From 38594b3dc52c034d4164b46cb8a9d55493000526 Mon Sep 17 00:00:00 2001 From: Matt Bush Date: Wed, 13 Mar 2024 16:03:26 -0700 Subject: [PATCH] Skip LateInit of IAM Role.inlinePolicy Signed-off-by: Matt Bush --- apis/iam/v1beta1/zz_accesskey_types.go | 12 +-- .../v1beta1/zz_grouppolicyattachment_types.go | 24 +++--- apis/iam/v1beta1/zz_instanceprofile_types.go | 12 +-- apis/iam/v1beta1/zz_role_terraformed.go | 1 + .../v1beta1/zz_rolepolicyattachment_types.go | 24 +++--- .../v1beta1/zz_usergroupmembership_types.go | 24 +++--- .../v1beta1/zz_userpolicyattachment_types.go | 24 +++--- config/iam/config.go | 79 ++++++++----------- .../crds/iam.aws.upbound.io_accesskeys.yaml | 8 +- ...aws.upbound.io_grouppolicyattachments.yaml | 16 ++-- .../iam.aws.upbound.io_instanceprofiles.yaml | 8 +- ....aws.upbound.io_rolepolicyattachments.yaml | 16 ++-- ...m.aws.upbound.io_usergroupmemberships.yaml | 16 ++-- ....aws.upbound.io_userpolicyattachments.yaml | 16 ++-- 14 files changed, 136 insertions(+), 144 deletions(-) diff --git a/apis/iam/v1beta1/zz_accesskey_types.go b/apis/iam/v1beta1/zz_accesskey_types.go index 1e8a6680ea..28137b0210 100755 --- a/apis/iam/v1beta1/zz_accesskey_types.go +++ b/apis/iam/v1beta1/zz_accesskey_types.go @@ -22,14 +22,14 @@ type AccessKeyInitParameters struct { Status *string `json:"status,omitempty" tf:"status,omitempty"` // IAM user to associate with this access key. - // +crossplane:generate:reference:type=User + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.User User *string `json:"user,omitempty" tf:"user,omitempty"` - // Reference to a User to populate user. + // Reference to a User in iam to populate user. // +kubebuilder:validation:Optional UserRef *v1.Reference `json:"userRef,omitempty" tf:"-"` - // Selector for a User to populate user. + // Selector for a User in iam to populate user. // +kubebuilder:validation:Optional UserSelector *v1.Selector `json:"userSelector,omitempty" tf:"-"` } @@ -72,15 +72,15 @@ type AccessKeyParameters struct { Status *string `json:"status,omitempty" tf:"status,omitempty"` // IAM user to associate with this access key. - // +crossplane:generate:reference:type=User + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.User // +kubebuilder:validation:Optional User *string `json:"user,omitempty" tf:"user,omitempty"` - // Reference to a User to populate user. + // Reference to a User in iam to populate user. // +kubebuilder:validation:Optional UserRef *v1.Reference `json:"userRef,omitempty" tf:"-"` - // Selector for a User to populate user. + // Selector for a User in iam to populate user. // +kubebuilder:validation:Optional UserSelector *v1.Selector `json:"userSelector,omitempty" tf:"-"` } diff --git a/apis/iam/v1beta1/zz_grouppolicyattachment_types.go b/apis/iam/v1beta1/zz_grouppolicyattachment_types.go index f264973e89..98fa91c010 100755 --- a/apis/iam/v1beta1/zz_grouppolicyattachment_types.go +++ b/apis/iam/v1beta1/zz_grouppolicyattachment_types.go @@ -16,27 +16,27 @@ import ( type GroupPolicyAttachmentInitParameters struct { // The group the policy should be applied to - // +crossplane:generate:reference:type=Group + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Group Group *string `json:"group,omitempty" tf:"group,omitempty"` - // Reference to a Group to populate group. + // Reference to a Group in iam to populate group. // +kubebuilder:validation:Optional GroupRef *v1.Reference `json:"groupRef,omitempty" tf:"-"` - // Selector for a Group to populate group. + // Selector for a Group in iam to populate group. // +kubebuilder:validation:Optional GroupSelector *v1.Selector `json:"groupSelector,omitempty" tf:"-"` // The ARN of the policy you want to apply - // +crossplane:generate:reference:type=Policy + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Policy // +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor() PolicyArn *string `json:"policyArn,omitempty" tf:"policy_arn,omitempty"` - // Reference to a Policy to populate policyArn. + // Reference to a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnRef *v1.Reference `json:"policyArnRef,omitempty" tf:"-"` - // Selector for a Policy to populate policyArn. + // Selector for a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnSelector *v1.Selector `json:"policyArnSelector,omitempty" tf:"-"` } @@ -55,29 +55,29 @@ type GroupPolicyAttachmentObservation struct { type GroupPolicyAttachmentParameters struct { // The group the policy should be applied to - // +crossplane:generate:reference:type=Group + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Group // +kubebuilder:validation:Optional Group *string `json:"group,omitempty" tf:"group,omitempty"` - // Reference to a Group to populate group. + // Reference to a Group in iam to populate group. // +kubebuilder:validation:Optional GroupRef *v1.Reference `json:"groupRef,omitempty" tf:"-"` - // Selector for a Group to populate group. + // Selector for a Group in iam to populate group. // +kubebuilder:validation:Optional GroupSelector *v1.Selector `json:"groupSelector,omitempty" tf:"-"` // The ARN of the policy you want to apply - // +crossplane:generate:reference:type=Policy + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Policy // +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor() // +kubebuilder:validation:Optional PolicyArn *string `json:"policyArn,omitempty" tf:"policy_arn,omitempty"` - // Reference to a Policy to populate policyArn. + // Reference to a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnRef *v1.Reference `json:"policyArnRef,omitempty" tf:"-"` - // Selector for a Policy to populate policyArn. + // Selector for a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnSelector *v1.Selector `json:"policyArnSelector,omitempty" tf:"-"` } diff --git a/apis/iam/v1beta1/zz_instanceprofile_types.go b/apis/iam/v1beta1/zz_instanceprofile_types.go index a4f0066b93..628fb1ddf3 100755 --- a/apis/iam/v1beta1/zz_instanceprofile_types.go +++ b/apis/iam/v1beta1/zz_instanceprofile_types.go @@ -19,14 +19,14 @@ type InstanceProfileInitParameters struct { Path *string `json:"path,omitempty" tf:"path,omitempty"` // Name of the role to add to the profile. - // +crossplane:generate:reference:type=Role + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Role Role *string `json:"role,omitempty" tf:"role,omitempty"` - // Reference to a Role to populate role. + // Reference to a Role in iam to populate role. // +kubebuilder:validation:Optional RoleRef *v1.Reference `json:"roleRef,omitempty" tf:"-"` - // Selector for a Role to populate role. + // Selector for a Role in iam to populate role. // +kubebuilder:validation:Optional RoleSelector *v1.Selector `json:"roleSelector,omitempty" tf:"-"` @@ -71,15 +71,15 @@ type InstanceProfileParameters struct { Path *string `json:"path,omitempty" tf:"path,omitempty"` // Name of the role to add to the profile. - // +crossplane:generate:reference:type=Role + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Role // +kubebuilder:validation:Optional Role *string `json:"role,omitempty" tf:"role,omitempty"` - // Reference to a Role to populate role. + // Reference to a Role in iam to populate role. // +kubebuilder:validation:Optional RoleRef *v1.Reference `json:"roleRef,omitempty" tf:"-"` - // Selector for a Role to populate role. + // Selector for a Role in iam to populate role. // +kubebuilder:validation:Optional RoleSelector *v1.Selector `json:"roleSelector,omitempty" tf:"-"` diff --git a/apis/iam/v1beta1/zz_role_terraformed.go b/apis/iam/v1beta1/zz_role_terraformed.go index 05b3c9e480..750747671a 100755 --- a/apis/iam/v1beta1/zz_role_terraformed.go +++ b/apis/iam/v1beta1/zz_role_terraformed.go @@ -118,6 +118,7 @@ func (tr *Role) LateInitialize(attrs []byte) (bool, error) { return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") } opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + opts = append(opts, resource.WithNameFilter("InlinePolicy")) opts = append(opts, resource.WithNameFilter("ManagedPolicyArns")) li := resource.NewGenericLateInitializer(opts...) diff --git a/apis/iam/v1beta1/zz_rolepolicyattachment_types.go b/apis/iam/v1beta1/zz_rolepolicyattachment_types.go index a89ab86c34..f7ce7e8547 100755 --- a/apis/iam/v1beta1/zz_rolepolicyattachment_types.go +++ b/apis/iam/v1beta1/zz_rolepolicyattachment_types.go @@ -16,27 +16,27 @@ import ( type RolePolicyAttachmentInitParameters struct { // The ARN of the policy you want to apply - // +crossplane:generate:reference:type=Policy + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Policy // +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor() PolicyArn *string `json:"policyArn,omitempty" tf:"policy_arn,omitempty"` - // Reference to a Policy to populate policyArn. + // Reference to a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnRef *v1.Reference `json:"policyArnRef,omitempty" tf:"-"` - // Selector for a Policy to populate policyArn. + // Selector for a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnSelector *v1.Selector `json:"policyArnSelector,omitempty" tf:"-"` // The name of the IAM role to which the policy should be applied - // +crossplane:generate:reference:type=Role + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Role Role *string `json:"role,omitempty" tf:"role,omitempty"` - // Reference to a Role to populate role. + // Reference to a Role in iam to populate role. // +kubebuilder:validation:Optional RoleRef *v1.Reference `json:"roleRef,omitempty" tf:"-"` - // Selector for a Role to populate role. + // Selector for a Role in iam to populate role. // +kubebuilder:validation:Optional RoleSelector *v1.Selector `json:"roleSelector,omitempty" tf:"-"` } @@ -54,29 +54,29 @@ type RolePolicyAttachmentObservation struct { type RolePolicyAttachmentParameters struct { // The ARN of the policy you want to apply - // +crossplane:generate:reference:type=Policy + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Policy // +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor() // +kubebuilder:validation:Optional PolicyArn *string `json:"policyArn,omitempty" tf:"policy_arn,omitempty"` - // Reference to a Policy to populate policyArn. + // Reference to a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnRef *v1.Reference `json:"policyArnRef,omitempty" tf:"-"` - // Selector for a Policy to populate policyArn. + // Selector for a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnSelector *v1.Selector `json:"policyArnSelector,omitempty" tf:"-"` // The name of the IAM role to which the policy should be applied - // +crossplane:generate:reference:type=Role + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Role // +kubebuilder:validation:Optional Role *string `json:"role,omitempty" tf:"role,omitempty"` - // Reference to a Role to populate role. + // Reference to a Role in iam to populate role. // +kubebuilder:validation:Optional RoleRef *v1.Reference `json:"roleRef,omitempty" tf:"-"` - // Selector for a Role to populate role. + // Selector for a Role in iam to populate role. // +kubebuilder:validation:Optional RoleSelector *v1.Selector `json:"roleSelector,omitempty" tf:"-"` } diff --git a/apis/iam/v1beta1/zz_usergroupmembership_types.go b/apis/iam/v1beta1/zz_usergroupmembership_types.go index 5ea0417c6e..1c6da3d2e8 100755 --- a/apis/iam/v1beta1/zz_usergroupmembership_types.go +++ b/apis/iam/v1beta1/zz_usergroupmembership_types.go @@ -15,30 +15,30 @@ import ( type UserGroupMembershipInitParameters struct { - // References to Group to populate groups. + // References to Group in iam to populate groups. // +kubebuilder:validation:Optional GroupRefs []v1.Reference `json:"groupRefs,omitempty" tf:"-"` - // Selector for a list of Group to populate groups. + // Selector for a list of Group in iam to populate groups. // +kubebuilder:validation:Optional GroupSelector *v1.Selector `json:"groupSelector,omitempty" tf:"-"` // A list of IAM Groups to add the user to - // +crossplane:generate:reference:type=Group + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Group // +crossplane:generate:reference:refFieldName=GroupRefs // +crossplane:generate:reference:selectorFieldName=GroupSelector // +listType=set Groups []*string `json:"groups,omitempty" tf:"groups,omitempty"` // The name of the IAM User to add to groups - // +crossplane:generate:reference:type=User + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.User User *string `json:"user,omitempty" tf:"user,omitempty"` - // Reference to a User to populate user. + // Reference to a User in iam to populate user. // +kubebuilder:validation:Optional UserRef *v1.Reference `json:"userRef,omitempty" tf:"-"` - // Selector for a User to populate user. + // Selector for a User in iam to populate user. // +kubebuilder:validation:Optional UserSelector *v1.Selector `json:"userSelector,omitempty" tf:"-"` } @@ -57,16 +57,16 @@ type UserGroupMembershipObservation struct { type UserGroupMembershipParameters struct { - // References to Group to populate groups. + // References to Group in iam to populate groups. // +kubebuilder:validation:Optional GroupRefs []v1.Reference `json:"groupRefs,omitempty" tf:"-"` - // Selector for a list of Group to populate groups. + // Selector for a list of Group in iam to populate groups. // +kubebuilder:validation:Optional GroupSelector *v1.Selector `json:"groupSelector,omitempty" tf:"-"` // A list of IAM Groups to add the user to - // +crossplane:generate:reference:type=Group + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Group // +crossplane:generate:reference:refFieldName=GroupRefs // +crossplane:generate:reference:selectorFieldName=GroupSelector // +kubebuilder:validation:Optional @@ -74,15 +74,15 @@ type UserGroupMembershipParameters struct { Groups []*string `json:"groups,omitempty" tf:"groups,omitempty"` // The name of the IAM User to add to groups - // +crossplane:generate:reference:type=User + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.User // +kubebuilder:validation:Optional User *string `json:"user,omitempty" tf:"user,omitempty"` - // Reference to a User to populate user. + // Reference to a User in iam to populate user. // +kubebuilder:validation:Optional UserRef *v1.Reference `json:"userRef,omitempty" tf:"-"` - // Selector for a User to populate user. + // Selector for a User in iam to populate user. // +kubebuilder:validation:Optional UserSelector *v1.Selector `json:"userSelector,omitempty" tf:"-"` } diff --git a/apis/iam/v1beta1/zz_userpolicyattachment_types.go b/apis/iam/v1beta1/zz_userpolicyattachment_types.go index 3630ad449e..59bd2f9510 100755 --- a/apis/iam/v1beta1/zz_userpolicyattachment_types.go +++ b/apis/iam/v1beta1/zz_userpolicyattachment_types.go @@ -16,27 +16,27 @@ import ( type UserPolicyAttachmentInitParameters struct { // The ARN of the policy you want to apply - // +crossplane:generate:reference:type=Policy + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Policy // +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor() PolicyArn *string `json:"policyArn,omitempty" tf:"policy_arn,omitempty"` - // Reference to a Policy to populate policyArn. + // Reference to a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnRef *v1.Reference `json:"policyArnRef,omitempty" tf:"-"` - // Selector for a Policy to populate policyArn. + // Selector for a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnSelector *v1.Selector `json:"policyArnSelector,omitempty" tf:"-"` // The user the policy should be applied to - // +crossplane:generate:reference:type=User + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.User User *string `json:"user,omitempty" tf:"user,omitempty"` - // Reference to a User to populate user. + // Reference to a User in iam to populate user. // +kubebuilder:validation:Optional UserRef *v1.Reference `json:"userRef,omitempty" tf:"-"` - // Selector for a User to populate user. + // Selector for a User in iam to populate user. // +kubebuilder:validation:Optional UserSelector *v1.Selector `json:"userSelector,omitempty" tf:"-"` } @@ -54,29 +54,29 @@ type UserPolicyAttachmentObservation struct { type UserPolicyAttachmentParameters struct { // The ARN of the policy you want to apply - // +crossplane:generate:reference:type=Policy + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Policy // +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor() // +kubebuilder:validation:Optional PolicyArn *string `json:"policyArn,omitempty" tf:"policy_arn,omitempty"` - // Reference to a Policy to populate policyArn. + // Reference to a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnRef *v1.Reference `json:"policyArnRef,omitempty" tf:"-"` - // Selector for a Policy to populate policyArn. + // Selector for a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnSelector *v1.Selector `json:"policyArnSelector,omitempty" tf:"-"` // The user the policy should be applied to - // +crossplane:generate:reference:type=User + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.User // +kubebuilder:validation:Optional User *string `json:"user,omitempty" tf:"user,omitempty"` - // Reference to a User to populate user. + // Reference to a User in iam to populate user. // +kubebuilder:validation:Optional UserRef *v1.Reference `json:"userRef,omitempty" tf:"-"` - // Selector for a User to populate user. + // Selector for a User in iam to populate user. // +kubebuilder:validation:Optional UserSelector *v1.Selector `json:"userSelector,omitempty" tf:"-"` } diff --git a/config/iam/config.go b/config/iam/config.go index 53b1131eea..29f843c5ad 100644 --- a/config/iam/config.go +++ b/config/iam/config.go @@ -13,10 +13,8 @@ import ( // Configure adds configurations for the iam group. func Configure(p *config.Provider) { p.AddResourceConfigurator("aws_iam_access_key", func(r *config.Resource) { - r.References = config.References{ - "user": config.Reference{ - Type: "User", - }, + r.References["user"] = config.Reference{ + TerraformName: "aws_iam_user", } r.Sensitive.AdditionalConnectionDetailsFn = func(attr map[string]any) (map[string][]byte, error) { conn := map[string][]byte{} @@ -33,65 +31,58 @@ func Configure(p *config.Provider) { p.AddResourceConfigurator("aws_iam_role", func(r *config.Resource) { r.MetaResource.ArgumentDocs["inline_policy"] = `Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, Crossplane will not manage any inline policies in this resource. Configuring one empty block (i.e., inline_policy {}) will cause Crossplane to remove all inline policies added out of band on apply.` r.MetaResource.ArgumentDocs["managed_policy_arns"] = `Set of exclusive IAM managed policy ARNs to attach to the IAM role. If this attribute is not configured, Crossplane will ignore policy attachments to this resource. When configured, Crossplane will align the role's managed policy attachments with this set by attaching or detaching managed policies. Configuring an empty set (i.e., managed_policy_arns = []) will cause Crossplane to remove all managed policy attachments.` - r.LateInitializer = config.LateInitializer{ - IgnoredFields: []string{"managed_policy_arns"}, - } + + // Both inline and attached policies can either be specified in and managed by the Role resource, or by separate + // RolePolicy and RolePolicyAttachment resources, so the Role should not late initialize them if they were unset + // by the user, as that would cause reconciliation conflicts with potential future RolePolicy or + // RolePolicyAttachment resources. See github issues #933 and #1207 + r.LateInitializer.IgnoredFields = append(r.LateInitializer.IgnoredFields, "managed_policy_arns", "inline_policy") }) p.AddResourceConfigurator("aws_iam_instance_profile", func(r *config.Resource) { - r.References = config.References{ - "role": config.Reference{ - Type: "Role", - }, + r.References["role"] = config.Reference{ + TerraformName: "aws_iam_role", } }) p.AddResourceConfigurator("aws_iam_role_policy_attachment", func(r *config.Resource) { - r.References = config.References{ - "role": config.Reference{ - Type: "Role", - }, - "policy_arn": config.Reference{ - Type: "Policy", - Extractor: common.PathARNExtractor, - }, + r.References["role"] = config.Reference{ + TerraformName: "aws_iam_role", + } + r.References["policy_arn"] = config.Reference{ + TerraformName: "aws_iam_policy", + Extractor: common.PathARNExtractor, } }) p.AddResourceConfigurator("aws_iam_user_policy_attachment", func(r *config.Resource) { - r.References = config.References{ - "user": config.Reference{ - Type: "User", - }, - "policy_arn": config.Reference{ - Type: "Policy", - Extractor: common.PathARNExtractor, - }, + r.References["user"] = config.Reference{ + TerraformName: "aws_iam_user", + } + r.References["policy_arn"] = config.Reference{ + TerraformName: "aws_iam_policy", + Extractor: common.PathARNExtractor, } }) p.AddResourceConfigurator("aws_iam_group_policy_attachment", func(r *config.Resource) { - r.References = config.References{ - "group": config.Reference{ - Type: "Group", - }, - "policy_arn": config.Reference{ - Type: "Policy", - Extractor: common.PathARNExtractor, - }, + r.References["group"] = config.Reference{ + TerraformName: "aws_iam_group", + } + r.References["policy_arn"] = config.Reference{ + TerraformName: "aws_iam_policy", + Extractor: common.PathARNExtractor, } }) p.AddResourceConfigurator("aws_iam_user_group_membership", func(r *config.Resource) { - r.References = config.References{ - "user": config.Reference{ - Type: "User", - }, - "groups": config.Reference{ - Type: "Group", - RefFieldName: "GroupRefs", - SelectorFieldName: "GroupSelector", - }, + r.References["user"] = config.Reference{ + TerraformName: "aws_iam_user", + } + r.References["groups"] = config.Reference{ + TerraformName: "aws_iam_group", + RefFieldName: "GroupRefs", + SelectorFieldName: "GroupSelector", } }) diff --git a/package/crds/iam.aws.upbound.io_accesskeys.yaml b/package/crds/iam.aws.upbound.io_accesskeys.yaml index 7de63d9592..ab166b6002 100644 --- a/package/crds/iam.aws.upbound.io_accesskeys.yaml +++ b/package/crds/iam.aws.upbound.io_accesskeys.yaml @@ -90,7 +90,7 @@ spec: description: IAM user to associate with this access key. type: string userRef: - description: Reference to a User to populate user. + description: Reference to a User in iam to populate user. properties: name: description: Name of the referenced object. @@ -124,7 +124,7 @@ spec: - name type: object userSelector: - description: Selector for a User to populate user. + description: Selector for a User in iam to populate user. properties: matchControllerRef: description: |- @@ -193,7 +193,7 @@ spec: description: IAM user to associate with this access key. type: string userRef: - description: Reference to a User to populate user. + description: Reference to a User in iam to populate user. properties: name: description: Name of the referenced object. @@ -227,7 +227,7 @@ spec: - name type: object userSelector: - description: Selector for a User to populate user. + description: Selector for a User in iam to populate user. properties: matchControllerRef: description: |- diff --git a/package/crds/iam.aws.upbound.io_grouppolicyattachments.yaml b/package/crds/iam.aws.upbound.io_grouppolicyattachments.yaml index 660b5279b3..db084acc84 100644 --- a/package/crds/iam.aws.upbound.io_grouppolicyattachments.yaml +++ b/package/crds/iam.aws.upbound.io_grouppolicyattachments.yaml @@ -77,7 +77,7 @@ spec: description: The group the policy should be applied to type: string groupRef: - description: Reference to a Group to populate group. + description: Reference to a Group in iam to populate group. properties: name: description: Name of the referenced object. @@ -111,7 +111,7 @@ spec: - name type: object groupSelector: - description: Selector for a Group to populate group. + description: Selector for a Group in iam to populate group. properties: matchControllerRef: description: |- @@ -154,7 +154,7 @@ spec: description: The ARN of the policy you want to apply type: string policyArnRef: - description: Reference to a Policy to populate policyArn. + description: Reference to a Policy in iam to populate policyArn. properties: name: description: Name of the referenced object. @@ -188,7 +188,7 @@ spec: - name type: object policyArnSelector: - description: Selector for a Policy to populate policyArn. + description: Selector for a Policy in iam to populate policyArn. properties: matchControllerRef: description: |- @@ -245,7 +245,7 @@ spec: description: The group the policy should be applied to type: string groupRef: - description: Reference to a Group to populate group. + description: Reference to a Group in iam to populate group. properties: name: description: Name of the referenced object. @@ -279,7 +279,7 @@ spec: - name type: object groupSelector: - description: Selector for a Group to populate group. + description: Selector for a Group in iam to populate group. properties: matchControllerRef: description: |- @@ -322,7 +322,7 @@ spec: description: The ARN of the policy you want to apply type: string policyArnRef: - description: Reference to a Policy to populate policyArn. + description: Reference to a Policy in iam to populate policyArn. properties: name: description: Name of the referenced object. @@ -356,7 +356,7 @@ spec: - name type: object policyArnSelector: - description: Selector for a Policy to populate policyArn. + description: Selector for a Policy in iam to populate policyArn. properties: matchControllerRef: description: |- diff --git a/package/crds/iam.aws.upbound.io_instanceprofiles.yaml b/package/crds/iam.aws.upbound.io_instanceprofiles.yaml index 816140955c..af1fdb49de 100644 --- a/package/crds/iam.aws.upbound.io_instanceprofiles.yaml +++ b/package/crds/iam.aws.upbound.io_instanceprofiles.yaml @@ -86,7 +86,7 @@ spec: description: Name of the role to add to the profile. type: string roleRef: - description: Reference to a Role to populate role. + description: Reference to a Role in iam to populate role. properties: name: description: Name of the referenced object. @@ -120,7 +120,7 @@ spec: - name type: object roleSelector: - description: Selector for a Role to populate role. + description: Selector for a Role in iam to populate role. properties: matchControllerRef: description: |- @@ -192,7 +192,7 @@ spec: description: Name of the role to add to the profile. type: string roleRef: - description: Reference to a Role to populate role. + description: Reference to a Role in iam to populate role. properties: name: description: Name of the referenced object. @@ -226,7 +226,7 @@ spec: - name type: object roleSelector: - description: Selector for a Role to populate role. + description: Selector for a Role in iam to populate role. properties: matchControllerRef: description: |- diff --git a/package/crds/iam.aws.upbound.io_rolepolicyattachments.yaml b/package/crds/iam.aws.upbound.io_rolepolicyattachments.yaml index 6875a6b1f2..77507796d5 100644 --- a/package/crds/iam.aws.upbound.io_rolepolicyattachments.yaml +++ b/package/crds/iam.aws.upbound.io_rolepolicyattachments.yaml @@ -77,7 +77,7 @@ spec: description: The ARN of the policy you want to apply type: string policyArnRef: - description: Reference to a Policy to populate policyArn. + description: Reference to a Policy in iam to populate policyArn. properties: name: description: Name of the referenced object. @@ -111,7 +111,7 @@ spec: - name type: object policyArnSelector: - description: Selector for a Policy to populate policyArn. + description: Selector for a Policy in iam to populate policyArn. properties: matchControllerRef: description: |- @@ -155,7 +155,7 @@ spec: be applied type: string roleRef: - description: Reference to a Role to populate role. + description: Reference to a Role in iam to populate role. properties: name: description: Name of the referenced object. @@ -189,7 +189,7 @@ spec: - name type: object roleSelector: - description: Selector for a Role to populate role. + description: Selector for a Role in iam to populate role. properties: matchControllerRef: description: |- @@ -246,7 +246,7 @@ spec: description: The ARN of the policy you want to apply type: string policyArnRef: - description: Reference to a Policy to populate policyArn. + description: Reference to a Policy in iam to populate policyArn. properties: name: description: Name of the referenced object. @@ -280,7 +280,7 @@ spec: - name type: object policyArnSelector: - description: Selector for a Policy to populate policyArn. + description: Selector for a Policy in iam to populate policyArn. properties: matchControllerRef: description: |- @@ -324,7 +324,7 @@ spec: be applied type: string roleRef: - description: Reference to a Role to populate role. + description: Reference to a Role in iam to populate role. properties: name: description: Name of the referenced object. @@ -358,7 +358,7 @@ spec: - name type: object roleSelector: - description: Selector for a Role to populate role. + description: Selector for a Role in iam to populate role. properties: matchControllerRef: description: |- diff --git a/package/crds/iam.aws.upbound.io_usergroupmemberships.yaml b/package/crds/iam.aws.upbound.io_usergroupmemberships.yaml index 0e6323e34f..87f9c93501 100644 --- a/package/crds/iam.aws.upbound.io_usergroupmemberships.yaml +++ b/package/crds/iam.aws.upbound.io_usergroupmemberships.yaml @@ -75,7 +75,7 @@ spec: forProvider: properties: groupRefs: - description: References to Group to populate groups. + description: References to Group in iam to populate groups. items: description: A Reference to a named object. properties: @@ -112,7 +112,7 @@ spec: type: object type: array groupSelector: - description: Selector for a list of Group to populate groups. + description: Selector for a list of Group in iam to populate groups. properties: matchControllerRef: description: |- @@ -161,7 +161,7 @@ spec: description: The name of the IAM User to add to groups type: string userRef: - description: Reference to a User to populate user. + description: Reference to a User in iam to populate user. properties: name: description: Name of the referenced object. @@ -195,7 +195,7 @@ spec: - name type: object userSelector: - description: Selector for a User to populate user. + description: Selector for a User in iam to populate user. properties: matchControllerRef: description: |- @@ -249,7 +249,7 @@ spec: autoscaler. properties: groupRefs: - description: References to Group to populate groups. + description: References to Group in iam to populate groups. items: description: A Reference to a named object. properties: @@ -286,7 +286,7 @@ spec: type: object type: array groupSelector: - description: Selector for a list of Group to populate groups. + description: Selector for a list of Group in iam to populate groups. properties: matchControllerRef: description: |- @@ -335,7 +335,7 @@ spec: description: The name of the IAM User to add to groups type: string userRef: - description: Reference to a User to populate user. + description: Reference to a User in iam to populate user. properties: name: description: Name of the referenced object. @@ -369,7 +369,7 @@ spec: - name type: object userSelector: - description: Selector for a User to populate user. + description: Selector for a User in iam to populate user. properties: matchControllerRef: description: |- diff --git a/package/crds/iam.aws.upbound.io_userpolicyattachments.yaml b/package/crds/iam.aws.upbound.io_userpolicyattachments.yaml index 96e6d8a9b5..9abd686374 100644 --- a/package/crds/iam.aws.upbound.io_userpolicyattachments.yaml +++ b/package/crds/iam.aws.upbound.io_userpolicyattachments.yaml @@ -77,7 +77,7 @@ spec: description: The ARN of the policy you want to apply type: string policyArnRef: - description: Reference to a Policy to populate policyArn. + description: Reference to a Policy in iam to populate policyArn. properties: name: description: Name of the referenced object. @@ -111,7 +111,7 @@ spec: - name type: object policyArnSelector: - description: Selector for a Policy to populate policyArn. + description: Selector for a Policy in iam to populate policyArn. properties: matchControllerRef: description: |- @@ -154,7 +154,7 @@ spec: description: The user the policy should be applied to type: string userRef: - description: Reference to a User to populate user. + description: Reference to a User in iam to populate user. properties: name: description: Name of the referenced object. @@ -188,7 +188,7 @@ spec: - name type: object userSelector: - description: Selector for a User to populate user. + description: Selector for a User in iam to populate user. properties: matchControllerRef: description: |- @@ -245,7 +245,7 @@ spec: description: The ARN of the policy you want to apply type: string policyArnRef: - description: Reference to a Policy to populate policyArn. + description: Reference to a Policy in iam to populate policyArn. properties: name: description: Name of the referenced object. @@ -279,7 +279,7 @@ spec: - name type: object policyArnSelector: - description: Selector for a Policy to populate policyArn. + description: Selector for a Policy in iam to populate policyArn. properties: matchControllerRef: description: |- @@ -322,7 +322,7 @@ spec: description: The user the policy should be applied to type: string userRef: - description: Reference to a User to populate user. + description: Reference to a User in iam to populate user. properties: name: description: Name of the referenced object. @@ -356,7 +356,7 @@ spec: - name type: object userSelector: - description: Selector for a User to populate user. + description: Selector for a User in iam to populate user. properties: matchControllerRef: description: |-