside of its virtual private cloud (VPC) on your local
network. \n For more information about RDS on Outposts, see
Working with Amazon RDS on AWS Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html)
in the Amazon RDS User Guide. \n For more information about
CoIPs, see Customer-owned IP addresses (https://docs.aws.amazon.com/outposts/latest/userguide/outposts-networking-components.html#ip-addressing)
in the AWS Outposts User Guide."
type: boolean
dbInstanceARN:
description: The Amazon Resource Name (ARN) for the DB instance.
type: string
dbInstanceAutomatedBackupsReplications:
description: The list of replicated automated backups associated
with the DB instance.
items:
properties:
dbInstanceAutomatedBackupsARN:
type: string
type: object
type: array
dbInstanceIdentifier:
description: Contains a user-supplied database identifier. This
identifier is the unique key that identifies a DB instance.
type: string
dbInstancePort:
description: Specifies the port that the DB instance listens on.
If the DB instance is part of a DB cluster, this can be a different
port than the DB cluster port.
format: int64
type: integer
dbInstanceStatus:
description: "Specifies the current state of this database. \n
For information about DB instance statuses, see DB Instance
Status (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Overview.DBInstance.Status.html)
in the Amazon RDS User Guide."
type: string
dbParameterGroups:
description: Provides the list of DB parameter groups applied
to this DB instance.
items:
properties:
dbParameterGroupName:
type: string
parameterApplyStatus:
type: string
type: object
type: array
dbSecurityGroups:
description: A list of DB security group elements containing DBSecurityGroup.Name
and DBSecurityGroup.Status subelements.
items:
properties:
dbSecurityGroupName:
type: string
status:
type: string
type: object
type: array
dbSubnetGroup:
description: Specifies information on the subnet group associated
with the DB instance, including the name, description, and subnets
in the subnet group.
properties:
dbSubnetGroupARN:
type: string
dbSubnetGroupDescription:
type: string
dbSubnetGroupName:
type: string
subnetGroupStatus:
type: string
subnets:
items:
properties:
subnetAvailabilityZone:
description: "Contains Availability Zone information.
\n This data type is used as an element in the OrderableDBInstanceOption
data type."
properties:
name:
type: string
type: object
subnetIdentifier:
type: string
subnetOutpost:
description: "A data type that represents an Outpost.
\n For more information about RDS on Outposts, see
Amazon RDS on AWS Outposts (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-on-outposts.html)
in the Amazon RDS User Guide."
properties:
arn:
type: string
type: object
subnetStatus:
type: string
type: object
type: array
vpcID:
type: string
type: object
dbiResourceID:
description: The AWS Region-unique, immutable identifier for the
DB instance. This identifier is found in AWS CloudTrail log
entries whenever the AWS KMS customer master key (CMK) for the
DB instance is accessed.
type: string
domainMemberships:
description: The Active Directory Domain membership records associated
with the DB instance.
items:
properties:
domain:
type: string
fQDN:
type: string
iamRoleName:
type: string
status:
type: string
type: object
type: array
enabledCloudwatchLogsExports:
description: "A list of log types that this DB instance is configured
to export to CloudWatch Logs. \n Log types vary by DB engine.
For information about the log types for each DB engine, see
Amazon RDS Database Log Files (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/USER_LogAccess.html)
in the Amazon RDS User Guide."
items:
type: string
type: array
endpoint:
description: Specifies the connection endpoint.
properties:
address:
type: string
hostedZoneID:
type: string
port:
format: int64
type: integer
type: object
enhancedMonitoringResourceARN:
description: The Amazon Resource Name (ARN) of the Amazon CloudWatch
Logs log stream that receives the Enhanced Monitoring metrics
data for the DB instance.
type: string
iamDatabaseAuthenticationEnabled:
description: "True if mapping of AWS Identity and Access Management
(IAM) accounts to database accounts is enabled, and otherwise
false. \n IAM database authentication can be enabled for the
following database engines \n * For MySQL 5.6, minor version
5.6.34 or higher \n * For MySQL 5.7, minor version 5.7.16
or higher \n * Aurora 5.6 or higher. To enable IAM database
authentication for Aurora, see DBCluster Type."
type: boolean
instanceCreateTime:
description: Provides the date and time the DB instance was created.
format: date-time
type: string
latestRestorableTime:
description: Specifies the latest time to which a database can
be restored with point-in-time restore.
format: date-time
type: string
listenerEndpoint:
description: Specifies the listener connection endpoint for SQL
Server Always On.
properties:
address:
type: string
hostedZoneID:
type: string
port:
format: int64
type: integer
type: object
optionGroupMemberships:
description: Provides the list of option group memberships for
this DB instance.
items:
properties:
optionGroupName:
type: string
status:
type: string
type: object
type: array
pendingModifiedValues:
description: A value that specifies that changes to the DB instance
are pending. This element is only included when changes are
pending. Specific changes are identified by subelements.
properties:
allocatedStorage:
format: int64
type: integer
backupRetentionPeriod:
format: int64
type: integer
caCertificateIdentifier:
type: string
dbInstanceClass:
type: string
dbInstanceIdentifier:
type: string
dbSubnetGroupName:
type: string
engineVersion:
type: string
iamDatabaseAuthenticationEnabled:
type: boolean
iops:
format: int64
type: integer
licenseModel:
type: string
masterUserPassword:
type: string
multiAZ:
type: boolean
pendingCloudwatchLogsExports:
description: A list of the log types whose configuration is
still pending. In other words, these log types are in the
process of being activated or deactivated.
properties:
logTypesToDisable:
items:
type: string
type: array
logTypesToEnable:
items:
type: string
type: array
type: object
port:
format: int64
type: integer
processorFeatures:
items:
properties:
name:
type: string
value:
type: string
type: object
type: array
storageType:
type: string
type: object
performanceInsightsEnabled:
description: True if Performance Insights is enabled for the DB
instance, and otherwise false.
type: boolean
readReplicaDBClusterIdentifiers:
description: "Contains one or more identifiers of Aurora DB clusters
to which the RDS DB instance is replicated as a read replica.
For example, when you create an Aurora read replica of an RDS
MySQL DB instance, the Aurora MySQL DB cluster for the Aurora
read replica is shown. This output does not contain information
about cross region Aurora read replicas. \n Currently, each
RDS DB instance can have only one Aurora read replica."
items:
type: string
type: array
readReplicaDBInstanceIdentifiers:
description: Contains one or more identifiers of the read replicas
associated with this DB instance.
items:
type: string
type: array
readReplicaSourceDBInstanceIdentifier:
description: Contains the identifier of the source DB instance
if this DB instance is a read replica.
type: string
replicaMode:
description: "The open mode of an Oracle read replica. The default
is open-read-only. For more information, see Working with Oracle
Read Replicas for Amazon RDS (https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/oracle-read-replicas.html)
in the Amazon RDS User Guide. \n This attribute is only supported
in RDS for Oracle."
type: string
secondaryAvailabilityZone:
description: If present, specifies the name of the secondary Availability
Zone for a DB instance with multi-AZ support.
type: string
statusInfos:
description: The status of a read replica. If the instance isn't
a read replica, this is blank.
items:
properties:
message:
type: string
normal:
type: boolean
status:
type: string
statusType:
type: string
type: object
type: array
tagList:
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
vpcSecurityGroups:
description: Provides a list of VPC security group elements that
the DB instance belongs to.
items:
properties:
status:
type: string
vpcSecurityGroupID:
type: string
type: object
type: array
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: dbparametergroups.rds.aws.crossplane.io
spec:
group: rds.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: DBParameterGroup
listKind: DBParameterGroupList
plural: dbparametergroups
singular: dbparametergroup
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: DBParameterGroup is the Schema for the DBParameterGroups API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: DBParameterGroupSpec defines the desired state of DBParameterGroup
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: DBParameterGroupParameters defines the desired state
of DBParameterGroup
properties:
dbParameterGroupFamily:
description: "The DB parameter group family name. A DB parameter
group can be associated with one and only one DB parameter group
family, and can be applied only to a DB instance running a database
engine and engine version compatible with that DB parameter
group family. \n To list all of the available parameter group
families, use the following command: \n aws rds describe-db-engine-versions
--query \"DBEngineVersions[].DBParameterGroupFamily\" \n The
output contains duplicates."
type: string
description:
description: The description for the DB parameter group.
type: string
parameters:
description: A list of parameters to associate with this DB parameter
group
items:
properties:
allowedValues:
type: string
applyMethod:
type: string
applyType:
type: string
dataType:
type: string
description:
type: string
isModifiable:
type: boolean
minimumEngineVersion:
type: string
parameterName:
type: string
parameterValue:
type: string
source:
type: string
supportedEngineModes:
items:
type: string
type: array
type: object
type: array
region:
description: Region is which region the DBParameterGroup will
be created.
type: string
tags:
description: Tags to assign to the DB parameter group.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- dbParameterGroupFamily
- description
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: DBParameterGroupStatus defines the observed state of DBParameterGroup.
properties:
atProvider:
description: DBParameterGroupObservation defines the observed state
of DBParameterGroup
properties:
dbParameterGroupARN:
description: The Amazon Resource Name (ARN) for the DB parameter
group.
type: string
dbParameterGroupName:
description: The name of the DB parameter group.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: globalclusters.rds.aws.crossplane.io
spec:
group: rds.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: GlobalCluster
listKind: GlobalClusterList
plural: globalclusters
singular: globalcluster
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: GlobalCluster is the Schema for the GlobalClusters API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: GlobalClusterSpec defines the desired state of GlobalCluster
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: GlobalClusterParameters defines the desired state of
GlobalCluster
properties:
databaseName:
description: The name for your database of up to 64 alpha-numeric
characters. If you do not provide a name, Amazon Aurora will
not create a database in the global database cluster you are
creating.
type: string
deletionProtection:
description: The deletion protection setting for the new global
database. The global database can't be deleted when deletion
protection is enabled.
type: boolean
engine:
description: The name of the database engine to be used for this
DB cluster.
type: string
engineVersion:
description: The engine version of the Aurora global database.
type: string
region:
description: Region is which region the GlobalCluster will be
created.
type: string
sourceDBClusterIdentifier:
description: The Amazon Resource Name (ARN) to use as the primary
cluster of the global database. This parameter is optional.
type: string
sourceDBClusterIdentifierRef:
description: SourceDBClusterIdentifierRef is a reference to a
DBCluster used to set SourceDBClusterIdentifier.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
sourceDBClusterIdentifierSelector:
description: SourceDBClusterIdentifierSelector selects a reference
to a DBCluster used to set SourceDBClusterIdentifier.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
storageEncrypted:
description: The storage encryption setting for the new global
database cluster.
type: boolean
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: GlobalClusterStatus defines the observed state of GlobalCluster.
properties:
atProvider:
description: GlobalClusterObservation defines the observed state of
GlobalCluster
properties:
failoverState:
description: A data object containing all properties for the current
state of an in-process or pending failover process for this
Aurora global database. This object is empty unless the FailoverGlobalCluster
API operation has been called on this Aurora global database
(GlobalCluster).
properties:
fromDBClusterARN:
type: string
status:
type: string
toDBClusterARN:
type: string
type: object
globalClusterARN:
description: The Amazon Resource Name (ARN) for the global database
cluster.
type: string
globalClusterIdentifier:
description: Contains a user-supplied global database cluster
identifier. This identifier is the unique key that identifies
a global database cluster.
type: string
globalClusterMembers:
description: The list of cluster IDs for secondary clusters within
the global database cluster. Currently limited to 1 item.
items:
properties:
dbClusterARN:
type: string
globalWriteForwardingStatus:
type: string
isWriter:
type: boolean
readers:
items:
type: string
type: array
type: object
type: array
globalClusterResourceID:
description: The AWS Region-unique, immutable identifier for the
global database cluster. This identifier is found in AWS CloudTrail
log entries whenever the AWS KMS customer master key (CMK) for
the DB cluster is accessed.
type: string
status:
description: Specifies the current state of this global database
cluster.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: clusters.redshift.aws.crossplane.io
spec:
group: redshift.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Cluster
listKind: ClusterList
plural: clusters
singular: cluster
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .status.atProvider.clusterStatus
name: STATE
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: A Cluster is a managed resource that represents an AWS Redshift
cluster.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ClusterSpec defines the desired state of an AWS Redshift
Cluster.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: ClusterParameters define the parameters available for
an AWS Redshift cluster
properties:
allowVersionUpgrade:
description: AllowVersionUpgrade indicates that major engine upgrades
are applied automatically to the cluster during the maintenance
window. default=true
type: boolean
automatedSnapshotRetentionPeriod:
description: AutomatedSnapshotRetentionPeriod is the number of
days for which automated backups are retained. Setting this
parameter to a positive number enables backups. Setting this
parameter to 0 disables automated backups. default=1
format: int32
maximum: 35
minimum: 0
type: integer
availabilityZone:
description: 'AvailabilityZone is the EC2 Availability Zone in
which you want Amazon Redshift to provision the cluster. Default:
A random, system-chosen Availability Zone in the region that
is specified by the endpoint. Example: us-east-2d Constraint:
The specified Availability Zone must be in the same region as
the current endpoint. The Availability Zone parameter can''t
be specified if the MultiAZ parameter is set to true. The specified
Availability Zone must be in the same AWS Region as the current
endpoint.'
type: string
clusterParameterGroupName:
description: 'ClusterParameterGroupName is the name of the cluster
parameter group to use for the cluster. Default: The default
Amazon Redshift cluster parameter group. For information about
the default parameter group, go to Working with Amazon Redshift
Parameter Groups (https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html)'
type: string
clusterSecurityGroupRefs:
description: ClusterSecurityGroupRefs are references to ClusterSecurityGroups
used to set the ClusterSecurityGroups.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
clusterSecurityGroupSelector:
description: ClusterSecurityGroupSelector selects references to
ClusterSecurityGroups used to set the ClusterSecurityGroups.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
clusterSecurityGroups:
description: 'SecurityGroups is a list of security groups to associate
with this cluster. Default: The default cluster security group
for Amazon Redshift.'
items:
type: string
type: array
clusterSubnetGroupName:
description: ClusterSubnetGroupName is the name of a cluster subnet
group to be associated with this cluster. If this parameter
is not provided the resulting cluster will be deployed outside
virtual private cloud (VPC).
type: string
clusterType:
description: ClusterType is the type of the cluster you want.
When cluster type is specified as * single-node, the NumberOfNodes
parameter is not required. * multi-node, the NumberOfNodes
parameter is required. default=multi-node
enum:
- multi-node
- single-node
type: string
clusterVersion:
description: 'ClusterVersion is the version of the Amazon Redshift
engine software that you want to deploy on the cluster. The
version selected runs on all the nodes in the cluster. Constraints:
Only version 1.0 is currently available.'
type: string
dbName:
description: 'DBName is the name of the first database to be created
when the cluster is created. To create additional databases
after the cluster is created, connect to the cluster with a
SQL client and use SQL commands to create a database. For more
information, go to Create a Database (https://docs.aws.amazon.com/redshift/latest/dg/t_creating_database.html)
in the Amazon Redshift Database Developer Guide. Constraints: *
Must contain 1 to 64 alphanumeric characters. * Must contain
only lowercase letters. * Cannot be a word that is reserved
by the service. A list of reserved words can be found in
Reserved Words (https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in
the Amazon Redshift Database Developer Guide. default=dev'
type: string
elasticIP:
description: 'The Elastic IP (EIP) address for the cluster. Constraints:
The cluster must be provisioned in EC2-VPC and publicly-accessible
through an Internet gateway. For more information about provisioning
clusters in EC2-VPC, go to Supported Platforms to Launch Your
Cluster (https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#cluster-platforms)
in the Amazon Redshift Cluster Management Guide.'
type: string
encrypted:
description: Encrypted defines whether your data in the cluster
will be encrypted at rest or not. default=false
type: boolean
enhancedVPCRouting:
description: EnhancedVPCRouting specifies whether to create the
cluster with enhanced VPC routing enabled. To create a cluster
that uses enhanced VPC routing, the cluster must be in a VPC.
For more information, see Enhanced VPC Routing (https://docs.aws.amazon.com/redshift/latest/mgmt/enhanced-vpc-routing.html)
in the Amazon Redshift Cluster Management Guide. If this option
is true, enhanced VPC routing is enabled. default=false
type: boolean
finalClusterSnapshotIdentifier:
description: 'FinalClusterSnapshotIdentifier is the identifier
of the final snapshot that is to be created immediately before
deleting the cluster. If this parameter is provided, SkipFinalClusterSnapshot
must be false. Constraints: * Must be 1 to 255 alphanumeric
characters. * First character must be a letter. * Cannot
end with a hyphen or contain two consecutive hyphens.'
type: string
finalClusterSnapshotRetentionPeriod:
description: FinalClusterSnapshotRetentionPeriod is the number
of days that a manual snapshot is retained. If the value is
-1, the manual snapshot is retained indefinitely. The value
must be either -1 or an integer between 1 and 3,653. default
-1
format: int32
type: integer
hsmClientCertificateIdentifier:
description: HSMClientCertificateIdentifier specifies the name
of the HSM client certificate the Amazon Redshift cluster uses
to retrieve the data encryption keys stored in an HSM.
type: string
hsmConfigurationIdentifier:
description: HSMConfigurationIdentifier specifies the name of
the HSM configuration that contains the information the Amazon
Redshift cluster can use to retrieve and store keys in an HSM.
type: string
iamRoleRefs:
description: IAMRoleRefs are references to IAMRoles used to set
the IAMRoles.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
iamRoleSelector:
description: IAMRoleSelector selects references to IAMRoles used
to set the IAMRoles.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
iamRoles:
description: IAMRoles is a list of AWS Identity and Access Management
(IAM) roles that can be used by the cluster to access other
AWS services. You must supply the IAM roles in their Amazon
Resource Name (ARN) format. You can supply up to 10 IAM roles
in a single request. A cluster can have up to 10 IAM roles associated
with it at any time. kubebuilder:validation:MaxItems=10
items:
type: string
type: array
kmsKeyID:
description: KMSKeyID is the Amazon Resource Name (ARN) for the
KMS encryption key. If you are creating a cluster with the same
AWS account that owns the KMS encryption key used to encrypt
the new cluster, then you can use the KMS key alias instead
of the ARN for the KM encryption key.
type: string
maintenanceTrackName:
description: MaintenanceTrackName an optional parameter for the
name of the maintenance track for the cluster.
type: string
manualSnapshotRetentionPeriod:
description: ManualSnapshotRetentionPeriod is the default number
of days to retain a manual snapshot. If the value is -1, the
snapshot is retained indefinitely. This setting doesn't change
the retention period of existing snapshots. default=1
format: int32
maximum: 3653
type: integer
masterUsername:
description: 'MasterUsername is the user name associated with
the master user account for the cluster that is being created.
Constraints: * Must be 1 - 128 alphanumeric characters. The
user name can''t be PUBLIC. * First character must be a letter. *
Cannot be a reserved word. A list of reserved words can be found
in Reserved Words (https://docs.aws.amazon.com/redshift/latest/dg/r_pg_keywords.html) in
the Amazon Redshift Database Developer Guide.'
type: string
newClusterIdentifier:
description: NewClusterIdentifier is the new identifier you want
to use for the cluster.
type: string
newMasterUserPassword:
description: 'NewMasterUserPassword is the new password to be
associated with the master user account for the cluster that
has being created. Set this value if you want to change the
existing password of the cluster. Constraints: * Must be
between 8 and 64 characters in length. * Must contain at
least one uppercase letter. * Must contain at least one lowercase
letter. * Must contain one number. * Can be any printable
ASCII character (ASCII code 33 to 126) except '' (single
quote), " (double quote), \, /, @, or space.'
type: string
nodeType:
description: NodeType is the node type defining its size and compute
capacity to be provisioned for the cluster. For information
about node types, go to Working with Clusters (https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes)
in the Amazon Redshift Cluster Management Guide.
type: string
numberOfNodes:
description: NumberOfNodes defines the number of compute nodes
in the cluster. This parameter is required when the ClusterType
parameter is specified as multi-node. For information about
determining how many nodes you need, go to Working with Clusters
(https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#how-many-nodes)
in the Amazon Redshift Cluster Management Guide. If you don't
specify this parameter, you get a single-node cluster. When
requesting a multi-node cluster, you must specify the number
of nodes that you want in the cluster. default=1
format: int32
maximum: 100
minimum: 1
type: integer
port:
description: Port specifies the port number on which the cluster
accepts incoming connections. The cluster is accessible only
via the JDBC and ODBC connection strings. Part of the connection
string requires the port on which the cluster will listen for
incoming connections. default=5439
format: int32
maximum: 65535
minimum: 1150
type: integer
preferredMaintenanceWindow:
description: 'PreferredMaintenanceWindow is the weekly time range
(in UTC) during which automated cluster maintenance can occur.
Default: A 30-minute window selected at random from an 8-hour
block of time per region, occurring on a random day of the week.
For more information about the time blocks for each region,
see Maintenance Windows (https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-clusters.html#rs-maintenance-windows)
in Amazon Redshift Cluster Management Guide. Constraints: Minimum
30-minute window.'
type: string
publiclyAccessible:
description: PubliclyAccessible is to specify if the cluster can
be accessed from a public network.
type: boolean
region:
description: Region is the region you'd like the Cluster to be
created in.
type: string
skipFinalClusterSnapshot:
description: 'SkipFinalClusterSnapshot determines whether a final
snapshot of the cluster is created before Amazon Redshift deletes
the cluster. If true, a final cluster snapshot is not created.
If false, a final cluster snapshot is created before the cluster
is deleted. The FinalClusterSnapshotIdentifier parameter must
be specified if SkipFinalClusterSnapshot is false. Default:
false'
type: boolean
snapshotScheduleIdentifier:
description: SnapshotScheduleIdentifier is a unique identifier
for the snapshot schedule.
type: string
tags:
description: Tags indicates a list of tags for the clusters.
items:
description: Tag represetnt a key-pair metadata assigned to
a Redshift Cluster
properties:
tag:
description: The key of the tag.
type: string
value:
description: The value of the tag.
type: string
required:
- tag
- value
type: object
type: array
vpcSecurityGroupIDRefs:
description: VPCSecurityGroupIDRefs are references to VPCSecurityGroups
used to set the VPCSecurityGroupIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
vpcSecurityGroupIDSelector:
description: VPCSecurityGroupIDSelector selects references to
VPCSecurityGroups used to set the VPCSecurityGroupIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
vpcSecurityGroupIds:
description: VPCSecurityGroupIDs a list of Virtual Private Cloud
(VPC) security groups to be associated with the cluster.
items:
type: string
type: array
required:
- masterUsername
- nodeType
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: ClusterStatus represents the observed state of an AWS Redshift
Cluster.
properties:
atProvider:
description: ClusterObservation is the representation of the current
state that is observed.
properties:
clusterAvailabilityStatus:
description: ClusterAvailabilityStatus is the availability status
of the cluster.
type: string
clusterCreateTime:
description: ClusterCreateTime is the date and time that the cluster
was created.
format: date-time
type: string
clusterNodes:
description: The nodes in the cluster.
items:
description: ClusterNode is the identifier of a node in a cluster.
properties:
nodeRole:
description: Whether the node is a leader node or a compute
node.
type: string
privateIPAddress:
description: The private IP address of a node within a cluster.
type: string
publicIPAddress:
description: The public IP address of a node within a cluster.
type: string
type: object
type: array
clusterParameterGroups:
description: The list of cluster parameter groups that are associated
with this cluster. Each parameter group in the list is returned
with its status.
items:
description: ClusterParameterGroupStatus is the status of the
Cluster parameter group.
properties:
clusterParameterStatusList:
description: "The list of parameter statuses. \n For more
information about parameters and parameter groups, go
to Amazon Redshift Parameter Groups (https://docs.aws.amazon.com/redshift/latest/mgmt/working-with-parameter-groups.html)
in the Amazon Redshift Cluster Management Guide."
items:
description: ClusterParameterStatus describes the status
of a Cluster parameter.
properties:
parameterApplyErrorDescription:
description: The error that prevented the parameter
from being applied to the database.
type: string
parameterApplyStatus:
description: "The status of the parameter that indicates
whether the parameter is in sync with the database,
waiting for a cluster reboot, or encountered an
error when being applied. \n The following are possible
statuses and descriptions. \n * in-sync: The
parameter value is in sync with the database. \n
\ * pending-reboot: The parameter value will be
applied after the cluster reboots. \n * applying:
The parameter value is being applied to the database.
\n * invalid-parameter: Cannot apply the parameter
value because it has an invalid value or syntax.
\n * apply-deferred: The parameter contains static
property changes. The changes are deferred until
the cluster reboots. \n * apply-error: Cannot
connect to the cluster. The parameter change will
\ be applied after the cluster reboots. \n *
unknown-error: Cannot apply the parameter change
right now. The change will be applied after the
cluster reboots."
type: string
parameterName:
description: The name of the parameter.
type: string
type: object
type: array
parameterApplyStatus:
description: The status of parameter updates.
type: string
parameterGroupName:
description: The name of the cluster parameter group.
type: string
type: object
type: array
clusterPublicKey:
description: The public key for the cluster.
type: string
clusterRevisionNumber:
description: The specific revision number of the database in the
cluster.
type: string
clusterSnapshotCopyStatus:
description: A value that returns the destination region and retention
period that are configured for cross-region snapshot copy.
properties:
destinationRegion:
description: The destination region that snapshots are automatically
copied to when cross-region snapshot copy is enabled.
type: string
manualSnapshotRetentionPeriod:
description: "The number of days that automated snapshots
are retained in the destination region after they are copied
from a source region. If the value is -1, the manual snapshot
is retained indefinitely. \n The value must be either -1
or an integer between 1 and 3,653."
format: int32
type: integer
retentionPeriod:
description: The number of days that automated snapshots are
retained in the destination region after they are copied
from a source region.
format: int64
type: integer
snapshotCopyGrantName:
description: The name of the snapshot copy grant.
type: string
type: object
clusterStatus:
description: ClusterStatus is the current state of the cluster.
type: string
dataTransferProgress:
description: Describes the status of a cluster while it is in
the process of resizing with an incremental resize.
properties:
currentRateInMegaBytesPerSecond:
description: Describes the data transfer rate in MB's per
second.
type: integer
dataTransferredInMegaBytes:
description: Describes the total amount of data that has been
transferred in MB's.
format: int64
type: integer
elapsedTimeInSeconds:
description: Describes the number of seconds that have elapsed
during the data transfer.
format: int64
type: integer
estimatedTimeToCompletionInSeconds:
description: Describes the estimated number of seconds remaining
to complete the transfer.
format: int64
type: integer
status:
description: Describes the status of the cluster. While the
transfer is in progress the status is transferringdata.
type: string
totalDataInMegaBytes:
description: Describes the total amount of data to be transferred
in megabytes.
format: int64
type: integer
type: object
deferredMaintenanceWindows:
description: Describes a group of DeferredMaintenanceWindow objects.
items:
description: DeferredMaintenanceWindow describes a deferred
maintenance window
properties:
deferMaintenanceEndTime:
description: A timestamp for the end of the time period
when we defer maintenance.
format: date-time
type: string
deferMaintenanceIdentifier:
description: A unique identifier for the maintenance window.
type: string
deferMaintenanceStartTime:
description: A timestamp for the beginning of the time period
when we defer maintenance.
format: date-time
type: string
type: object
type: array
elasticIPStatus:
description: The status of the elastic IP (EIP) address.
properties:
elasticIP:
description: The elastic IP (EIP) address for the cluster.
type: string
status:
description: The status of the elastic IP (EIP) address.
type: string
type: object
elasticResizeNumberOfNodeOptions:
description: The number of nodes that you can resize the cluster
to with the elastic resize method.
type: string
endpoint:
description: Endpoint specifies the connection endpoint.
properties:
address:
description: Address specifies the DNS address of the cluster.
type: string
port:
description: Port specifies the port that the database engine
is listening on.
format: int32
type: integer
type: object
expectedNextSnapshotScheduleTime:
description: The date and time when the next snapshot is expected
to be taken for clusters with a valid snapshot schedule and
backups enabled.
format: date-time
type: string
expectedNextSnapshotScheduleTimeStatus:
description: "The status of next expected snapshot for clusters
having a valid snapshot schedule and backups enabled. Possible
values are the following: \n * OnTrack - The next snapshot
is expected to be taken on time. \n * Pending - The next
snapshot is pending to be taken."
type: string
hsmStatus:
description: "A value that reports whether the Amazon Redshift
cluster has finished applying any hardware security module (HSM)
settings changes specified in a modify cluster command. \n Values:
active, applying"
properties:
hsmClientCertificateIdentifier:
description: Specifies the name of the HSM client certificate
the Amazon Redshift cluster uses to retrieve the data encryption
keys stored in an HSM.
type: string
hsmConfigurationIdentifier:
description: Specifies the name of the HSM configuration that
contains the information the Amazon Redshift cluster can
use to retrieve and store keys in an HSM.
type: string
status:
description: "Reports whether the Amazon Redshift cluster
has finished applying any HSM settings changes specified
in a modify cluster command. \n Values: active, applying"
type: string
type: object
modifyStatus:
description: The status of a modify operation, if any, initiated
for the cluster.
type: string
nextMaintenanceWindowStartTime:
description: The date and time in UTC when system maintenance
can begin.
format: date-time
type: string
pendingActions:
description: Cluster operations that are waiting to be started.
items:
type: string
type: array
snapshotScheduleState:
description: The current state of the cluster snapshot schedule.
type: string
vpcId:
description: The identifier of the VPC the cluster is in, if the
cluster is in a VPC.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: hostedzones.route53.aws.crossplane.io
spec:
group: route53.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: HostedZone
listKind: HostedZoneList
plural: hostedzones
singular: hostedzone
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: ID
type: string
- jsonPath: .status.atProvider.hostedZone.resourceRecordSetCount
name: RRs
type: integer
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: HostedZone is a managed resource that represents an AWS Route53
Hosted HostedZone.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: HostedZoneSpec defines the desired state of an AWS Route53
Hosted HostedZone.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: HostedZoneParameters define the desired state of an AWS
Route53 Hosted HostedZone.
properties:
config:
description: Config includes the Comment and PrivateZone elements.
If you omitted the Config and Comment elements from the request,
the Config and Comment elements don't appear in the response.
properties:
comment:
description: Comment that you want to include about the hosted
zone.
type: string
privateZone:
description: PrivateZone indicates whether this is a private
hosted zone.
type: boolean
type: object
delegationSetId:
description: DelegationSetId let you associate a reusable delegation
set with this hosted zone. It has to be the ID that Amazon Route
53 assigned to the reusable delegation set when you created
it. For more information about reusable delegation sets, see
CreateReusableDelegationSet (https://docs.aws.amazon.com/Route53/latest/APIReference/API_CreateReusableDelegationSet.html).
type: string
name:
description: "The name of the domain. Specify a fully qualified
domain name, for example, www.example.com. The trailing dot
is optional; Amazon Route 53 assumes that the domain name is
fully qualified. This means that Route 53 treats www.example.com
(without a trailing dot) and www.example.com. (with a trailing
dot) as identical. \n If you're creating a public hosted zone,
this is the name you have registered with your DNS registrar.
If your domain name is registered with a registrar other than
Route 53, change the name servers for your domain to the set
of NameServers that CreateHostedHostedZone returns in DelegationSet."
type: string
vpc:
description: "(Private hosted zones only) A complex type that
contains information about the Amazon VPC that you're associating
with this hosted zone. \n You can specify only one Amazon VPC
when you create a private hosted zone. To associate additional
Amazon VPCs with the hosted zone, use AssociateVPCWithHostedZone
(https://docs.aws.amazon.com/Route53/latest/APIReference/API_AssociateVPCWithHostedZone.html)
after you create a hosted zone."
properties:
vpcId:
description: (Private hosted zones only) The ID of an Amazon
VPC.
type: string
vpcIdRef:
description: (Private hosted Hostedzones only) VPCIDRef references
a VPC to retrieves its VPC Id.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
vpcIdSelector:
description: VPCIDSelector selects a reference to a VPC.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
vpcRegion:
description: (Private hosted zones only) The region that an
Amazon VPC was created in.
type: string
type: object
required:
- name
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: HostedZoneStatus represents the observed state of a HostedZone.
properties:
atProvider:
description: HostedZoneObservation keeps the state for the external
resource.
properties:
delegationSet:
description: DelegationSet describes the name servers for this
hosted zone.
properties:
callerReference:
description: The value that you specified for CallerReference
when you created the reusable delegation set.
type: string
id:
description: The ID that Amazon Route 53 assigns to a reusable
delegation set.
type: string
nameServers:
description: NameServers contains a list of the authoritative
name servers for a hosted Hostedzone.
items:
type: string
type: array
type: object
hostedZone:
description: HostedZone contains general information about the
hosted zone.
properties:
callerReference:
description: CallerReference is an unique string that identifies
the request and that allows failed HostedZone create requests
to be retried without the risk of executing the operation
twice.
type: string
id:
description: ID that Amazon Route 53 assigned to the hosted
zone when you created it.
type: string
linkedService:
description: LinkedService is the service that created the
hosted zone.
properties:
description:
description: Description provided by the other service.
type: string
servicePrincipal:
description: ServicePrincipal is the service that created
the resource.
type: string
type: object
resourceRecordSetCount:
description: The number of resource record sets in the hosted
zone.
format: int64
type: integer
type: object
vpcs:
description: A complex type that contains information about the
VPCs that are associated with the specified hosted zone.
items:
description: VPCObservation is used to represent the VPC object
in the HostedZone response object.
properties:
vpcId:
description: VPCID is the ID of the VPC.
type: string
vpcRegion:
description: VPCRegion is the region where the VPC resides.
type: string
type: object
type: array
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: resourcerecordsets.route53.aws.crossplane.io
spec:
group: route53.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: ResourceRecordSet
listKind: ResourceRecordSetList
plural: resourcerecordsets
singular: resourcerecordset
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
- jsonPath: .spec.forProvider.type
name: TYPE
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha1
schema:
openAPIV3Schema:
description: ResourceRecordSet is a managed resource that represents an AWS
Route53 Resource Record.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ResourceRecordSetSpec defines the desired state of an AWS
Route53 Resource Record.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: ResourceRecordSetParameters define the desired state
of an AWS Route53 Resource Record.
properties:
aliasTarget:
description: "Alias resource record sets only: Information about
the AWS resource, such as a CloudFront distribution or an Amazon
S3 bucket, that you want to route traffic to. \n If you're creating
resource records sets for a private hosted zone, note the following:
\n * You can't create an alias resource record set in a private
hosted zone to route traffic to a CloudFront distribution.
\n * Creating geolocation alias resource record sets or latency
alias resource record sets in a private hosted zone is unsupported.
\n * For information about creating failover resource record
sets in a private hosted zone, see Configuring Failover in
a Private Hosted Zone (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)
\ in the Amazon Route 53 Developer Guide."
properties:
dnsName:
description: "Alias resource record sets only: The value that
you specify depends on where you want to route queries:
\n Amazon API Gateway custom regional APIs and edge-optimized
APIs \n Specify the applicable domain name for your API.
You can get the applicable value using the AWS CLI command
get-domain-names (https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html):
\n * For regional APIs, specify the value of regionalDomainName.
\n * For edge-optimized APIs, specify the value of distributionDomainName.
\ This is the name of the associated CloudFront distribution,
such as da1b2c3d4e5.cloudfront.net. \n The name of the record
that you're creating must match a custom domain name for
your API, such as api.example.com. \n Amazon Virtual Private
Cloud interface VPC endpoint \n Enter the API endpoint for
the interface endpoint, such as vpce-123456789abcdef01-example-us-east-1a.elasticloadbalancing.us-east-1.vpce.amazonaws.com.
For edge-optimized APIs, this is the domain name for the
corresponding CloudFront distribution. You can get the value
of DnsName using the AWS CLI command describe-vpc-endpoints
(https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html).
\n CloudFront distribution \n Specify the domain name that
CloudFront assigned when you created your distribution.
\n Your CloudFront distribution must include an alternate
domain name that matches the name of the resource record
set. For example, if the name of the resource record set
is acme.example.com, your CloudFront distribution must include
acme.example.com as one of the alternate domain names. For
more information, see Using Alternate Domain Names (CNAMEs)
(https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html)
in the Amazon CloudFront Developer Guide. \n You can't create
a resource record set in a private hosted zone to route
traffic to a CloudFront distribution. \n For failover alias
records, you can't specify a CloudFront distribution for
both the primary and secondary records. A distribution must
include an alternate domain name that matches the name of
the record. However, the primary and secondary records have
the same name, and you can't include the same alternate
domain name in more than one distribution. \n Elastic Beanstalk
environment \n If the domain name for your Elastic Beanstalk
environment includes the region that you deployed the environment
in, you can create an alias record that routes traffic to
the environment. For example, the domain name my-environment.us-west-2.elasticbeanstalk.com
is a regionalized domain name. \n For environments that
were created before early 2016, the domain name doesn't
include the region. To route traffic to these environments,
you must create a CNAME record instead of an alias record.
Note that you can't create a CNAME record for the root domain
name. For example, if your domain name is example.com, you
can create a record that routes traffic for acme.example.com
to your Elastic Beanstalk environment, but you can't create
a record that routes traffic for example.com to your Elastic
Beanstalk environment. \n For Elastic Beanstalk environments
that have regionalized subdomains, specify the CNAME attribute
for the environment. You can use the following methods to
get the value of the CNAME attribute: \n * AWS Management
Console: For information about how to get the value by using
the console, see Using Custom Domains with AWS Elastic Beanstalk
\ (https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customdomains.html)
\ in the AWS Elastic Beanstalk Developer Guide. \n *
Elastic Beanstalk API: Use the DescribeEnvironments action
to get the value of the CNAME attribute. For more information,
see DescribeEnvironments (https://docs.aws.amazon.com/elasticbeanstalk/latest/api/API_DescribeEnvironments.html)
\ in the AWS Elastic Beanstalk API Reference. \n *
AWS CLI: Use the describe-environments command to get the
value of the CNAME attribute. For more information, see
describe-environments (https://docs.aws.amazon.com/cli/latest/reference/elasticbeanstalk/describe-environments.html)
\ in the AWS CLI Command Reference. \n ELB load balancer
\n Specify the DNS name that is associated with the load
balancer. Get the DNS name by using the AWS Management Console,
the ELB API, or the AWS CLI. \n * AWS Management Console:
Go to the EC2 page, choose Load Balancers in the navigation
pane, choose the load balancer, choose the Description tab,
and get the value of the DNS name field. If you're routing
traffic to a Classic Load Balancer, get the value that
begins with dualstack. If you're routing traffic to another
type of load balancer, get the value that applies to
the record type, A or AAAA. \n * Elastic Load Balancing
API: Use DescribeLoadBalancers to get the value of DNSName.
For more information, see the applicable guide: Classic
Load Balancers: DescribeLoadBalancers (https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)
\ Application and Network Load Balancers: DescribeLoadBalancers
(https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)
\n * AWS CLI: Use describe-load-balancers to get the
value of DNSName. For more information, see the applicable
guide: Classic Load Balancers: describe-load-balancers (http://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)
\ Application and Network Load Balancers: describe-load-balancers
(http://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)
\n AWS Global Accelerator accelerator \n Specify the DNS
name for your accelerator: \n * Global Accelerator API:
To get the DNS name, use DescribeAccelerator (https://docs.aws.amazon.com/global-accelerator/latest/api/API_DescribeAccelerator.html).
\n * AWS CLI: To get the DNS name, use describe-accelerator
(https://docs.aws.amazon.com/cli/latest/reference/globalaccelerator/describe-accelerator.html).
\n Amazon S3 bucket that is configured as a static website
\n Specify the domain name of the Amazon S3 website endpoint
that you created the bucket in, for example, s3-website.us-east-2.amazonaws.com.
For more information about valid values, see the table Amazon
S3 Website Endpoints (https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints)
in the Amazon Web Services General Reference. For more information
about using S3 buckets for websites, see Getting Started
with Amazon Route 53 (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/getting-started.html)
in the Amazon Route 53 Developer Guide. \n Another Route
53 resource record set \n Specify the value of the Name
element for a resource record set in the current hosted
zone. \n If you're creating an alias record that has the
same name as the hosted zone (known as the zone apex), you
can't specify the domain name for a record for which the
value of Type is CNAME. This is because the alias record
must have the same type as the record that you're routing
traffic to, and creating a CNAME record for the zone apex
isn't supported even for an alias record."
type: string
evaluateTargetHealth:
description: "Applies only to alias, failover alias, geolocation
alias, latency alias, and weighted alias resource record
sets: When EvaluateTargetHealth is true, an alias resource
record set inherits the health of the referenced AWS resource,
such as an ELB load balancer or another resource record
set in the hosted zone. \n Note the following: \n CloudFront
distributions \n You can't set EvaluateTargetHealth to true
when the alias target is a CloudFront distribution. \n Elastic
Beanstalk environments that have regionalized subdomains
\n If you specify an Elastic Beanstalk environment in DNSName
and the environment contains an ELB load balancer, Elastic
Load Balancing routes queries only to the healthy Amazon
EC2 instances that are registered with the load balancer.
(An environment automatically contains an ELB load balancer
if it includes more than one Amazon EC2 instance.) If you
set EvaluateTargetHealth to true and either no Amazon EC2
instances are healthy or the load balancer itself is unhealthy,
Route 53 routes queries to other available resources that
are healthy, if any. \n If the environment contains a single
Amazon EC2 instance, there are no special requirements.
\n ELB load balancers \n Health checking behavior depends
on the type of load balancer: \n * Classic Load Balancers:
If you specify an ELB Classic Load Balancer in DNSName,
Elastic Load Balancing routes queries only to the healthy
\ Amazon EC2 instances that are registered with the load
balancer. If you set EvaluateTargetHealth to true and
either no EC2 instances are healthy or the load balancer
itself is unhealthy, Route 53 routes queries to other resources.
\n * Application and Network Load Balancers: If you specify
an ELB Application or Network Load Balancer and you set
EvaluateTargetHealth to true, Route 53 routes queries
to the load balancer based on the health of the target groups
that are associated with the load balancer: For an Application
\ or Network Load Balancer to be considered healthy, every
target group that contains targets must contain at least
one healthy target. If any target group contains only
unhealthy targets, the load balancer is considered unhealthy,
and Route 53 routes queries to other resources. A target
group that has no registered targets is considered unhealthy.
\n When you create a load balancer, you configure settings
for Elastic Load Balancing health checks; they're not Route
53 health checks, but they perform a similar function. Do
not create Route 53 health checks for the EC2 instances
that you register with an ELB load balancer. \n S3 buckets
\n There are no special requirements for setting EvaluateTargetHealth
to true when the alias target is an S3 bucket. \n Other
records in the same hosted zone \n If the AWS resource that
you specify in DNSName is a record or a group of records
(for example, a group of weighted records) but is not another
alias record, we recommend that you associate a health check
with all of the records in the alias target. For more information,
see What Happens When You Omit Health Checks? (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-complex-configs.html#dns-failover-complex-configs-hc-omitting)
in the Amazon Route 53 Developer Guide. \n For more information
and examples, see Amazon Route 53 Health Checks and DNS
Failover (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)
in the Amazon Route 53 Developer Guide."
type: boolean
hostedZoneId:
description: "Alias resource records sets only: The value
used depends on where you want to route traffic: \n Amazon
API Gateway custom regional APIs and edge-optimized APIs
\n Specify the hosted zone ID for your API. You can get
the applicable value using the AWS CLI command get-domain-names
(https://docs.aws.amazon.com/cli/latest/reference/apigateway/get-domain-names.html):
\n * For regional APIs, specify the value of regionalHostedZoneId.
\n * For edge-optimized APIs, specify the value of distributionHostedZoneId.
\n Amazon Virtual Private Cloud interface VPC endpoint \n
Specify the hosted zone ID for your interface endpoint.
You can get the value of HostedZoneId using the AWS CLI
command describe-vpc-endpoints (https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-vpc-endpoints.html).
\n CloudFront distribution \n Specify Z2FDTNDATAQYW2. \n
Alias resource record sets for CloudFront can't be created
in a private zone. \n Elastic Beanstalk environment \n Specify
the hosted zone ID for the region that you created the environment
in. The environment must have a regionalized subdomain.
For a list of regions and the corresponding hosted zone
IDs, see AWS Elastic Beanstalk (https://docs.aws.amazon.com/general/latest/gr/rande.html#elasticbeanstalk_region)
in the \"AWS Service Endpoints\" chapter of the Amazon Web
Services General Reference. \n ELB load balancer \n Specify
the value of the hosted zone ID for the load balancer. Use
the following methods to get the hosted zone ID: \n *
Service Endpoints (https://docs.aws.amazon.com/general/latest/gr/elb.html)
\ table in the \"Elastic Load Balancing Endpoints and
Quotas\" topic in the Amazon Web Services General Reference:
Use the value that corresponds with the region that you
created your load balancer in. Note that there are separate
columns for Application and Classic Load Balancers and for
\ Network Load Balancers. \n * AWS Management Console:
Go to the Amazon EC2 page, choose Load Balancers in the
navigation pane, select the load balancer, and get the value
of the Hosted zone field on the Description tab. \n *
Elastic Load Balancing API: Use DescribeLoadBalancers to
get the applicable value. For more information, see the
applicable guide: Classic Load Balancers: Use DescribeLoadBalancers
(https://docs.aws.amazon.com/elasticloadbalancing/2012-06-01/APIReference/API_DescribeLoadBalancers.html)
\ to get the value of CanonicalHostedZoneNameId. Application
and Network Load Balancers: Use DescribeLoadBalancers
(https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html)
\ to get the value of CanonicalHostedZoneId. \n * AWS
CLI: Use describe-load-balancers to get the applicable value.
For more information, see the applicable guide: Classic
Load Balancers: Use describe-load-balancers (http://docs.aws.amazon.com/cli/latest/reference/elb/describe-load-balancers.html)
\ to get the value of CanonicalHostedZoneNameId. Application
and Network Load Balancers: Use describe-load-balancers
(http://docs.aws.amazon.com/cli/latest/reference/elbv2/describe-load-balancers.html)
\ to get the value of CanonicalHostedZoneId. \n AWS Global
Accelerator accelerator \n Specify Z2BJ6XQ5FK7U4H. \n An
Amazon S3 bucket configured as a static website \n Specify
the hosted zone ID for the region that you created the bucket
in. For more information about valid values, see the table
Amazon S3 Website Endpoints (https://docs.aws.amazon.com/general/latest/gr/s3.html#s3_website_region_endpoints)
in the Amazon Web Services General Reference. \n Another
Route 53 resource record set in your hosted zone \n Specify
the hosted zone ID of your hosted zone. (An alias resource
record set can't reference a resource record set in a different
hosted zone.)"
type: string
required:
- dnsName
- evaluateTargetHealth
- hostedZoneId
type: object
failover:
description: "Failover resource record sets only: To configure
failover, you add the Failover element to two resource record
sets. For one resource record set, you specify PRIMARY as the
value for Failover; for the other resource record set, you specify
SECONDARY. In addition, you include the HealthCheckId element
and specify the health check that you want Amazon Route 53 to
perform for each resource record set. \n Except where noted,
the following failover behaviors assume that you have included
the HealthCheckId element in both resource record sets: \n *
When the primary resource record set is healthy, Route 53 responds
to DNS queries with the applicable value from the primary
resource record set regardless of the health of the secondary
resource record set. \n * When the primary resource record
set is unhealthy and the secondary resource record set is
healthy, Route 53 responds to DNS queries with the applicable
value from the secondary resource record set. \n * When the
secondary resource record set is unhealthy, Route 53 responds
\ to DNS queries with the applicable value from the primary
resource record set regardless of the health of the primary
resource record set. \n * If you omit the HealthCheckId element
for the secondary resource record set, and if the primary
resource record set is unhealthy, Route 53 always responds
to DNS queries with the applicable value from the secondary
resource record set. This is true regardless of the health
of the associated endpoint. \n You can't create non-failover
resource record sets that have the same values for the Name
and Type elements as failover resource record sets. \n For failover
alias resource record sets, you must also include the EvaluateTargetHealth
element and set the value to true. \n For more information about
configuring failover for Route 53, see the following topics
in the Amazon Route 53 Developer Guide: \n * Route 53 Health
Checks and DNS Failover (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)
\n * Configuring Failover in a Private Hosted Zone (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)"
type: string
geoLocation:
description: "Geolocation resource record sets only: A complex
type that lets you control how Amazon Route 53 responds to DNS
queries based on the geographic origin of the query. For example,
if you want all queries from Africa to be routed to a web server
with an IP address of 192.0.2.111, create a resource record
set with a Type of A and a ContinentCode of AF. \n Although
creating geolocation and geolocation alias resource record sets
in a private hosted zone is allowed, it's not supported. \n
If you create separate resource record sets for overlapping
geographic regions (for example, one resource record set for
a continent and one for a country on the same continent), priority
goes to the smallest geographic region. This allows you to route
most queries for a continent to one resource and to route queries
for a country on that continent to a different resource. \n
You can't create two geolocation resource record sets that specify
the same geographic location. \n The value * in the CountryCode
element matches all geographic locations that aren't specified
in other geolocation resource record sets that have the same
values for the Name and Type elements. \n Geolocation works
by mapping IP addresses to locations. However, some IP addresses
aren't mapped to geographic locations, so even if you create
geolocation resource record sets that cover all seven continents,
Route 53 will receive some DNS queries from locations that it
can't identify. We recommend that you create a resource record
set for which the value of CountryCode is *. Two groups of queries
are routed to the resource that you specify in this record:
queries that come from locations for which you haven't created
geolocation resource record sets and queries from IP addresses
that aren't mapped to a location. If you don't create a * resource
record set, Route 53 returns a \"no answer\" response for queries
from those locations. \n You can't create non-geolocation resource
record sets that have the same values for the Name and Type
elements as geolocation resource record sets."
properties:
continentCode:
description: 'ContinentCode is the two-letter code for the
continent. Amazon Route 53 supports the following continent
codes: * AF: Africa * AN: Antarctica * AS: Asia *
EU: Europe * OC: Oceania * NA: North America *
SA: South America Constraint: Specifying ContinentCode with
either CountryCode or SubdivisionCode returns an InvalidInput
error.'
type: string
countryCode:
description: "For geolocation resource record sets, the two-letter
code for a country. \n Amazon Route 53 uses the two-letter
country codes that are specified in ISO standard 3166-1
alpha-2 (https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2)."
type: string
subdivisionCode:
description: "For geolocation resource record sets, the two-letter
code for a state of the United States. Route 53 doesn't
support any other values for SubdivisionCode. For a list
of state abbreviations, see Appendix B: Two–Letter State
and Possession Abbreviations (https://pe.usps.com/text/pub28/28apb.htm)
on the United States Postal Service website. \n If you specify
subdivision code, you must also specify US for CountryCode."
type: string
type: object
healthCheckId:
description: "If you want Amazon Route 53 to return this resource
record set in response to a DNS query only when the status of
a health check is healthy, include the HealthCheckId element
and specify the ID of the applicable health check. \n Route
53 determines whether a resource record set is healthy based
on one of the following: \n * By periodically sending a request
to the endpoint that is specified in the health check \n
\ * By aggregating the status of a specified group of health
checks (calculated health checks) \n * By determining
the current state of a CloudWatch alarm (CloudWatch metric health
checks) \n Route 53 doesn't check the health of the endpoint
that is specified in the resource record set, for example, the
endpoint specified by the IP address in the Value element. When
you add a HealthCheckId element to a resource record set, Route
53 checks the health of the endpoint that you specified in the
health check. \n For more information, see the following topics
in the Amazon Route 53 Developer Guide: \n * How Amazon Route
53 Determines Whether an Endpoint Is Healthy (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html)
\n * Route 53 Health Checks and DNS Failover (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover.html)
\n * Configuring Failover in a Private Hosted Zone (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-private-hosted-zones.html)
\n When to Specify HealthCheckId \n Specifying a value for HealthCheckId
is useful only when Route 53 is choosing between two or more
resource record sets to respond to a DNS query, and you want
Route 53 to base the choice in part on the status of a health
check. Configuring health checks makes sense only in the following
configurations: \n * Non-alias resource record sets: You're
checking the health of a group of non-alias resource record
sets that have the same routing policy, name, and type (such
as multiple weighted records named www.example.com with a
type of A) and you specify health check IDs for all the resource
record sets. If the health check status for a resource record
set is healthy, Route 53 includes the record among the records
that it responds to DNS queries with. If the health check
status for a resource record set is unhealthy, Route 53 stops
responding to DNS queries using the value for that resource
record set. If the health check status for all resource record
sets in the group is unhealthy, Route 53 considers all resource
\ record sets in the group healthy and responds to DNS queries
accordingly. \n * Alias resource record sets: You specify
the following settings: You set EvaluateTargetHealth to true
for an alias resource record set in a group of resource record
sets that have the same routing policy, name, and type (such
as multiple weighted records named www.example.com with a
type of A). You configure the alias resource record set to route
traffic to a non-alias resource record set in the same hosted
zone. You specify a health check ID for the non-alias resource
record set. If the health check status is healthy, Route
53 considers the alias resource record set to be healthy
and includes the alias record among the records that it responds
to DNS queries with. If the health check status is unhealthy,
\ Route 53 stops responding to DNS queries using the alias
resource record set. The alias resource record set can also
route traffic to a group of non-alias resource record sets
that have the same routing policy, name, and type. In that
configuration, associate health checks with all of the resource
record sets in the group of non-alias resource record sets.
\n Geolocation Routing \n For geolocation resource record sets,
if an endpoint is unhealthy, Route 53 looks for a resource record
set for the larger, associated geographic region. For example,
suppose you have resource record sets for a state in the United
States, for the entire United States, for North America, and
a resource record set that has * for CountryCode is *, which
applies to all locations. If the endpoint for the state resource
record set is unhealthy, Route 53 checks for healthy resource
record sets in the following order until it finds a resource
record set for which the endpoint is healthy: \n * The United
States \n * North America \n * The default resource record
set \n Specifying the Health Check Endpoint by Domain Name \n
If your health checks specify the endpoint only by domain name,
we recommend that you create a separate health check for each
endpoint. For example, create a health check for each HTTP server
that is serving content for www.example.com. For the value of
FullyQualifiedDomainName, specify the domain name of the server
(such as us-east-2-www.example.com), not the name of the resource
record sets (www.example.com). \n Health check results will
be unpredictable if you do the following: \n * Create a health
check that has the same value for FullyQualifiedDomainName as
the name of a resource record set. \n * Associate that health
check with the resource record set."
type: string
multiValueAnswer:
description: "Multivalue answer resource record sets only: To
route traffic approximately randomly to multiple resources,
such as web servers, create one multivalue answer record for
each resource and specify true for MultiValueAnswer. Note the
following: \n * If you associate a health check with a multivalue
answer resource record set, Amazon Route 53 responds to DNS
queries with the corresponding IP address only when the health
check is healthy. \n * If you don't associate a health check
with a multivalue answer record, Route 53 always considers
the record to be healthy. \n * Route 53 responds to DNS queries
with up to eight healthy records; if you have eight or fewer
healthy records, Route 53 responds to all DNS queries with
all the healthy records. \n * If you have more than eight
healthy records, Route 53 responds to different DNS resolvers
with different combinations of healthy records. \n * When
all records are unhealthy, Route 53 responds to DNS queries
with up to eight unhealthy records. \n * If a resource
becomes unavailable after a resolver caches a response, client
software typically tries another of the IP addresses in the
response. \n You can't create multivalue answer alias records."
type: boolean
region:
description: "Latency-based resource record sets only: The Amazon
EC2 Region where you created the resource that this resource
record set refers to. The resource typically is an AWS resource,
such as an EC2 instance or an ELB load balancer, and is referred
to by an IP address or a DNS domain name, depending on the record
type. \n Although creating latency and latency alias resource
record sets in a private hosted zone is allowed, it's not supported.
\n When Amazon Route 53 receives a DNS query for a domain name
and type for which you have created latency resource record
sets, Route 53 selects the latency resource record set that
has the lowest latency between the end user and the associated
Amazon EC2 Region. Route 53 then returns the value that is associated
with the selected resource record set. \n Note the following:
\n * You can only specify one ResourceRecord per latency
resource record set. \n * You can only create one latency
resource record set for each Amazon EC2 Region. \n * You
aren't required to create latency resource record sets for all
Amazon EC2 Regions. Route 53 will choose the region with
the best latency from among the regions that you create latency
resource record sets for. \n * You can't create non-latency
resource record sets that have the same values for the Name
and Type elements as latency resource record sets."
type: string
resourceRecords:
description: "Information about the resource records to act upon.
\n If you're creating an alias resource record set, omit ResourceRecords."
items:
description: ResourceRecord holds the DNS value to be used for
the record.
properties:
value:
description: "The current or new DNS record value, not to
exceed 4,000 characters. In the case of a DELETE action,
if the current value does not match the actual value,
an error is returned. For descriptions about how to format
Value for different record types, see Supported DNS Resource
Record Types (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html)
in the Amazon Route 53 Developer Guide. \n You can specify
more than one value for all record types except CNAME
and SOA. \n If you're creating an alias resource record
set, omit Value."
type: string
required:
- value
type: object
type: array
setIdentifier:
description: "Resource record sets that have a routing policy
other than simple: An identifier that differentiates among multiple
resource record sets that have the same combination of name
and type, such as multiple weighted resource record sets named
acme.example.com that have a type of A. In a group of resource
record sets that have the same name and type, the value of SetIdentifier
must be unique for each resource record set. \n For information
about routing policies, see Choosing a Routing Policy (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html)
in the Amazon Route 53 Developer Guide."
type: string
trafficPolicyInstanceId:
description: "When you create a traffic policy instance, Amazon
Route 53 automatically creates a resource record set. TrafficPolicyInstanceId
is the ID of the traffic policy instance that Route 53 created
this resource record set for. \n To delete the resource record
set that is associated with a traffic policy instance, use DeleteTrafficPolicyInstance.
Route 53 will delete the resource record set automatically.
If you delete the resource record set by using ChangeResourceRecordSets,
Route 53 doesn't automatically delete the traffic policy instance,
and you'll continue to be charged for it even though it's no
longer in use."
type: string
ttl:
description: "The resource record cache time to live (TTL), in
seconds. Note the following: \n * If you're creating or updating
an alias resource record set, omit TTL. Amazon Route 53 uses
the value of TTL for the alias target. \n * If you're associating
this resource record set with a health check (if you're adding
a HealthCheckId element), we recommend that you specify a
TTL of 60 seconds or less so clients respond quickly to changes
in health status. \n * All of the resource record sets
in a group of weighted resource record sets must have the
same value for TTL. \n * If a group of weighted resource
record sets includes one or more weighted alias resource
record sets for which the alias target is an ELB load balancer,
\ we recommend that you specify a TTL of 60 seconds for all
of the non-alias weighted resource record sets that have
the same name and type. Values other than 60 seconds (the
TTL for load balancers) will change the effect of the values
that you specify for Weight."
format: int64
type: integer
type:
description: "The DNS record type. For information about different
record types and how data is encoded for them, see Supported
DNS Resource Record Types (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/ResourceRecordTypes.html)
in the Amazon Route 53 Developer Guide. \n Valid values for
basic resource record sets: A | AAAA | CAA | CNAME | MX | NAPTR
| NS | PTR | SOA | SPF | SRV | TXT \n Values for weighted, latency,
geolocation, and failover resource record sets: A | AAAA | CAA
| CNAME | MX | NAPTR | PTR | SPF | SRV | TXT. When creating
a group of weighted, latency, geolocation, or failover resource
record sets, specify the same value for all of the resource
record sets in the group. \n Valid values for multivalue answer
resource record sets: A | AAAA | MX | NAPTR | PTR | SPF | SRV
| TXT \n SPF records were formerly used to verify the identity
of the sender of email messages. However, we no longer recommend
that you create resource record sets for which the value of
Type is SPF. RFC 7208, Sender Policy Framework (SPF) for Authorizing
Use of Domains in Email, Version 1, has been updated to say,
\"...[I]ts existence and mechanism defined in [RFC4408] have
led to some interoperability issues. Accordingly, its use is
no longer appropriate for SPF version 1; implementations are
not to use it.\" In RFC 7208, see section 14.1, The SPF DNS
Record Type (http://tools.ietf.org/html/rfc7208#section-14.1).
\n Values for alias resource record sets: \n * Amazon API
Gateway custom regional APIs and edge-optimized APIs: A \n *
CloudFront distributions: A If IPv6 is enabled for the distribution,
\ create two resource record sets to route traffic to your
distribution, one with a value of A and one with a value
of AAAA. \n * Amazon API Gateway environment that has a regionalized
subdomain: A \n * ELB load balancers: A | AAAA \n * Amazon
S3 buckets: A \n * Amazon Virtual Private Cloud interface
VPC endpoints A \n * Another resource record set in this
hosted zone: Specify the type of the resource record set
that you're creating the alias for. All values are supported
except NS and SOA. If you're creating an alias record that has
the same name as the hosted zone (known as the zone apex), you
can't route traffic to a record for which the value of Type
is CNAME. This is because the alias record must have the
same type as the record you're routing traffic to, and creating
a CNAME record for the zone apex isn't supported even for
an alias record."
type: string
weight:
description: "Weighted resource record sets only: Among resource
record sets that have the same combination of DNS name and type,
a value that determines the proportion of DNS queries that Amazon
Route 53 responds to using the current resource record set.
Route 53 calculates the sum of the weights for the resource
record sets that have the same combination of DNS name and type.
Route 53 then responds to queries based on the ratio of a resource's
weight to the total. Note the following: \n * You must specify
a value for the Weight element for every weighted resource record
set. \n * You can only specify one ResourceRecord per weighted
resource record set. \n * You can't create latency, failover,
or geolocation resource record sets that have the same values
for the Name and Type elements as weighted resource record
sets. \n * You can create a maximum of 100 weighted resource
record sets that have the same values for the Name and Type
elements. \n * For weighted (but not weighted alias) resource
record sets, if you set Weight to 0 for a resource record
set, Route 53 never responds to queries with the applicable
value for that resource record set. However, if you set Weight
to 0 for all resource record sets that have the same combination
\ of DNS name and type, traffic is routed to all resources
with equal probability. The effect of setting Weight to 0
is different when you associate health checks with weighted
resource record sets. For more information, see Options for
Configuring Route 53 Active-Active and Active-Passive Failover
(https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-configuring-options.html)
\ in the Amazon Route 53 Developer Guide."
format: int64
type: integer
zoneId:
description: ZoneID is the ID of the hosted zone that contains
the resource record sets that you want to change.
type: string
zoneIdRef:
description: ZoneIDRef references a Zone to retrieves its ZoneId
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
zoneIdSelector:
description: ZoneIDSelector selects a reference to a Zone to retrieves
its ZoneID
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- type
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: ResourceRecordSetStatus represents the observed state of
a ResourceRecordSet.
properties:
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: resolverendpoints.route53resolver.aws.crossplane.io
spec:
group: route53resolver.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: ResolverEndpoint
listKind: ResolverEndpointList
plural: resolverendpoints
singular: resolverendpoint
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: ResolverEndpoint is the Schema for the ResolverEndpoints API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ResolverEndpointSpec defines the desired state of ResolverEndpoint
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: ResolverEndpointParameters defines the desired state
of ResolverEndpoint
properties:
direction:
description: "Specify the applicable value: \n * INBOUND: Resolver
forwards DNS queries to the DNS service for a VPC from your
network \n * OUTBOUND: Resolver forwards DNS queries from
the DNS service for a VPC to your network"
type: string
ipAddresses:
description: IPAddresses are the subnets and IP addresses in your
VPC that DNS queries originate from (for outbound endpoints)
or that you forward DNS queries to (for inbound endpoints).
The subnet ID uniquely identifies a VPC.
items:
description: IPAddressRequest is used by ResolverEndpoint
properties:
ip:
description: IP address that you want to use for DNS queries.
type: string
subnetId:
description: SubnetId is the ID of the subnet that contains
the IP address.
type: string
subnetIdRef:
description: SubnetIDRefs is a list of references to Subnets
used to set the SubnetIDs.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
subnetIdSelector:
description: SubnetIDSelector selects references to Subnets
used to set the SubnetIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
type: object
type: array
name:
description: A friendly name that lets you easily find a configuration
in the Resolver dashboard in the Route 53 console.
type: string
region:
description: Region is which region the ResolverEndpoint will
be created.
type: string
securityGroupIdRefs:
description: SecurityGroupIDRefs is a list of references to SecurityGroups
used to set the SecurityGroupIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
securityGroupIdSelector:
description: SecurityGroupIDsSelector selects references to SecurityGroupID
used to set the SecurityGroupIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
securityGroupIds:
description: The ID of one or more security groups that you want
to use to control access to this VPC. The security group that
you specify must include one or more inbound rules (for inbound
Resolver endpoints) or outbound rules (for outbound Resolver
endpoints). Inbound and outbound rules must allow TCP and UDP
access. For inbound access, open port 53. For outbound access,
open the port that you're using for DNS queries on your network.
items:
type: string
type: array
tags:
description: A list of the tag keys and values that you want to
associate with the endpoint.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- direction
- ipAddresses
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: ResolverEndpointStatus defines the observed state of ResolverEndpoint.
properties:
atProvider:
description: ResolverEndpointObservation defines the observed state
of ResolverEndpoint
properties:
arn:
description: The ARN (Amazon Resource Name) for the Resolver endpoint.
type: string
creationTime:
description: The date and time that the endpoint was created,
in Unix time format and Coordinated Universal Time (UTC).
type: string
creatorRequestID:
description: A unique string that identifies the request that
created the Resolver endpoint. The CreatorRequestId allows failed
requests to be retried without the risk of executing the operation
twice.
type: string
hostVPCID:
description: The ID of the VPC that you want to create the Resolver
endpoint in.
type: string
id:
description: The ID of the Resolver endpoint.
type: string
ipAddressCount:
description: The number of IP addresses that the Resolver endpoint
can use for DNS queries.
format: int64
type: integer
modificationTime:
description: The date and time that the endpoint was last modified,
in Unix time format and Coordinated Universal Time (UTC).
type: string
securityGroupIDs:
description: The ID of one or more security groups that control
access to this VPC. The security group must include one or more
inbound rules (for inbound endpoints) or outbound rules (for
outbound endpoints). Inbound and outbound rules must allow TCP
and UDP access. For inbound access, open port 53. For outbound
access, open the port that you're using for DNS queries on your
network.
items:
type: string
type: array
status:
description: "A code that specifies the current status of the
Resolver endpoint. Valid values include the following: \n *
CREATING: Resolver is creating and configuring one or more Amazon
VPC network interfaces for this endpoint. \n * OPERATIONAL:
The Amazon VPC network interfaces for this endpoint are correctly
configured and able to pass inbound or outbound DNS queries
\ between your network and Resolver. \n * UPDATING: Resolver
is associating or disassociating one or more network interfaces
with this endpoint. \n * AUTO_RECOVERING: Resolver is trying
to recover one or more of the network interfaces that are
associated with this endpoint. During the recovery process,
the endpoint functions with limited capacity because of the
limit on the number of DNS queries per IP address (per network
interface). For the current limit, see Limits on Route 53
Resolver (https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/DNSLimitations.html#limits-api-entities-resolver).
\n * ACTION_NEEDED: This endpoint is unhealthy, and Resolver
can't automatically recover it. To resolve the problem, we
recommend that you check each IP address that you associated
with the endpoint. For each IP address that isn't available,
add another IP address and then delete the IP address that
isn't available. (An endpoint must always include at least two
IP addresses.) A status of ACTION_NEEDED can have a variety
of causes. Here are two common causes: One or more of the
network interfaces that are associated with the endpoint
were deleted using Amazon VPC. The network interface couldn't
be created for some reason that's outside the control of
Resolver. \n * DELETING: Resolver is deleting this endpoint
and the associated network interfaces."
type: string
statusMessage:
description: A detailed description of the status of the Resolver
endpoint.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
required:
- atProvider
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: resolverrules.route53resolver.aws.crossplane.io
spec:
group: route53resolver.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: ResolverRule
listKind: ResolverRuleList
plural: resolverrules
singular: resolverrule
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: ResolverRule is the Schema for the ResolverRules API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ResolverRuleSpec defines the desired state of ResolverRule
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: ResolverRuleParameters defines the desired state of ResolverRule
properties:
domainName:
description: DNS queries for this domain name are forwarded to
the IP addresses that you specify in TargetIps. If a query matches
multiple Resolver rules (example.com and www.example.com), outbound
DNS queries are routed using the Resolver rule that contains
the most specific domain name (www.example.com).
type: string
name:
description: A friendly name that lets you easily find a rule
in the Resolver dashboard in the Route 53 console.
type: string
region:
description: Region is which region the ResolverRule will be created.
type: string
resolverEndpointID:
description: The ID of the outbound Resolver endpoint that you
want to use to route DNS queries to the IP addresses that you
specify in TargetIps.
type: string
resolverEndpointIdRefs:
description: ResolverEndpointIDRef is the reference to the ResolverEndpoint
used to set the ResolverEndpointID
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
resolverEndpointIdSelector:
description: ResolverEndpointIDSelector selects references to
ResolverEndpoint used to set the ResolverEndpointID
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
ruleType:
description: "When you want to forward DNS queries for specified
domain name to resolvers on your network, specify FORWARD. \n
When you have a forwarding rule to forward DNS queries for a
domain to your network and you want Resolver to process queries
for a subdomain of that domain, specify SYSTEM. \n For example,
to forward DNS queries for example.com to resolvers on your
network, you create a rule and specify FORWARD for RuleType.
To then have Resolver process queries for apex.example.com,
you create a rule and specify SYSTEM for RuleType. \n Currently,
only Resolver can create rules that have a value of RECURSIVE
for RuleType."
type: string
tags:
description: A list of the tag keys and values that you want to
associate with the endpoint.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
targetIPs:
description: "The IPs that you want Resolver to forward DNS queries
to. You can specify only IPv4 addresses. Separate IP addresses
with a comma. \n TargetIps is available only when the value
of Rule type is FORWARD."
items:
properties:
ip:
type: string
port:
format: int64
type: integer
type: object
type: array
required:
- domainName
- region
- ruleType
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: ResolverRuleStatus defines the observed state of ResolverRule.
properties:
atProvider:
description: ResolverRuleObservation defines the observed state of
ResolverRule
properties:
arn:
description: The ARN (Amazon Resource Name) for the Resolver rule
specified by Id.
type: string
creationTime:
description: The date and time that the Resolver rule was created,
in Unix time format and Coordinated Universal Time (UTC).
type: string
creatorRequestID:
description: A unique string that you specified when you created
the Resolver rule. CreatorRequestId identifies the request and
allows failed requests to be retried without the risk of executing
the operation twice.
type: string
id:
description: The ID that Resolver assigned to the Resolver rule
when you created it.
type: string
modificationTime:
description: The date and time that the Resolver rule was last
updated, in Unix time format and Coordinated Universal Time
(UTC).
type: string
ownerID:
description: When a rule is shared with another AWS account, the
account ID of the account that the rule is shared with.
type: string
shareStatus:
description: Whether the rules is shared and, if so, whether the
current account is sharing the rule with another account, or
another account is sharing the rule with the current account.
type: string
status:
description: A code that specifies the current status of the Resolver
rule.
type: string
statusMessage:
description: A detailed description of the status of a Resolver
rule.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
required:
- atProvider
type: object
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: bucketpolicies.s3.aws.crossplane.io
spec:
group: s3.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: BucketPolicy
listKind: BucketPolicyList
plural: bucketpolicies
singular: bucketpolicy
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .spec.forProvider.bucketName
name: BUCKETNAME
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1alpha3
schema:
openAPIV3Schema:
description: An BucketPolicy is a managed resource that represents an AWS
Bucket policy.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: An BucketPolicySpec defines the desired state of an BucketPolicy.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: BucketPolicyParameters define the desired state of an
AWS BucketPolicy.
properties:
bucketName:
description: BucketName presents the name of the bucket.
type: string
bucketNameRef:
description: BucketNameRef references to an S3Bucket to retrieve
its bucketName
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
bucketNameSelector:
description: BucketNameSelector selects a reference to an S3Bucket
to retrieve its bucketName
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
policy:
description: Policy is a well defined type which can be parsed
into an JSON S3 Bucket Policy either policy or rawPolicy must
be specified in the policy
properties:
id:
description: ID is the policy's optional identifier
type: string
statements:
description: Statements is the list of statement this policy
applies either jsonStatements or statements must be specified
in the policy
items:
description: BucketPolicyStatement defines an individual
statement within the BucketPolicyBody
properties:
action:
description: Each element of the PolicyAction array
describes the specific action or actions that will
be allowed or denied with this PolicyStatement.
items:
type: string
type: array
condition:
description: Condition specifies where conditions for
policy are in effect. https://docs.aws.amazon.com/AmazonS3/latest/dev/amazon-s3-policy-keys.html
items:
description: Condition represents a set of condition
pairs for a bucket policy
properties:
conditions:
description: Conditions represents each of the
key/value pairs for the operator key
items:
description: ConditionPair represents one condition
inside of the set of conditions for a bucket
policy
properties:
booleanValue:
description: ConditionBooleanValue is the
expected boolean value of the key from
the parent condition
type: boolean
dateValue:
description: ConditionDateValue is the expected
string value of the key from the parent
condition. The date value must be in ISO
8601 format. The time is always midnight
UTC.
format: date-time
type: string
key:
description: ConditionKey is the key condition
being applied to the parent condition
type: string
listValue:
description: ConditionListValue is the list
value of the key from the parent condition
items:
type: string
type: array
numericValue:
description: ConditionNumericValue is the
expected string value of the key from
the parent condition
format: int64
type: integer
stringValue:
description: ConditionStringValue is the
expected string value of the key from
the parent condition
type: string
required:
- key
type: object
type: array
operatorKey:
description: OperatorKey matches the condition
key and value in the policy against values in
the request context
type: string
required:
- conditions
- operatorKey
type: object
type: array
effect:
description: The effect is required and specifies whether
the statement results in an allow or an explicit deny.
Valid values for Effect are Allow and Deny.
enum:
- Allow
- Deny
type: string
notAction:
description: Each element of the NotPolicyAction array
will allow the property to match all but the listed
actions.
items:
type: string
type: array
notPrincipal:
description: Used with the S3 policy to specify the
users which are not included in this policy
properties:
allowAnon:
description: This flag indicates if the policy should
be made available to all anonymous users.
type: boolean
awsPrincipals:
description: This list contains the all of the AWS
IAM users which are affected by the policy statement.
items:
description: AWSPrincipal wraps the potential
values a policy principal can take. Only one
of the values should be set.
properties:
awsAccountId:
description: AWSAccountID identifies an AWS
account as the principal
type: string
iamRoleArn:
description: IAMRoleARN contains the ARN of
an IAM role
type: string
iamRoleArnRef:
description: IAMRoleARNRef contains the reference
to an IAMRole
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
iamRoleArnSelector:
description: IAMRoleARNSelector queries for
an IAM role to retrieve its userName
properties:
matchControllerRef:
description: MatchControllerRef ensures
an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object
with matching labels is selected.
type: object
type: object
iamUserArn:
description: UserARN contains the ARN of an
IAM user
type: string
iamUserArnRef:
description: UserARNRef contains the reference
to an User
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
iamUserArnSelector:
description: UserARNSelector queries for an
User to retrieve its userName
properties:
matchControllerRef:
description: MatchControllerRef ensures
an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object
with matching labels is selected.
type: object
type: object
type: object
type: array
federated:
description: This string contains the identifier
for any federated web identity provider.
type: string
service:
description: Service define the services which can
have access to this bucket
items:
type: string
type: array
type: object
notResource:
description: This will explicitly match all resource
paths except the ones specified in this array
items:
type: string
type: array
principal:
description: Used with the S3 policy to specify the
principal that is allowed or denied access to a resource.
properties:
allowAnon:
description: This flag indicates if the policy should
be made available to all anonymous users.
type: boolean
awsPrincipals:
description: This list contains the all of the AWS
IAM users which are affected by the policy statement.
items:
description: AWSPrincipal wraps the potential
values a policy principal can take. Only one
of the values should be set.
properties:
awsAccountId:
description: AWSAccountID identifies an AWS
account as the principal
type: string
iamRoleArn:
description: IAMRoleARN contains the ARN of
an IAM role
type: string
iamRoleArnRef:
description: IAMRoleARNRef contains the reference
to an IAMRole
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
iamRoleArnSelector:
description: IAMRoleARNSelector queries for
an IAM role to retrieve its userName
properties:
matchControllerRef:
description: MatchControllerRef ensures
an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object
with matching labels is selected.
type: object
type: object
iamUserArn:
description: UserARN contains the ARN of an
IAM user
type: string
iamUserArnRef:
description: UserARNRef contains the reference
to an User
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
iamUserArnSelector:
description: UserARNSelector queries for an
User to retrieve its userName
properties:
matchControllerRef:
description: MatchControllerRef ensures
an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object
with matching labels is selected.
type: object
type: object
type: object
type: array
federated:
description: This string contains the identifier
for any federated web identity provider.
type: string
service:
description: Service define the services which can
have access to this bucket
items:
type: string
type: array
type: object
resource:
description: The paths on which this resource will apply
items:
type: string
type: array
sid:
description: Optional identifier for this statement,
must be unique within the policy if provided.
type: string
required:
- effect
type: object
type: array
version:
default: "2012-10-17"
description: Version is the current IAM policy version
enum:
- "2012-10-17"
- "2008-10-17"
type: string
required:
- version
type: object
rawPolicy:
description: RawPolicy is a stringified version of the S3 Bucket
Policy. either policy or rawPolicy must be specified in the
policy
type: string
region:
description: Region is where the Bucket referenced by this BucketPolicy
resides.
type: string
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: An BucketPolicyStatus represents the observed state of an
BucketPolicy.
properties:
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha3
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: buckets.s3.aws.crossplane.io
spec:
group: s3.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Bucket
listKind: BucketList
plural: buckets
singular: bucket
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: An Bucket is a managed resource that represents an AWS S3 Bucket.
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: BucketSpec represents the desired state of the Bucket.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: BucketParameters are parameters for configuring the calls
made to AWS Bucket API.
properties:
accelerateConfiguration:
description: AccelerateConfiguration configures the transfer acceleration
state for an Amazon S3 bucket. For more information, see Amazon
S3 Transfer Acceleration (https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html)
in the Amazon Simple Storage Service Developer Guide.
properties:
status:
description: Status specifies the transfer acceleration status
of the bucket.
enum:
- Enabled
- Suspended
type: string
required:
- status
type: object
acl:
description: The canned ACL to apply to the bucket. Note that
either canned ACL or specific access permissions are required.
If neither (or both) are provided, the creation of the bucket
will fail.
enum:
- private
- public-read
- public-read-write
- authenticated-read
- aws-exec-read
- bucket-owner-read
- bucket-owner-full-control
- log-delivery-write
type: string
corsConfiguration:
description: Describes the cross-origin access configuration for
objects in an Amazon S3 bucket. For more information, see Enabling
Cross-Origin Resource Sharing (https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html)
in the Amazon Simple Storage Service Developer Guide.
properties:
corsRules:
description: A set of origins and methods (cross-origin access
that you want to allow). You can add up to 100 rules to
the configuration.
items:
description: CORSRule specifies a cross-origin access rule
for an Amazon S3 bucket.
properties:
allowedHeaders:
description: Headers that are specified in the Access-Control-Request-Headers
header. These headers are allowed in a preflight OPTIONS
request. In response to any preflight OPTIONS request,
Amazon S3 returns any requested headers that are allowed.
items:
type: string
type: array
allowedMethods:
description: An HTTP method that you allow the origin
to execute. Valid values are GET, PUT, HEAD, POST,
and DELETE.
items:
type: string
type: array
allowedOrigins:
description: One or more origins you want customers
to be able to access the bucket from.
items:
type: string
type: array
exposeHeaders:
description: One or more headers in the response that
you want customers to be able to access from their
applications (for example, from a JavaScript XMLHttpRequest
object).
items:
type: string
type: array
maxAgeSeconds:
description: The time in seconds that your browser is
to cache the preflight response for the specified
resource.
format: int32
type: integer
required:
- allowedMethods
- allowedOrigins
type: object
type: array
required:
- corsRules
type: object
grantFullControl:
description: Allows grantee the read, write, read ACP, and write
ACP permissions on the bucket.
type: string
grantRead:
description: Allows grantee to list the objects in the bucket.
type: string
grantReadAcp:
description: Allows grantee to read the bucket ACL.
type: string
grantWrite:
description: Allows grantee to create, overwrite, and delete any
object in the bucket.
type: string
grantWriteAcp:
description: Allows grantee to write the ACL for the applicable
bucket.
type: string
lifecycleConfiguration:
description: Creates a new lifecycle configuration for the bucket
or replaces an existing lifecycle configuration. For information
about lifecycle configuration, see Managing Access Permissions
to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html).
properties:
rules:
description: "A lifecycle rule for individual objects in an
Amazon S3 bucket. \n Rules is a required field"
items:
description: LifecycleRule for individual objects in an
Amazon S3 bucket.
properties:
abortIncompleteMultipartUpload:
description: Specifies the days since the initiation
of an incomplete multipart upload that Amazon S3 will
wait before permanently removing all parts of the
upload. For more information, see Aborting Incomplete
Multipart Uploads Using a Bucket Lifecycle Policy
(https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config)
in the Amazon Simple Storage Service Developer Guide.
properties:
daysAfterInitiation:
description: Specifies the number of days after
which Amazon S3 aborts an incomplete multipart
upload.
format: int32
type: integer
required:
- daysAfterInitiation
type: object
expiration:
description: Specifies the expiration for the lifecycle
of the object in the form of date, days and, whether
the object has a delete marker.
properties:
date:
description: Indicates at what date the object is
to be moved or deleted.
format: date-time
type: string
days:
description: Indicates the lifetime, in days, of
the objects that are subject to the rule. The
value must be a non-zero positive integer.
format: int32
minimum: 1
type: integer
expiredObjectDeleteMarker:
description: Indicates whether Amazon S3 will remove
a delete marker with no noncurrent versions. If
set to true, the delete marker will be expired;
if set to false the policy takes no action. This
cannot be specified with Days or Date in a Lifecycle
Expiration Policy.
type: boolean
type: object
filter:
description: The Filter is used to identify objects
that a Lifecycle Rule applies to. A Filter must have
exactly one of Prefix, Tag, or And specified.
properties:
and:
description: This is used in a Lifecycle Rule Filter
to apply a logical AND to two or more predicates.
The Lifecycle Rule will apply to any object matching
all of the predicates configured inside the And
operator.
properties:
prefix:
description: Prefix identifying one or more
objects to which the rule applies.
type: string
tags:
description: All of these tags must exist in
the object's tag set in order for the rule
to apply.
items:
description: Tag is a container for a key
value name pair.
properties:
key:
description: Name of the tag. Key is a
required field
type: string
value:
description: Value of the tag. Value is
a required field
type: string
required:
- key
- value
type: object
type: array
required:
- tags
type: object
prefix:
description: Prefix identifying one or more objects
to which the rule applies.
type: string
tag:
description: This tag must exist in the object's
tag set in order for the rule to apply.
properties:
key:
description: Name of the tag. Key is a required
field
type: string
value:
description: Value of the tag. Value is a required
field
type: string
required:
- key
- value
type: object
type: object
id:
description: Unique identifier for the rule. The value
cannot be longer than 255 characters.
type: string
noncurrentVersionExpiration:
description: Specifies when noncurrent object versions
expire. Upon expiration, Amazon S3 permanently deletes
the noncurrent object versions. You set this lifecycle
configuration action on a bucket that has versioning
enabled (or suspended) to request that Amazon S3 delete
noncurrent object versions at a specific period in
the object's lifetime.
properties:
noncurrentDays:
description: Specifies the number of days an object
is noncurrent before Amazon S3 can perform the
associated action. For information about the noncurrent
days calculations, see How Amazon S3 Calculates
When an Object Became Noncurrent (https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations)
in the Amazon Simple Storage Service Developer
Guide.
format: int32
type: integer
type: object
noncurrentVersionTransitions:
description: Specifies the transition rule for the lifecycle
rule that describes when noncurrent objects transition
to a specific storage class. If your bucket is versioning-enabled
(or versioning is suspended), you can set this action
to request that Amazon S3 transition noncurrent object
versions to a specific storage class at a set period
in the object's lifetime.
items:
description: NoncurrentVersionTransition contains
the transition rule that describes when noncurrent
objects transition to the STANDARD_IA, ONEZONE_IA,
INTELLIGENT_TIERING, GLACIER, or DEEP_ARCHIVE storage
class. If your bucket is versioning-enabled (or
versioning is suspended), you can set this action
to request that Amazon S3 transition noncurrent
object versions to the STANDARD_IA, ONEZONE_IA,
INTELLIGENT_TIERING, GLACIER, or DEEP_ARCHIVE storage
class at a specific period in the object's lifetime.
properties:
noncurrentDays:
description: Specifies the number of days an object
is noncurrent before Amazon S3 can perform the
associated action. For information about the
noncurrent days calculations, see How Amazon
S3 Calculates How Long an Object Has Been Noncurrent
(https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations)
in the Amazon Simple Storage Service Developer
Guide.
format: int32
type: integer
storageClass:
description: 'The class of storage used to store
the object. Valid values are: GLACIER, STANDARD_IA,
ONEZONE_IA, INTELLIGENT_TIERING, DEEP_ARCHIVE'
enum:
- GLACIER
- STANDARD_IA
- ONEZONE_IA
- INTELLIGENT_TIERING
- DEEP_ARCHIVE
type: string
required:
- storageClass
type: object
type: array
status:
description: "If 'Enabled', the rule is currently being
applied. If 'Disabled', the rule is not currently
being applied. \n Status is a required field, valid
values are Enabled or Disabled"
enum:
- Enabled
- Disabled
type: string
transitions:
description: Specifies when an Amazon S3 object transitions
to a specified storage class.
items:
description: Transition specifies when an object transitions
to a specified storage class. For more information
about Amazon S3 lifecycle configuration rules, see
Transitioning Objects Using Amazon S3 Lifecycle
(https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-transition-general-considerations.html)
in the Amazon Simple Storage Service Developer Guide.
properties:
date:
description: Indicates when objects are transitioned
to the specified storage class. The date value
must be in ISO 8601 format. The time is always
midnight UTC.
format: date-time
type: string
days:
description: Indicates the number of days after
creation when objects are transitioned to the
specified storage class. The value must be a
positive integer.
format: int32
minimum: 1
type: integer
storageClass:
description: 'The storage class to which you want
the object to transition. Valid values are:
GLACIER, STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING,
DEEP_ARCHIVE'
enum:
- GLACIER
- STANDARD_IA
- ONEZONE_IA
- INTELLIGENT_TIERING
- DEEP_ARCHIVE
type: string
required:
- storageClass
type: object
type: array
required:
- status
type: object
type: array
required:
- rules
type: object
locationConstraint:
description: LocationConstraint specifies the Region where the
bucket will be created. It is a required field.
type: string
loggingConfiguration:
description: Specifies logging parameters for an Amazon S3 bucket.
Set the logging parameters for a bucket and to specify permissions
for who can view and modify the logging parameters. See the
AWS API reference guide for Amazon Simple Storage Service's
API operation PutBucketLogging for usage and error information.
See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketLogging
properties:
targetBucket:
description: TargetBucket where logs will be stored, it can
be the same bucket. At least one of targetBucket, targetBucketRef
or targetBucketSelector is required.
type: string
targetBucketRef:
description: TargetBucketRef references an S3Bucket to retrieve
its name
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
targetBucketSelector:
description: TargetBucketSelector selects a reference to an
S3Bucket to retrieve its name
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
targetGrants:
description: Container for granting information.
items:
description: TargetGrant is the container for granting information.
properties:
bucketLogsPermission:
description: Logging permissions assigned to the Grantee
for the bucket. Valid values are "FULL_CONTROL", "READ",
"WRITE"
enum:
- FULL_CONTROL
- READ
- WRITE
type: string
targetGrantee:
description: Container for the person being granted
permissions.
properties:
ID:
description: The canonical user ID of the grantee.
type: string
URI:
description: URI of the grantee group.
type: string
displayName:
description: Screen name of the grantee.
type: string
emailAddress:
description: Email address of the grantee. For a
list of all the Amazon S3 supported Regions and
endpoints, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region)
in the AWS General Reference.
type: string
type:
description: Type of grantee Type is a required
field
enum:
- CanonicalUser
- AmazonCustomerByEmail
- Group
type: string
required:
- type
type: object
required:
- bucketLogsPermission
- targetGrantee
type: object
type: array
targetPrefix:
description: A prefix for all log object keys.
type: string
required:
- targetPrefix
type: object
notificationConfiguration:
description: Enables notifications of specified events for a bucket.
For more information about event notifications, see Configuring
Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html).
properties:
lambdaFunctionConfigurations:
description: Describes the AWS Lambda functions to invoke
and the events for which to invoke them.
items:
description: LambdaFunctionConfiguration contains the configuration
for AWS Lambda notifications.
properties:
ID:
description: An optional unique identifier for configurations
in a notification configuration. If you don't provide
one, Amazon S3 will assign an ID.
type: string
events:
description: "The Amazon S3 bucket event for which to
invoke the AWS Lambda function. For more information,
see Supported Event Types (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html)
in the Amazon Simple Storage Service Developer Guide.
\n Events is a required field A full list of valid
events can be found in the Amazon S3 Developer guide
https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html#notification-how-to-event-types-and-destinations"
items:
type: string
type: array
filter:
description: Specifies object key name filtering rules.
For information about key name filtering, see Configuring
Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html)
in the Amazon Simple Storage Service Developer Guide.
properties:
key:
description: A container for object key name prefix
and suffix filtering rules.
properties:
filterRules:
description: A list of containers for the key-value
pair that defines the criteria for the filter
rule.
items:
description: FilterRule specifies the Amazon
S3 object key name to filter on and whether
to filter on the suffix or prefix of the
key name.
properties:
name:
description: The object key name prefix
or suffix identifying one or more objects
to which the filtering rule applies.
The maximum length is 1,024 characters.
Overlapping prefixes and suffixes are
not supported. For more information,
see Configuring Event Notifications
(https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html)
in the Amazon Simple Storage Service
Developer Guide. Valid values are "prefix"
or "suffix"
enum:
- prefix
- suffix
type: string
value:
description: The value that the filter
searches for in object key names.
type: string
required:
- name
type: object
type: array
required:
- filterRules
type: object
type: object
lambdaFunctionArn:
description: "The Amazon Resource Name (ARN) of the
AWS Lambda function that Amazon S3 invokes when the
specified event type occurs. \n LambdaFunctionArn
is a required field"
type: string
required:
- events
- lambdaFunctionArn
type: object
type: array
queueConfigurations:
description: The Amazon Simple Queue Service queues to publish
messages to and the events for which to publish messages.
items:
description: QueueConfiguration specifies the configuration
for publishing messages to an Amazon Simple Queue Service
(Amazon SQS) queue when Amazon S3 detects specified events.
properties:
ID:
description: An optional unique identifier for configurations
in a notification configuration. If you don't provide
one, Amazon S3 will assign an ID.
type: string
events:
description: "A collection of bucket events for which
to send notifications \n Events is a required field
A full list of valid events can be found in the Amazon
S3 Developer guide https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html#notification-how-to-event-types-and-destinations"
items:
type: string
type: array
filter:
description: Specifies object key name filtering rules.
For information about key name filtering, see Configuring
Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html)
in the Amazon Simple Storage Service Developer Guide.
properties:
key:
description: A container for object key name prefix
and suffix filtering rules.
properties:
filterRules:
description: A list of containers for the key-value
pair that defines the criteria for the filter
rule.
items:
description: FilterRule specifies the Amazon
S3 object key name to filter on and whether
to filter on the suffix or prefix of the
key name.
properties:
name:
description: The object key name prefix
or suffix identifying one or more objects
to which the filtering rule applies.
The maximum length is 1,024 characters.
Overlapping prefixes and suffixes are
not supported. For more information,
see Configuring Event Notifications
(https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html)
in the Amazon Simple Storage Service
Developer Guide. Valid values are "prefix"
or "suffix"
enum:
- prefix
- suffix
type: string
value:
description: The value that the filter
searches for in object key names.
type: string
required:
- name
type: object
type: array
required:
- filterRules
type: object
type: object
queueArn:
description: "The Amazon Resource Name (ARN) of the
Amazon SQS queue to which Amazon S3 publishes a message
when it detects events of the specified type. \n QueueArn
is a required field"
type: string
queueArnRef:
description: QueueArnRef references an Queue to retrieve
its ARN
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
queueArnSelector:
description: QueueArnSelector selects a reference to
an Queue to retrieve its ARN
properties:
matchControllerRef:
description: MatchControllerRef ensures an object
with the same controller reference as the selecting
object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with
matching labels is selected.
type: object
type: object
required:
- events
- queueArn
type: object
type: array
topicConfigurations:
description: The topic to which notifications are sent and
the events for which notifications are generated.
items:
description: TopicConfiguration specifies the configuration
for publication of messages to an Amazon Simple Notification
Service (Amazon SNS) topic when Amazon S3 detects specified
events.
properties:
ID:
description: An optional unique identifier for configurations
in a notification configuration. If you don't provide
one, Amazon S3 will assign an ID.
type: string
events:
description: "The Amazon S3 bucket event about which
to send notifications. For more information, see Supported
Event Types (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html)
in the Amazon Simple Storage Service Developer Guide.
\n Events is a required field A full list of valid
events can be found in the Amazon S3 Developer guide
https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html#notification-how-to-event-types-and-destinations"
items:
type: string
type: array
filter:
description: Specifies object key name filtering rules.
For information about key name filtering, see Configuring
Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html)
in the Amazon Simple Storage Service Developer Guide.
properties:
key:
description: A container for object key name prefix
and suffix filtering rules.
properties:
filterRules:
description: A list of containers for the key-value
pair that defines the criteria for the filter
rule.
items:
description: FilterRule specifies the Amazon
S3 object key name to filter on and whether
to filter on the suffix or prefix of the
key name.
properties:
name:
description: The object key name prefix
or suffix identifying one or more objects
to which the filtering rule applies.
The maximum length is 1,024 characters.
Overlapping prefixes and suffixes are
not supported. For more information,
see Configuring Event Notifications
(https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html)
in the Amazon Simple Storage Service
Developer Guide. Valid values are "prefix"
or "suffix"
enum:
- prefix
- suffix
type: string
value:
description: The value that the filter
searches for in object key names.
type: string
required:
- name
type: object
type: array
required:
- filterRules
type: object
type: object
topicArn:
description: The Amazon Resource Name (ARN) of the Amazon
SNS topic to which Amazon S3 publishes a message when
it detects events of the specified type. At least
one of topicArn, topicArnRef or topicSelector is required.
type: string
topicRef:
description: TopicArnRef references an SNS Topic to
retrieve its Arn
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
topicSelector:
description: TopicArnSelector selects a reference to
an SNS Topic to retrieve its Arn
properties:
matchControllerRef:
description: MatchControllerRef ensures an object
with the same controller reference as the selecting
object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with
matching labels is selected.
type: object
type: object
required:
- events
type: object
type: array
type: object
objectLockEnabledForBucket:
description: Specifies whether you want S3 Object Lock to be enabled
for the new bucket.
type: boolean
paymentConfiguration:
description: Specifies payer parameters for an Amazon S3 bucket.
For more information, see Request Pays buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html)
in the Amazon Simple Storage Service Developer Guide.
properties:
payer:
description: Payer is a required field, detailing who pays
Valid values are "Requester" and "BucketOwner"
enum:
- Requester
- BucketOwner
type: string
required:
- payer
type: object
publicAccessBlockConfiguration:
description: PublicAccessBlockConfiguration that you want to apply
to this Amazon S3 bucket.
properties:
blockPublicAcls:
description: "Specifies whether Amazon S3 should block public
access control lists (ACLs) for this bucket and objects
in this bucket. Setting this element to TRUE causes the
following behavior: \n * PUT Bucket acl and PUT Object
acl calls fail if the specified ACL is public. \n *
PUT Object calls fail if the request includes a public ACL.
\n * PUT Bucket calls fail if the request includes a
public ACL. \n Enabling this setting doesn't affect existing
policies or ACLs."
type: boolean
blockPublicPolicy:
description: "Specifies whether Amazon S3 should block public
bucket policies for this bucket. Setting this element to
TRUE causes Amazon S3 to reject calls to PUT Bucket policy
if the specified bucket policy allows public access. \n
Enabling this setting doesn't affect existing bucket policies."
type: boolean
ignorePublicAcls:
description: "Specifies whether Amazon S3 should ignore public
ACLs for this bucket and objects in this bucket. Setting
this element to TRUE causes Amazon S3 to ignore all public
ACLs on this bucket and objects in this bucket. \n Enabling
this setting doesn't affect the persistence of any existing
ACLs and doesn't prevent new public ACLs from being set."
type: boolean
restrictPublicBuckets:
description: "Specifies whether Amazon S3 should restrict
public bucket policies for this bucket. Setting this element
to TRUE restricts access to this bucket to only AWS services
and authorized users within this account if the bucket has
a public policy. \n Enabling this setting doesn't affect
previously stored bucket policies, except that public and
cross-account access within any public bucket policy, including
non-public delegation to specific accounts, is blocked."
type: boolean
type: object
replicationConfiguration:
description: Creates a replication configuration or replaces an
existing one. For more information, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html)
in the Amazon S3 Developer Guide.
properties:
role:
description: "The Amazon Resource Name (ARN) of the AWS Identity
and Access Management (IAM) role that Amazon S3 assumes
when replicating objects. For more information, see How
to Set Up Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html)
in the Amazon Simple Storage Service Developer Guide. \n
At least one of role, roleRef or roleSelector fields is
required."
type: string
roleRef:
description: RoleRef references an IAMRole to retrieve its
Name
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
roleSelector:
description: RoleSelector selects a reference to an IAMRole
to retrieve its Name
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
rules:
description: "A container for one or more replication rules.
A replication configuration must have at least one rule
and can contain a maximum of 1,000 rules. \n Rules is a
required field"
items:
description: ReplicationRule specifies which Amazon S3 objects
to replicate and where to store the replicas.
properties:
deleteMarkerReplication:
description: "Specifies whether Amazon S3 replicates
the delete markers. If you specify a Filter, you must
specify this element. However, in the latest version
of replication configuration (when Filter is specified),
Amazon S3 doesn't replicate delete markers. Therefore,
the DeleteMarkerReplication element can contain only
Disabled. For an example configuration,
see Basic Rule Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config).
\n If you don't specify the Filter element, Amazon
S3 assumes that the replication configuration is the
earlier version, V1. In the earlier version, Amazon
S3 handled replication of delete markers differently.
For more information, see Backward Compatibility (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations)."
properties:
status:
description: Indicates whether to replicate delete
markers. Valid values are "Enabled" or "Disabled"
enum:
- Enabled
- Disabled
type: string
required:
- status
type: object
destination:
description: "A container for information about the
replication destination and its configurations including
enabling the S3 Replication Time Control (S3 RTC).
\n Destination is a required field"
properties:
accessControlTranslation:
description: Specify this only in a cross-account
scenario (where source and destination bucket
owners are not the same), and you want to change
replica ownership to the AWS account that owns
the destination bucket. If this is not specified
in the replication configuration, the replicas
are owned by same AWS account that owns the source
object.
properties:
ownerOverride:
description: Specifies the replica ownership.
For default and valid values, see PUT bucket
replication (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html)
in the Amazon Simple Storage Service API Reference.
Owner is a required field
type: string
required:
- ownerOverride
type: object
account:
description: 'Destination bucket owner account ID.
In a cross-account scenario, if you direct Amazon
S3 to change replica ownership to the AWS account
that owns the destination bucket by specifying
the AccessControlTranslation property, this is
the account ID of the destination bucket owner.
For more information, see Replication Additional
Configuration: Changing the Replica Owner (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-change-owner.html)
in the Amazon Simple Storage Service Developer
Guide.'
type: string
bucket:
description: The Amazon Resource Name (ARN) of the
bucket where you want Amazon S3 to store the results.
At least one of bucket, bucketRef or bucketSelector
is required.
type: string
bucketRef:
description: BucketRef references a Bucket to retrieve
its Name
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
bucketSelector:
description: BucketSelector selects a reference
to a Bucket to retrieve its Name
properties:
matchControllerRef:
description: MatchControllerRef ensures an object
with the same controller reference as the
selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with
matching labels is selected.
type: object
type: object
encryptionConfiguration:
description: A container that provides information
about encryption. If SourceSelectionCriteria is
specified, you must specify this element.
properties:
replicaKmsKeyId:
description: Specifies the ID (Key ARN or Alias
ARN) of the customer managed customer master
key (CMK) stored in AWS Key Management Service
(KMS) for the destination bucket. Amazon S3
uses this key to encrypt replica objects.
Amazon S3 only supports symmetric customer
managed CMKs. For more information, see Using
Symmetric and Asymmetric Keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html)
in the AWS Key Management Service Developer
Guide.
type: string
replicaKmsKeyIdRef:
description: ReplicaKmsKeyIDRef references an
KMSKey to retrieve its ID
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
replicaKmsKeyIdSelector:
description: ReplicaKmsKeyIDSelector selects
a reference to an KMSKey to retrieve its ID
properties:
matchControllerRef:
description: MatchControllerRef ensures
an object with the same controller reference
as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object
with matching labels is selected.
type: object
type: object
required:
- replicaKmsKeyId
type: object
metrics:
description: A container specifying replication
metrics-related settings enabling metrics and
Amazon S3 events for S3 Replication Time Control
(S3 RTC). Must be specified together with a ReplicationTime
block.
properties:
eventThreshold:
description: A container specifying the time
threshold for emitting the s3:Replication:OperationMissedThreshold
event. EventThreshold is a required field
properties:
minutes:
description: "Contains an integer specifying
time in minutes. \n Valid values: 15 minutes."
format: int32
type: integer
required:
- minutes
type: object
status:
description: "Specifies whether the replication
metrics are enabled. \n Status is a required
field, valid values are \"Enabled\" and \"Disabled\""
enum:
- Enabled
- Disabled
type: string
required:
- eventThreshold
- status
type: object
replicationTime:
description: A container specifying S3 Replication
Time Control (S3 RTC), including whether S3 RTC
is enabled and the time when all objects and operations
on objects must be replicated. Must be specified
together with a Metrics block.
properties:
status:
description: Specifies whether the replication
time is enabled Status is a required field
Valid values are "Enabled" and "Disabled"
enum:
- Enabled
- Disabled
type: string
time:
description: A container specifying the time
by which replication should be complete for
all objects and operations on objects. Time
is a required field
properties:
minutes:
description: "Contains an integer specifying
time in minutes. \n Valid values: 15 minutes."
format: int32
type: integer
required:
- minutes
type: object
required:
- status
- time
type: object
storageClass:
description: The storage class to use when replicating
objects, such as S3 Standard or reduced redundancy.
By default, Amazon S3 uses the storage class of
the source object to create the object replica.
For valid values, see the StorageClass element
of the PUT Bucket replication (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html)
action in the Amazon Simple Storage Service API
Reference.
enum:
- STANDARD
- GLACIER
- STANDARD_IA
- ONEZONE_IA
- INTELLIGENT_TIERING
- DEEP_ARCHIVE
type: string
type: object
existingObjectReplication:
description: Optional configuration to replicate existing
source bucket objects. For more information, see Replicating
Existing Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-what-is-isnot-replicated.html#existing-object-replication)
in the Amazon S3 Developer Guide.
properties:
status:
description: Status is a required field Valid values
are "Enabled" and "Disabled"
enum:
- Enabled
- Disabled
type: string
required:
- status
type: object
filter:
description: A filter that identifies the subset of
objects to which the replication rule applies. A Filter
must specify exactly one Prefix, Tag, or an And child
element.
properties:
and:
description: "A container for specifying rule filters.
The filters determine the subset of objects to
which the rule applies. This element is required
only if you specify more than one filter. For
example: \n * If you specify both a Prefix
and a Tag filter, wrap these filters in an
And tag. \n * If you specify a filter based
on multiple tags, wrap the Tag elements in
an And tag."
properties:
prefix:
description: An object key name prefix that
identifies the subset of objects to which
the rule applies.
type: string
tag:
description: An array of tags containing key
and value pairs.
items:
description: Tag is a container for a key
value name pair.
properties:
key:
description: Name of the tag. Key is a
required field
type: string
value:
description: Value of the tag. Value is
a required field
type: string
required:
- key
- value
type: object
type: array
type: object
prefix:
description: An object key name prefix that identifies
the subset of objects to which the rule applies.
type: string
tag:
description: A container for specifying a tag key
and value. The rule applies only to objects that
have the tag in their tag set.
properties:
key:
description: Name of the tag. Key is a required
field
type: string
value:
description: Value of the tag. Value is a required
field
type: string
required:
- key
- value
type: object
type: object
id:
description: A unique identifier for the rule. The maximum
value is 255 characters.
type: string
priority:
description: "The priority associated with the rule.
If you specify multiple rules in a replication configuration,
Amazon S3 prioritizes the rules to prevent conflicts
when filtering. If two or more rules identify the
same object based on a specified filter, the rule
with higher priority takes precedence. For example:
\n * Same object quality prefix-based filter criteria
if prefixes you specified in multiple rules overlap
\n * Same object qualify tag-based filter criteria
specified in multiple rules \n For more information,
see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html)
in the Amazon Simple Storage Service Developer Guide."
format: int32
type: integer
sourceSelectionCriteria:
description: A container that describes additional filters
for identifying the source objects that you want to
replicate. You can choose to enable or disable the
replication of these objects. Currently, Amazon S3
supports only the filter that you can specify for
objects created with server-side encryption using
a customer master key (CMK) stored in AWS Key Management
Service (SSE-KMS).
properties:
sseKmsEncryptedObjects:
description: A container for filter information
for the selection of Amazon S3 objects encrypted
with AWS KMS. If you include SourceSelectionCriteria
in the replication configuration, this element
is required.
properties:
status:
description: "Specifies whether Amazon S3 replicates
objects created with server-side encryption
using a customer master key (CMK) stored in
AWS Key Management Service. \n Status is a
required field Valid values are \"Enabled\"
or \"Disabled\""
enum:
- Enabled
- Disabled
type: string
required:
- status
type: object
required:
- sseKmsEncryptedObjects
type: object
status:
description: "Specifies whether the rule is enabled.
\n Status is a required field Valid values are \"Enabled\"
or \"Disabled\""
enum:
- Enabled
- Disabled
type: string
required:
- destination
- status
type: object
type: array
required:
- rules
type: object
serverSideEncryptionConfiguration:
description: Specifies default encryption for a bucket using server-side
encryption with Amazon S3-managed keys (SSE-S3) or customer
master keys stored in AWS KMS (SSE-KMS). For information about
the Amazon S3 default encryption feature, see Amazon S3 Default
Bucket Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html)
in the Amazon Simple Storage Service Developer Guide.
properties:
rules:
description: Container for information about a particular
server-side encryption configuration rule.
items:
description: ServerSideEncryptionRule Specifies the default
server-side encryption configuration.
properties:
applyServerSideEncryptionByDefault:
description: Specifies the default server-side encryption
to apply to new objects in the bucket. If a PUT Object
request doesn't specify any server-side encryption,
this default encryption will be applied.
properties:
kmsMasterKeyId:
description: "AWS Key Management Service (KMS) customer
master key ID to use for the default encryption.
This parameter is allowed if and only if SSEAlgorithm
is set to aws:kms. \n You can specify the key
ID or the Amazon Resource Name (ARN) of the CMK.
However, if you are using encryption with cross-account
operations, you must use a fully qualified CMK
ARN. For more information, see Using encryption
for cross-account operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy).
\n For example: \n * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab
\n * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
\n Amazon S3 only supports symmetric CMKs and
not asymmetric CMKs. For more information, see
Using Symmetric and Asymmetric Keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html)
in the AWS Key Management Service Developer Guide."
type: string
kmsMasterKeyIdRef:
description: KMSMasterKeyIDRef references an KMSKey
to retrieve its ID
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
kmsMasterKeyIdSelector:
description: KMSMasterKeyIDSelector selects a reference
to an KMSKey to retrieve its ID
properties:
matchControllerRef:
description: MatchControllerRef ensures an object
with the same controller reference as the
selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with
matching labels is selected.
type: object
type: object
sseAlgorithm:
description: Server-side encryption algorithm to
use for the default encryption. Options are AES256
or aws:kms
type: string
required:
- sseAlgorithm
type: object
required:
- applyServerSideEncryptionByDefault
type: object
type: array
required:
- rules
type: object
tagging:
description: Sets the tags for a bucket. Use tags to organize
your AWS bill to reflect your own cost structure. For more information,
see Billing and usage reporting for S3 buckets. (https://docs.aws.amazon.com/AmazonS3/latest/dev/BucketBilling.html)
in the Amazon Simple Storage Service Developer Guide.
properties:
tagSet:
description: A collection for a set of tags TagSet is a required
field
items:
description: Tag is a container for a key value name pair.
properties:
key:
description: Name of the tag. Key is a required field
type: string
value:
description: Value of the tag. Value is a required field
type: string
required:
- key
- value
type: object
type: array
required:
- tagSet
type: object
versioningConfiguration:
description: VersioningConfiguration describes the versioning
state of an Amazon S3 bucket. See the AWS API reference guide
for Amazon Simple Storage Service's API operation PutBucketVersioning
for usage and error information. See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketVersioning
properties:
mfaDelete:
description: MFADelete specifies whether MFA delete is enabled
in the bucket versioning configuration. This element is
only returned if the bucket has been configured with MFA
delete. If the bucket has never been so configured, this
element is not returned.
enum:
- Enabled
- Disabled
type: string
status:
description: Status is the desired versioning state of the
bucket.
enum:
- Enabled
- Suspended
type: string
type: object
websiteConfiguration:
description: Specifies website configuration parameters for an
Amazon S3 bucket. See the AWS API reference guide for Amazon
Simple Storage Service's API operation PutBucketWebsite for
usage and error information. See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketWebsite
properties:
errorDocument:
description: The name of the error document for the website.
properties:
key:
description: The object key name to use when a 4XX class
error occurs.
type: string
required:
- key
type: object
indexDocument:
description: The name of the index document for the website.
properties:
suffix:
description: A suffix that is appended to a request that
is for a directory on the website endpoint (for example,if
the suffix is index.html and you make a request to samplebucket/images/
the data that is returned will be for the object with
the key name images/index.html) The suffix must not
be empty and must not include a slash character.
type: string
required:
- suffix
type: object
redirectAllRequestsTo:
description: The redirect behavior for every request to this
bucket's website endpoint. If you specify this property,
you can't specify any other property.
properties:
hostName:
description: Name of the host where requests are redirected.
type: string
protocol:
description: Protocol to use when redirecting requests.
The default is the protocol that is used in the original
request.
enum:
- http
- https
type: string
required:
- hostName
type: object
routingRules:
description: Rules that define when a redirect is applied
and the redirect behavior.
items:
description: RoutingRule specifies the redirect behavior
and when a redirect is applied.
properties:
condition:
description: A container for describing a condition
that must be met for the specified redirect to apply.
For example, 1. If request is for pages in the /docs
folder, redirect to the /documents folder. 2. If request
results in HTTP error 4xx, redirect request to another
host where you might process the error.
properties:
httpErrorCodeReturnedEquals:
description: The HTTP error code when the redirect
is applied. In the event of an error, if the error
code equals this value, then the specified redirect
is applied. Required when parent element Condition
is specified and sibling KeyPrefixEquals is not
specified. If both are specified, then both must
be true for the redirect to be applied.
type: string
keyPrefixEquals:
description: The object key name prefix when the
redirect is applied. For example, to redirect
requests for ExamplePage.html, the key prefix
will be ExamplePage.html. To redirect request
for all pages with the prefix docs/, the key prefix
will be /docs, which identifies all objects in
the docs/ folder. Required when the parent element
Condition is specified and sibling HttpErrorCodeReturnedEquals
is not specified. If both conditions are specified,
both must be true for the redirect to be applied.
type: string
type: object
redirect:
description: Container for redirect information. You
can redirect requests to another host, to another
page, or with another protocol. In the event of an
error, you can specify a different error code to return.
properties:
httpRedirectCode:
description: The HTTP redirect code to use on the
response. Not required if one of the siblings
is present.
type: string
keyPrefixEquals:
description: The host name to use in the redirect
request.
type: string
protocol:
description: Protocol to use when redirecting requests.
The default is the protocol that is used in the
original request.
type: string
replaceKeyPrefixWith:
description: The object key prefix to use in the
redirect request. For example, to redirect requests
for all pages with prefix docs/ (objects in the
docs/ folder) to documents/, you can set a condition
block with KeyPrefixEquals set to docs/ and in
the Redirect set ReplaceKeyPrefixWith to /documents.
Not required if one of the siblings is present.
Can be present only if ReplaceKeyWith is not provided.
type: string
replaceKeyWith:
description: The specific object key to use in the
redirect request. For example, redirect request
to error.html. Not required if one of the siblings
is present. Can be present only if ReplaceKeyPrefixWith
is not provided.
type: string
type: object
required:
- redirect
type: object
type: array
type: object
required:
- locationConstraint
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: BucketStatus represents the observed state of the Bucket.
properties:
atProvider:
description: BucketExternalStatus keeps the state for the external
resource
properties:
arn:
description: ARN is the Amazon Resource Name (ARN) specifying
the S3 Bucket. For more information about ARNs and how to use
them, see S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-arn-format.html)
in the Amazon Simple Storage Service guide.
type: string
required:
- arn
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: secrets.secretsmanager.aws.crossplane.io
spec:
group: secretsmanager.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Secret
listKind: SecretList
plural: secrets
singular: secret
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Secret is the Schema for the Secrets API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: SecretSpec defines the desired state of Secret
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: SecretParameters defines the desired state of Secret
properties:
binarySecretRef:
description: BinarySecretRef points to the Kubernetes Secret whose
data will be encoded as binary data to AWS. If key parameter
is given, only the value of that key will be used. Otherwise,
all data in the Secret will be marshalled into JSON and sent
to AWS.
properties:
key:
description: Key whose value will be used. If not given, the
whole map in the Secret data will be used.
type: string
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
description:
description: (Optional) Specifies a user-provided description
of the secret.
type: string
forceDeleteWithoutRecovery:
description: "(Optional) Specifies that the secret is to be deleted
without any recovery window. You can't use both this parameter
and the RecoveryWindowInDays parameter in the same API call.
\n An asynchronous background process performs the actual deletion,
so there can be a short delay before the operation completes.
If you write code to delete and then immediately recreate a
secret with the same name, ensure that your code includes appropriate
back off and retry logic. \n Use this parameter with caution.
This parameter causes the operation to skip the normal waiting
period before the permanent deletion that AWS would normally
impose with the RecoveryWindowInDays parameter. If you delete
a secret with the ForceDeleteWithouRecovery parameter, then
you have no opportunity to recover the secret. It is permanently
lost."
type: boolean
kmsKeyID:
description: "(Optional) Specifies the ARN, Key ID, or alias of
the AWS KMS customer master key (CMK) to be used to encrypt
the SecretString or SecretBinary values in the versions stored
in this secret. \n You can specify any of the supported ways
to identify a AWS KMS key ID. If you need to reference a CMK
in a different account, you can use only the key ARN or the
alias ARN. \n If you don't specify this value, then Secrets
Manager defaults to using the AWS account's default CMK (the
one named aws/secretsmanager). If a AWS KMS CMK with that name
doesn't yet exist, then Secrets Manager creates it for you automatically
the first time it needs to encrypt a version's SecretString
or SecretBinary fields. \n You can use the account default CMK
to encrypt and decrypt only if you call this operation using
credentials from the same account that owns the secret. If the
secret resides in a different account, then you must create
a custom CMK and specify the ARN in this field."
type: string
kmsKeyIDRef:
description: KMSKeyIDRef is a reference to an kms/v1alpha1.Key
used to set the KMSKeyID field.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
kmsKeyIDSelector:
description: KMSKeyIDSelector selects references to kms/v1alpha1.Key
used to set the KMSKeyID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
recoveryWindowInDays:
description: "(Optional) Specifies the number of days that Secrets
Manager waits before it can delete the secret. You can't use
both this parameter and the ForceDeleteWithoutRecovery parameter
in the same API call. \n This value can range from 7 to 30 days.
The default value is 30."
format: int64
type: integer
region:
description: Region is which region the Secret will be created.
type: string
resourcePolicy:
description: "A JSON-formatted string constructed according to
the grammar and syntax for an Amazon Web Services resource-based
policy. The policy in the string identifies who can access or
manage this secret and its versions. For information on how
to format a JSON parameter for the various command line tool
environments, see Using JSON for Parameters (http://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json)
in the CLI User Guide. \n ResourcePolicy is a required field"
type: string
stringSecretRef:
description: StringSecretRef points to the Kubernetes Secret whose
data will be sent as string to AWS. If key parameter is given,
only the value of that key will be used. Otherwise, all data
in the Secret will be marshalled into JSON and sent to AWS.
properties:
key:
description: Key whose value will be used. If not given, the
whole map in the Secret data will be used.
type: string
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
tags:
description: "(Optional) Specifies a list of user-defined tags
that are attached to the secret. Each tag is a \"Key\" and \"Value\"
pair of strings. This operation only appends tags to the existing
list of tags. To remove tags, you must use UntagResource. \n
\ * Secrets Manager tag key names are case sensitive. A tag
with the key \"ABC\" is a different tag from one with key
\"abc\". \n * If you check tags in IAM policy Condition elements
as part of your security strategy, then adding or removing
a tag can change permissions. If the successful completion
of this operation would result in you losing your permissions
for this secret, then this operation is blocked and returns
\ an Access Denied error. \n This parameter requires a JSON
text string argument. For information on how to format a JSON
parameter for the various command line tool environments, see
Using JSON for Parameters (https://docs.aws.amazon.com/cli/latest/userguide/cli-using-param.html#cli-using-param-json)
in the AWS CLI User Guide. For example: \n [{\"Key\":\"CostCenter\",\"Value\":\"12345\"},{\"Key\":\"environment\",\"Value\":\"production\"}]
\n If your command-line tool or SDK requires quotation marks
around the parameter, you should use single quotes to avoid
confusion with the double quotes required in the JSON text.
\n The following basic restrictions apply to tags: \n * Maximum
number of tags per secret—50 \n * Maximum key length—127
Unicode characters in UTF-8 \n * Maximum value length—255
Unicode characters in UTF-8 \n * Tag keys and values are
case sensitive. \n * Do not use the aws: prefix in your tag
names or values because AWS reserves it for AWS use. You
can't edit or delete tag names or values with this prefix.
Tags with this prefix do not count against your tags per secret
\ limit. \n * If you use your tagging schema across multiple
services and resources, remember other services might have
restrictions on allowed characters. Generally allowed characters:
letters, spaces, and numbers representable in UTF-8, plus
the following special characters: + - = . _ : / @."
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: SecretStatus defines the observed state of Secret.
properties:
atProvider:
description: SecretObservation defines the observed state of Secret
properties:
arn:
description: "The Amazon Resource Name (ARN) of the secret that
you just created. \n Secrets Manager automatically adds several
random characters to the name at the end of the ARN when you
initially create a secret. This affects only the ARN and not
the actual friendly name. This ensures that if you create a
new secret with the same name as an old secret that you previously
deleted, then users with access to the old secret don't automatically
get access to the new secret because the ARNs are different."
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: httpnamespaces.servicediscovery.aws.crossplane.io
spec:
group: servicediscovery.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: HTTPNamespace
listKind: HTTPNamespaceList
plural: httpnamespaces
singular: httpnamespace
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: HTTPNamespace is the Schema for the HTTPNamespaces API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: HTTPNamespaceSpec defines the desired state of HTTPNamespace
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: HTTPNamespaceParameters defines the desired state of
HTTPNamespace
properties:
description:
description: A description for the namespace.
type: string
name:
description: The name that you want to assign to this namespace.
type: string
region:
description: Region is which region the HTTPNamespace will be
created.
type: string
tags:
description: The tags to add to the namespace. Each tag consists
of a key and an optional value, both of which you define. Tag
keys can have a maximum character length of 128 characters,
and tag values can have a maximum length of 256 characters.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- name
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: HTTPNamespaceStatus defines the observed state of HTTPNamespace.
properties:
atProvider:
description: HTTPNamespaceObservation defines the observed state of
HTTPNamespace
properties:
operationID:
description: A value that you can use to determine whether the
request completed successfully. To get the status of the operation,
see GetOperation (https://docs.aws.amazon.com/cloud-map/latest/api/API_GetOperation.html).
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: privatednsnamespaces.servicediscovery.aws.crossplane.io
spec:
group: servicediscovery.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: PrivateDNSNamespace
listKind: PrivateDNSNamespaceList
plural: privatednsnamespaces
singular: privatednsnamespace
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: PrivateDNSNamespace is the Schema for the PrivateDNSNamespaces
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: PrivateDNSNamespaceSpec defines the desired state of PrivateDNSNamespace
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: PrivateDNSNamespaceParameters defines the desired state
of PrivateDNSNamespace
properties:
description:
description: A description for the namespace.
type: string
name:
description: The name that you want to assign to this namespace.
When you create a private DNS namespace, AWS Cloud Map automatically
creates an Amazon Route 53 private hosted zone that has the
same name as the namespace.
type: string
region:
description: Region is which region the PrivateDNSNamespace will
be created.
type: string
tags:
description: The tags to add to the namespace. Each tag consists
of a key and an optional value, both of which you define. Tag
keys can have a maximum character length of 128 characters,
and tag values can have a maximum length of 256 characters.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
vpc:
description: VPC of the PrivateDNSNamespace. One if vpc, vpcRef
or vpcSelector has to be supplied.
type: string
vpcRef:
description: A referencer to retrieve the ID of a VPC
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
vpcSelector:
description: A selector to select a referencer to retrieve the
ID of a VPC.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
required:
- name
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: PrivateDNSNamespaceStatus defines the observed state of PrivateDNSNamespace.
properties:
atProvider:
description: PrivateDNSNamespaceObservation defines the observed state
of PrivateDNSNamespace
properties:
operationID:
description: A value that you can use to determine whether the
request completed successfully. To get the status of the operation,
see GetOperation (https://docs.aws.amazon.com/cloud-map/latest/api/API_GetOperation.html).
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: publicdnsnamespaces.servicediscovery.aws.crossplane.io
spec:
group: servicediscovery.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: PublicDNSNamespace
listKind: PublicDNSNamespaceList
plural: publicdnsnamespaces
singular: publicdnsnamespace
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: PublicDNSNamespace is the Schema for the PublicDNSNamespaces
API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: PublicDNSNamespaceSpec defines the desired state of PublicDNSNamespace
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: PublicDNSNamespaceParameters defines the desired state
of PublicDNSNamespace
properties:
description:
description: A description for the namespace.
type: string
name:
description: The name that you want to assign to this namespace.
type: string
region:
description: Region is which region the PublicDNSNamespace will
be created.
type: string
tags:
description: The tags to add to the namespace. Each tag consists
of a key and an optional value, both of which you define. Tag
keys can have a maximum character length of 128 characters,
and tag values can have a maximum length of 256 characters.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- name
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: PublicDNSNamespaceStatus defines the observed state of PublicDNSNamespace.
properties:
atProvider:
description: PublicDNSNamespaceObservation defines the observed state
of PublicDNSNamespace
properties:
operationID:
description: A value that you can use to determine whether the
request completed successfully. To get the status of the operation,
see GetOperation (https://docs.aws.amazon.com/cloud-map/latest/api/API_GetOperation.html).
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: activities.sfn.aws.crossplane.io
spec:
group: sfn.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Activity
listKind: ActivityList
plural: activities
singular: activity
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Activity is the Schema for the Activities API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ActivitySpec defines the desired state of Activity
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: ActivityParameters defines the desired state of Activity
properties:
name:
description: "The name of the activity to create. This name must
be unique for your AWS account and region for 90 days. For more
information, see Limits Related to State Machine Executions
(https://docs.aws.amazon.com/step-functions/latest/dg/limits.html#service-limits-state-machine-executions)
in the AWS Step Functions Developer Guide. \n A name must not
contain: \n * white space \n * brackets < > { } [ ] \n
\ * wildcard characters ? * \n * special characters \"
# % \\ ^ | ~ ` $ & , ; : / \n * control characters (U+0000-001F,
U+007F-009F) \n To enable logging with CloudWatch Logs, the
name should only contain 0-9, A-Z, a-z, - and _."
type: string
region:
description: Region is which region the Activity will be created.
type: string
tags:
description: "The list of tags to add to a resource. \n An array
of key-value pairs. For more information, see Using Cost Allocation
Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html)
in the AWS Billing and Cost Management User Guide, and Controlling
Access Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html).
\n Tags may only contain Unicode letters, digits, white space,
or these symbols: _ . : / = + - @."
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- name
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: ActivityStatus defines the observed state of Activity.
properties:
atProvider:
description: ActivityObservation defines the observed state of Activity
properties:
activityARN:
description: The Amazon Resource Name (ARN) that identifies the
created activity.
type: string
creationDate:
description: The date the activity is created.
format: date-time
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: statemachines.sfn.aws.crossplane.io
spec:
group: sfn.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: StateMachine
listKind: StateMachineList
plural: statemachines
singular: statemachine
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: StateMachine is the Schema for the StateMachines API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: StateMachineSpec defines the desired state of StateMachine
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: StateMachineParameters defines the desired state of StateMachine
properties:
definition:
description: The Amazon States Language definition of the state
machine. See Amazon States Language (https://docs.aws.amazon.com/step-functions/latest/dg/concepts-amazon-states-language.html).
type: string
loggingConfiguration:
description: "Defines what execution history events are logged
and where they are logged. \n By default, the level is set to
OFF. For more information see Log Levels (https://docs.aws.amazon.com/step-functions/latest/dg/cloudwatch-log-level.html)
in the AWS Step Functions User Guide."
properties:
destinations:
items:
properties:
cloudWatchLogsLogGroup:
properties:
logGroupARN:
type: string
type: object
type: object
type: array
includeExecutionData:
type: boolean
level:
type: string
type: object
name:
description: "The name of the state machine. \n A name must not
contain: \n * white space \n * brackets < > { } [ ] \n
\ * wildcard characters ? * \n * special characters \"
# % \\ ^ | ~ ` $ & , ; : / \n * control characters (U+0000-001F,
U+007F-009F) \n To enable logging with CloudWatch Logs, the
name should only contain 0-9, A-Z, a-z, - and _."
type: string
region:
description: Region is which region the StateMachine will be created.
type: string
roleArn:
description: RoleARN is the ARN for the IAMRole. It has to be
given directly or resolved using RoleARNRef or RoleARNSelector.
type: string
roleArnRef:
description: RoleARNRef is a reference to an IAMRole used to set
the RoleARN.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
roleArnSelector:
description: RoleARNSelector selects references to IAMRole used
to set the RoleARN.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
tags:
description: "Tags to be added when creating a state machine.
\n An array of key-value pairs. For more information, see Using
Cost Allocation Tags (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html)
in the AWS Billing and Cost Management User Guide, and Controlling
Access Using IAM Tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_iam-tags.html).
\n Tags may only contain Unicode letters, digits, white space,
or these symbols: _ . : / = + - @."
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
tracingConfiguration:
description: Selects whether AWS X-Ray tracing is enabled.
properties:
enabled:
type: boolean
type: object
type:
description: 'Determines whether a Standard or Express state machine
is created. You cannot update the type of a state machine once
it has been created. The default is STANDARD. Possible values:
STANDARD, EXPRESS'
enum:
- STANDARD
- EXPRESS
type: string
required:
- definition
- name
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: StateMachineStatus defines the observed state of StateMachine.
properties:
atProvider:
description: StateMachineObservation defines the observed state of
StateMachine
properties:
creationDate:
description: The date the state machine is created.
format: date-time
type: string
stateMachineARN:
description: The Amazon Resource Name (ARN) that identifies the
created state machine.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: queues.sqs.aws.crossplane.io
spec:
group: sqs.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Queue
listKind: QueueList
plural: queues
singular: queue
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.atProvider.arn
name: ARN
type: string
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.creationTimestamp
name: AGE
type: date
name: v1beta1
schema:
openAPIV3Schema:
description: A Queue is a managed resource that represents a AWS Simple Queue
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: QueueSpec defines the desired state of a Queue.
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: QueueParameters define the desired state of an AWS Queue
properties:
contentBasedDeduplication:
description: 'ContentBasedDeduplication - Enables content-based
deduplication. Valid values: true, false. For more information,
see Exactly-Once Processing (https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html#FIFO-queues-exactly-once-processing)
in the Amazon Simple Queue Service Developer Guide. Every message
must have a unique MessageDeduplicationId, You may provide a
MessageDeduplicationId explicitly. If you aren''t able to provide
a MessageDeduplicationId and you enable ContentBasedDeduplication
for your queue, Amazon SQS uses a SHA-256 hash to generate the
MessageDeduplicationId using the body of the message (but not
the attributes of the message). If you don''t provide a MessageDeduplicationId
and the queue doesn''t have ContentBasedDeduplication set, the
action fails with an error. If the queue has ContentBasedDeduplication
set, your MessageDeduplicationId overrides the generated one.
When ContentBasedDeduplication is in effect, messages with identical
content sent within the deduplication interval are treated as
duplicates and only one copy of the message is delivered. If
you send one message with ContentBasedDeduplication enabled
and then another message with a MessageDeduplicationId that
is the same as the one generated for the first MessageDeduplicationId,
the two messages are treated as duplicates and only one copy
of the message is delivered.'
type: boolean
delaySeconds:
description: 'DelaySeconds - The length of time, in seconds, for
which the delivery of all messages in the queue is delayed.
Valid values: An integer from 0 to 900 (15 minutes). Default:
0.'
format: int64
type: integer
fifoQueue:
description: "FIFOQueue - Designates a queue as FIFO. Valid values:
true, false. If \tyou don't specify the FifoQueue attribute,
Amazon SQS creates a standard \tqueue. You can provide this
attribute only during queue creation. You \tcan't change it
for an existing queue. When you set this attribute, you \tmust
also provide the MessageGroupId for your messages explicitly.
For \tmore information, see FIFO Queue Logic (https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/FIFO-queues.html#FIFO-queues-understanding-logic)
\tin the Amazon Simple Queue Service Developer Guide."
type: boolean
kmsDataKeyReusePeriodSeconds:
description: 'KMSDataKeyReusePeriodSeconds - The length of time,
in seconds, for which Amazon SQS can reuse a data key (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#data-keys)
to encrypt or decrypt messages before calling AWS KMS again.
An integer representing seconds, between 60 seconds (1 minute)
and 86,400 seconds (24 hours). Default: 300 (5 minutes). A shorter
time period provides better security but results in more calls
to KMS which might incur charges after Free Tier. For more information,
see How Does the Data Key Reuse Period Work? (https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-how-does-the-data-key-reuse-period-work).
Applies only to server-side-encryption (https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html):'
format: int64
type: integer
kmsMasterKeyId:
description: 'KMSMasterKeyID - The ID of an AWS-managed customer
master key (CMK) for Amazon SQS or a custom CMK. For more information,
see Key Terms (https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html#sqs-sse-key-terms).
While the alias of the AWS-managed CMK for Amazon SQS is always
alias/aws/sqs, the alias of a custom CMK can, for example, be
alias/MyAlias . For more examples, see KeyId (https://docs.aws.amazon.com/kms/latest/APIReference/API_DescribeKey.html#API_DescribeKey_RequestParameters)
in the AWS Key Management Service API Reference. Applies only
to server-side-encryption (https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-server-side-encryption.html):'
type: string
maximumMessageSize:
description: 'MaximumMessageSize is the limit of how many bytes
a message can contain before Amazon SQS rejects it. Valid values:
An integer from 1,024 bytes (1 KiB) up to 262,144 bytes (256
KiB). Default: 262,144 (256 KiB).'
format: int64
type: integer
messageRetentionPeriod:
description: 'MessageRetentionPeriod - The length of time, in
seconds, for which Amazon SQS retains a message. Valid values:
An integer representing seconds, from 60 (1 minute) to 1,209,600
(14 days). Default: 345,600 (4 days).'
format: int64
type: integer
policy:
description: The queue's policy. A valid AWS policy. For more
information about policy structure, see Overview of AWS IAM
Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/PoliciesOverview.html)
in the Amazon IAM User Guide.
type: string
receiveMessageWaitTimeSeconds:
description: 'ReceiveMessageWaitTimeSeconds - The length of time,
in seconds, for which a ReceiveMessage action waits for a message
to arrive. Valid values: an integer from 0 to 20 (seconds).
Default: 0.'
format: int64
type: integer
redrivePolicy:
description: RedrivePolicy includes the parameters for the dead-letter
queue functionality of the source queue. For more information
about the redrive policy and dead-letter queues, see Using Amazon
SQS Dead-Letter Queues (https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-dead-letter-queues.html)
in the Amazon Simple Queue Service Developer Guide
properties:
deadLetterTargetArn:
description: The Amazon Resource Name (ARN) of the dead-letter
queue to which Amazon SQS moves messages after the value
of maxReceiveCount is exceeded.
type: string
deadLetterTargetArnRef:
description: DeadLetterTargetARNRef reference a Queue to retrieve
its ARN.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
deadLetterTargetArnSelector:
description: DeadLetterTargetARNSelector selects reference
to a Queue to retrieve its ARN
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
maxReceiveCount:
description: The number of times a message is delivered to
the source queue before being moved to the dead-letter queue.
format: int64
type: integer
required:
- maxReceiveCount
type: object
region:
description: Region is the region you'd like your Queue to be
created in.
type: string
tags:
additionalProperties:
type: string
description: Tags add cost allocation tags to the specified Amazon
SQS queue.
type: object
visibilityTimeout:
description: 'VisibilityTimeout - The visibility timeout for the
queue, in seconds. Valid values: an integer from 0 to 43,200
(12 hours). Default: 30. For more information about the visibility
timeout, see Visibility Timeout (https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/sqs-visibility-timeout.html)
in the Amazon Simple Queue Service Developer Guide.'
format: int64
type: integer
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: QueueStatus represents the observed state of a Queue.
properties:
atProvider:
description: QueueObservation is the representation of the current
state that is observed
properties:
approximateNumberOfMessages:
description: ApproximateNumberOfMessages - The approximate number
of messages available for retrieval from the queue.
format: int64
type: integer
approximateNumberOfMessagesDelayed:
description: ApproximateNumberOfMessagesDelayed - The approximate
number of messages in the queue that are delayed and not available
for reading immediately. This can happen when the queue is configured
as a delay queue or when a message has been sent with a delay
parameter.
format: int64
type: integer
approximateNumberOfMessagesNotVisible:
description: ApproximateNumberOfMessagesNotVisible - The approximate
number of messages that are in flight. Messages are considered
to be in flight if they have been sent to a client but have
not yet been deleted or have not yet reached the end of their
visibility window.
format: int64
type: integer
arn:
description: The Amazon resource name (ARN) of the queue.
type: string
createdTimestamp:
description: CreatedTimestamp is the time when the queue was created
format: date-time
type: string
lastModifiedTimestamp:
description: LastModifiedTimestamp - Returns the time when the
queue was last changed.
format: date-time
type: string
url:
description: The URL of the created Amazon SQS queue.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1beta1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: servers.transfer.aws.crossplane.io
spec:
group: transfer.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: Server
listKind: ServerList
plural: servers
singular: server
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: Server is the Schema for the Servers API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: ServerSpec defines the desired state of Server
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: ServerParameters defines the desired state of Server
properties:
certificate:
description: "The Amazon Resource Name (ARN) of the AWS Certificate
Manager (ACM) certificate. Required when Protocols is set to
FTPS. \n To request a new public certificate, see Request a
public certificate (https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-public.html)
in the AWS Certificate Manager User Guide. \n To import an existing
certificate into ACM, see Importing certificates into ACM (https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html)
in the AWS Certificate Manager User Guide. \n To request a private
certificate to use FTPS through private IP addresses, see Request
a private certificate (https://docs.aws.amazon.com/acm/latest/userguide/gs-acm-request-private.html)
in the AWS Certificate Manager User Guide. \n Certificates with
the following cryptographic algorithms and key sizes are supported:
\n * 2048-bit RSA (RSA_2048) \n * 4096-bit RSA (RSA_4096)
\n * Elliptic Prime Curve 256 bit (EC_prime256v1) \n *
Elliptic Prime Curve 384 bit (EC_secp384r1) \n * Elliptic
Prime Curve 521 bit (EC_secp521r1) \n The certificate must be
a valid SSL/TLS X.509 version 3 certificate with FQDN or IP
address specified and information about the issuer."
type: string
certificateRef:
description: CertificateRef is a reference to a Certificate.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
certificateSelector:
description: CertificateSelector selects references to a Certificate.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
domain:
type: string
endpointDetails:
description: The virtual private cloud (VPC) endpoint settings
that are configured for your server. When you host your endpoint
within your VPC, you can make it accessible only to resources
within your VPC, or you can attach Elastic IPs and make it accessible
to clients over the internet. Your VPC's default security groups
are automatically assigned to your endpoint.
properties:
addressAllocationIDs:
description: "A list of address allocation IDs that are required
to attach an Elastic IP address to your server's endpoint.
\n This property can only be set when EndpointType is set
to VPC and it is only valid in the UpdateServer API."
items:
type: string
type: array
securityGroupIDRefs:
description: SecurityGroupIDRefs is a list of references to
SecurityGroups used to set the SecurityGroupIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
securityGroupIDSelector:
description: SecurityGroupIDsSelector selects references to
SecurityGroupID used to set the SecurityGroupIDs.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
securityGroupIDs:
description: "A list of security groups IDs that are available
to attach to your server's endpoint. \n This property can
only be set when EndpointType is set to VPC. \n You can
edit the SecurityGroupIds property in the UpdateServer (https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html)
API only if you are changing the EndpointType from PUBLIC
or VPC_ENDPOINT to VPC. To change security groups associated
with your server's VPC endpoint after creation, use the
Amazon EC2 ModifyVpcEndpoint (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html)
API."
items:
type: string
type: array
subnetIDRefs:
description: SubnetIDsRefs is a list of references to Subnets
used to set the SubnetIDs.
items:
description: A Reference to a named object.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
type: array
subnetIDSelector:
description: SubnetIDsSelector selects references to Subnets
used to set the SubnetIds.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
subnetIDs:
description: "A list of subnet IDs that are required to host
your server endpoint in your VPC. \n This property can only
be set when EndpointType is set to VPC."
items:
type: string
type: array
vpcEndpointID:
description: "The ID of the VPC endpoint. \n This property
can only be set when EndpointType is set to VPC_ENDPOINT.
\n For more information, see https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#deprecate-vpc-endpoint."
type: string
vpcID:
description: "The VPC ID of the VPC in which a server's endpoint
will be hosted. \n This property can only be set when EndpointType
is set to VPC."
type: string
vpcIDRef:
description: VPCIDRef is a reference to a VPCID.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
vpcIDSelector:
description: VPCIDSelector selects references to a VPCID.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with
the same controller reference as the selecting object
is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching
labels is selected.
type: object
type: object
type: object
endpointType:
description: "The type of VPC endpoint that you want your server
to connect to. You can choose to connect to the public internet
or a VPC endpoint. With a VPC endpoint, you can restrict access
to your server and resources only within your VPC. \n It is
recommended that you use VPC as the EndpointType. With this
endpoint type, you have the option to directly associate up
to three Elastic IPv4 addresses (BYO IP included) with your
server's endpoint and use VPC security groups to restrict traffic
by the client's public IP address. This is not possible with
EndpointType set to VPC_ENDPOINT."
type: string
hostKey:
description: "The RSA private key as generated by the ssh-keygen
-N \"\" -m PEM -f my-new-server-key command. \n If you aren't
planning to migrate existing users from an existing SFTP-enabled
server to a new server, don't update the host key. Accidentally
changing a server's host key can be disruptive. \n For more
information, see Change the host key for your SFTP-enabled server
(https://docs.aws.amazon.com/transfer/latest/userguide/edit-server-config.html#configuring-servers-change-host-key)
in the AWS Transfer Family User Guide."
type: string
identityProviderDetails:
description: Required when IdentityProviderType is set to API_GATEWAY.
Accepts an array containing all of the information required
to call a customer-supplied authentication API, including the
API Gateway URL. Not required when IdentityProviderType is set
to SERVICE_MANAGED.
properties:
invocationRole:
type: string
url:
type: string
type: object
identityProviderType:
description: Specifies the mode of authentication for a server.
The default value is SERVICE_MANAGED, which allows you to store
and access user credentials within the AWS Transfer Family service.
Use the API_GATEWAY value to integrate with an identity provider
of your choosing. The API_GATEWAY setting requires you to provide
an API Gateway endpoint URL to call for authentication using
the IdentityProviderDetails parameter.
type: string
loggingRole:
description: Allows the service to write your users' activity
to your Amazon CloudWatch logs for monitoring and auditing purposes.
type: string
loggingRoleRef:
description: LoggingRoleRef is a reference to a IAM role.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
loggingRoleSelector:
description: LoggingRoleSelector selects references to a IAM role.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
protocols:
description: "Specifies the file transfer protocol or protocols
over which your file transfer protocol client can connect to
your server's endpoint. The available protocols are: \n *
SFTP (Secure Shell (SSH) File Transfer Protocol): File transfer
over SSH \n * FTPS (File Transfer Protocol Secure): File
transfer with TLS encryption \n * FTP (File Transfer Protocol):
Unencrypted file transfer \n If you select FTPS, you must choose
a certificate stored in AWS Certificate Manager (ACM) which
will be used to identify your server when clients connect to
it over FTPS. \n If Protocol includes either FTP or FTPS, then
the EndpointType must be VPC and the IdentityProviderType must
be API_GATEWAY. \n If Protocol includes FTP, then AddressAllocationIds
cannot be associated. \n If Protocol is set only to SFTP, the
EndpointType can be set to PUBLIC and the IdentityProviderType
can be set to SERVICE_MANAGED."
items:
type: string
type: array
region:
description: Region is which region the Server will be created.
type: string
securityPolicyName:
description: Specifies the name of the security policy that is
attached to the server.
type: string
tags:
description: Key-value pairs that can be used to group and search
for servers.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: ServerStatus defines the observed state of Server.
properties:
atProvider:
description: ServerObservation defines the observed state of Server
properties:
serverID:
description: The service-assigned ID of the server that is created.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---
apiVersion: apiextensions.k8s.io/v1
kind: CustomResourceDefinition
metadata:
creationTimestamp: null
name: users.transfer.aws.crossplane.io
spec:
group: transfer.aws.crossplane.io
names:
categories:
- crossplane
- managed
- aws
kind: User
listKind: UserList
plural: users
singular: user
scope: Cluster
versions:
- additionalPrinterColumns:
- jsonPath: .status.conditions[?(@.type=='Ready')].status
name: READY
type: string
- jsonPath: .status.conditions[?(@.type=='Synced')].status
name: SYNCED
type: string
- jsonPath: .metadata.annotations.crossplane\.io/external-name
name: EXTERNAL-NAME
type: string
name: v1alpha1
schema:
openAPIV3Schema:
description: User is the Schema for the Users API
properties:
apiVersion:
description: 'APIVersion defines the versioned schema of this representation
of an object. Servers should convert recognized schemas to the latest
internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources'
type: string
kind:
description: 'Kind is a string value representing the REST resource this
object represents. Servers may infer this from the endpoint the client
submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds'
type: string
metadata:
type: object
spec:
description: UserSpec defines the desired state of User
properties:
deletionPolicy:
default: Delete
description: DeletionPolicy specifies what will happen to the underlying
external when this managed resource is deleted - either "Delete"
or "Orphan" the external resource.
enum:
- Orphan
- Delete
type: string
forProvider:
description: UserParameters defines the desired state of User
properties:
homeDirectory:
description: "The landing directory (folder) for a user when they
log in to the server using the client. \n An example is your-Amazon-S3-bucket-name>/home/username
."
type: string
homeDirectoryMappings:
description: "Logical directory mappings that specify what Amazon
S3 paths and keys should be visible to your user and how you
want to make them visible. You will need to specify the \"Entry\"
and \"Target\" pair, where Entry shows how the path is made
visible and Target is the actual Amazon S3 path. If you only
specify a target, it will be displayed as is. You will need
to also make sure that your IAM role provides access to paths
in Target. The following is an example. \n '[ \"/bucket2/documentation\",
{ \"Entry\": \"your-personal-report.pdf\", \"Target\": \"/bucket3/customized-reports/${transfer:UserName}.pdf\"
} ]' \n In most cases, you can use this value instead of the
scope-down policy to lock your user down to the designated home
directory (\"chroot\"). To do this, you can set Entry to '/'
and set Target to the HomeDirectory parameter value. \n If the
target of a logical directory entry does not exist in Amazon
S3, the entry will be ignored. As a workaround, you can use
the Amazon S3 API to create 0 byte objects as place holders
for your directory. If using the CLI, use the s3api call instead
of s3 so you can use the put-object operation. For example,
you use the following: aws s3api put-object --bucket bucketname
--key path/to/folder/. Make sure that the end of the key name
ends in a '/' for it to be considered a folder."
items:
properties:
entry:
type: string
target:
type: string
type: object
type: array
homeDirectoryType:
description: The type of landing directory (folder) you want your
users' home directory to be when they log into the server. If
you set it to PATH, the user will see the absolute Amazon S3
bucket paths as is in their file transfer protocol clients.
If you set it LOGICAL, you will need to provide mappings in
the HomeDirectoryMappings for how you want to make Amazon S3
paths visible to your users.
type: string
policy:
description: "A scope-down policy for your user so you can use
the same IAM role across multiple users. This policy scopes
down user access to portions of their Amazon S3 bucket. Variables
that you can use inside this policy include ${Transfer:UserName},
${Transfer:HomeDirectory}, and ${Transfer:HomeBucket}. \n For
scope-down policies, AWS Transfer Family stores the policy as
a JSON blob, instead of the Amazon Resource Name (ARN) of the
policy. You save the policy as a JSON blob and pass it in the
Policy argument. \n For an example of a scope-down policy, see
Creating a scope-down policy (https://docs.aws.amazon.com/transfer/latest/userguide/users.html#users-policies-scope-down).
\n For more information, see AssumeRole (https://docs.aws.amazon.com/STS/latest/APIReference/API_AssumeRole.html)
in the AWS Security Token Service API Reference."
type: string
posixProfile:
properties:
gid:
format: int64
type: integer
secondaryGids:
items:
format: int64
type: integer
type: array
uid:
format: int64
type: integer
type: object
region:
description: Region is which region the User will be created.
type: string
role:
description: The IAM role that controls your users' access to
your Amazon S3 bucket. The policies attached to this role will
determine the level of access you want to provide your users
when transferring files into and out of your Amazon S3 bucket
or buckets. The IAM role should also contain a trust relationship
that allows the server to access your resources when servicing
your users' transfer requests.
type: string
roleRef:
description: RoleRef is a reference to a IAM role.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
roleSelector:
description: RoleSelector selects references to a IAM role.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
serverID:
description: A system-assigned unique identifier for a server
instance. This is the specific server that you added your user
to.
type: string
serverIDRef:
description: ServerIDRef is a reference to an server instance.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
serverIDSelector:
description: ServerIDSelector selects references to an server
instance.
properties:
matchControllerRef:
description: MatchControllerRef ensures an object with the
same controller reference as the selecting object is selected.
type: boolean
matchLabels:
additionalProperties:
type: string
description: MatchLabels ensures an object with matching labels
is selected.
type: object
type: object
sshPublicKeyBody:
description: The public portion of the Secure Shell (SSH) key
used to authenticate the user to the server.
type: string
tags:
description: Key-value pairs that can be used to group and search
for users. Tags are metadata attached to users for any purpose.
items:
properties:
key:
type: string
value:
type: string
type: object
type: array
required:
- region
type: object
providerConfigRef:
default:
name: default
description: ProviderConfigReference specifies how the provider that
will be used to create, observe, update, and delete this managed
resource should be configured.
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
providerRef:
description: 'ProviderReference specifies the provider that will be
used to create, observe, update, and delete this managed resource.
Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`'
properties:
name:
description: Name of the referenced object.
type: string
required:
- name
type: object
writeConnectionSecretToRef:
description: WriteConnectionSecretToReference specifies the namespace
and name of a Secret to which any connection details for this managed
resource should be written. Connection details frequently include
the endpoint, username, and password required to connect to the
managed resource.
properties:
name:
description: Name of the secret.
type: string
namespace:
description: Namespace of the secret.
type: string
required:
- name
- namespace
type: object
required:
- forProvider
type: object
status:
description: UserStatus defines the observed state of User.
properties:
atProvider:
description: UserObservation defines the observed state of User
properties:
serverID:
description: The ID of the server that the user is attached to.
type: string
userName:
description: A unique string that identifies a user account associated
with a server.
type: string
type: object
conditions:
description: Conditions of the resource.
items:
description: A Condition that may apply to a resource.
properties:
lastTransitionTime:
description: LastTransitionTime is the last time this condition
transitioned from one status to another.
format: date-time
type: string
message:
description: A Message containing details about this condition's
last transition from one status to another, if any.
type: string
reason:
description: A Reason for this condition's last transition from
one status to another.
type: string
status:
description: Status of this condition; is it currently True,
False, or Unknown?
type: string
type:
description: Type of this condition. At most one of each condition
type may apply to a resource at any point in time.
type: string
required:
- lastTransitionTime
- reason
- status
- type
type: object
type: array
type: object
required:
- spec
type: object
served: true
storage: true
subresources:
status: {}
status:
acceptedNames:
kind: ""
plural: ""
conditions: []
storedVersions:
- v1alpha1
---