From 36e27bc86b46a0db116efc4b6bad8e55f10ffc5f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fatih=20T=C3=BCrken?= Date: Fri, 17 Feb 2023 16:48:05 +0300 Subject: [PATCH] Configure the following examples: - aws_elasticsearch_domain_policy - aws_elasticsearch_domain_saml_options --- .../v1beta1/zz_domainpolicy_types.go | 92 ++++ .../v1beta1/zz_domainsamloptions_types.go | 129 ++++++ .../v1beta1/zz_generated.deepcopy.go | 400 ++++++++++++++++++ .../v1beta1/zz_generated.managed.go | 132 ++++++ .../v1beta1/zz_generated.managedlist.go | 18 + .../v1beta1/zz_generated.resolvers.go | 26 ++ .../v1beta1/zz_generated_terraformed.go | 148 +++++++ config/externalname.go | 4 + config/externalnamenottested.go | 7 - config/generated.lst | 2 +- .../elasticsearch/domainpolicy.yaml | 47 ++ .../elasticsearch/domainsamloptions.yaml | 40 ++ examples/elasticsearch/domainpolicy.yaml | 50 +++ examples/elasticsearch/domainsamloptions.yaml | 38 ++ .../domainpolicy/zz_controller.go | 51 +++ .../domainsamloptions/zz_controller.go | 52 +++ internal/controller/zz_setup.go | 12 +- ...csearch.aws.upbound.io_domainpolicies.yaml | 382 +++++++++++++++++ ...arch.aws.upbound.io_domainsamloptions.yaml | 365 ++++++++++++++++ 19 files changed, 1983 insertions(+), 12 deletions(-) create mode 100755 apis/elasticsearch/v1beta1/zz_domainpolicy_types.go create mode 100755 apis/elasticsearch/v1beta1/zz_domainsamloptions_types.go create mode 100644 examples-generated/elasticsearch/domainpolicy.yaml create mode 100644 examples-generated/elasticsearch/domainsamloptions.yaml create mode 100644 examples/elasticsearch/domainpolicy.yaml create mode 100644 examples/elasticsearch/domainsamloptions.yaml create mode 100755 internal/controller/elasticsearch/domainpolicy/zz_controller.go create mode 100755 internal/controller/elasticsearch/domainsamloptions/zz_controller.go create mode 100644 package/crds/elasticsearch.aws.upbound.io_domainpolicies.yaml create mode 100644 package/crds/elasticsearch.aws.upbound.io_domainsamloptions.yaml diff --git a/apis/elasticsearch/v1beta1/zz_domainpolicy_types.go b/apis/elasticsearch/v1beta1/zz_domainpolicy_types.go new file mode 100755 index 0000000000..4794aa8668 --- /dev/null +++ b/apis/elasticsearch/v1beta1/zz_domainpolicy_types.go @@ -0,0 +1,92 @@ +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1beta1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime/schema" + + v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" +) + +type DomainPolicyObservation struct { + ID *string `json:"id,omitempty" tf:"id,omitempty"` +} + +type DomainPolicyParameters struct { + + // IAM policy document specifying the access policies for the domain + // +kubebuilder:validation:Required + AccessPolicies *string `json:"accessPolicies" tf:"access_policies,omitempty"` + + // Name of the domain. + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/elasticsearch/v1beta1.Domain + // +kubebuilder:validation:Optional + DomainName *string `json:"domainName,omitempty" tf:"domain_name,omitempty"` + + // Reference to a Domain in elasticsearch to populate domainName. + // +kubebuilder:validation:Optional + DomainNameRef *v1.Reference `json:"domainNameRef,omitempty" tf:"-"` + + // Selector for a Domain in elasticsearch to populate domainName. + // +kubebuilder:validation:Optional + DomainNameSelector *v1.Selector `json:"domainNameSelector,omitempty" tf:"-"` + + // Region is the region you'd like your resource to be created in. + // +upjet:crd:field:TFTag=- + // +kubebuilder:validation:Required + Region *string `json:"region" tf:"-"` +} + +// DomainPolicySpec defines the desired state of DomainPolicy +type DomainPolicySpec struct { + v1.ResourceSpec `json:",inline"` + ForProvider DomainPolicyParameters `json:"forProvider"` +} + +// DomainPolicyStatus defines the observed state of DomainPolicy. +type DomainPolicyStatus struct { + v1.ResourceStatus `json:",inline"` + AtProvider DomainPolicyObservation `json:"atProvider,omitempty"` +} + +// +kubebuilder:object:root=true + +// DomainPolicy is the Schema for the DomainPolicys API. Provides an Elasticsearch Domain Policy. +// +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +// +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +// +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +// +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +// +kubebuilder:subresource:status +// +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws} +type DomainPolicy struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + Spec DomainPolicySpec `json:"spec"` + Status DomainPolicyStatus `json:"status,omitempty"` +} + +// +kubebuilder:object:root=true + +// DomainPolicyList contains a list of DomainPolicys +type DomainPolicyList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []DomainPolicy `json:"items"` +} + +// Repository type metadata. +var ( + DomainPolicy_Kind = "DomainPolicy" + DomainPolicy_GroupKind = schema.GroupKind{Group: CRDGroup, Kind: DomainPolicy_Kind}.String() + DomainPolicy_KindAPIVersion = DomainPolicy_Kind + "." + CRDGroupVersion.String() + DomainPolicy_GroupVersionKind = CRDGroupVersion.WithKind(DomainPolicy_Kind) +) + +func init() { + SchemeBuilder.Register(&DomainPolicy{}, &DomainPolicyList{}) +} diff --git a/apis/elasticsearch/v1beta1/zz_domainsamloptions_types.go b/apis/elasticsearch/v1beta1/zz_domainsamloptions_types.go new file mode 100755 index 0000000000..3f335ac865 --- /dev/null +++ b/apis/elasticsearch/v1beta1/zz_domainsamloptions_types.go @@ -0,0 +1,129 @@ +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package v1beta1 + +import ( + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/runtime/schema" + + v1 "github.com/crossplane/crossplane-runtime/apis/common/v1" +) + +type DomainSAMLOptionsObservation struct { + + // The name of the domain the SAML options are associated with. + ID *string `json:"id,omitempty" tf:"id,omitempty"` +} + +type DomainSAMLOptionsParameters struct { + + // Region is the region you'd like your resource to be created in. + // +upjet:crd:field:TFTag=- + // +kubebuilder:validation:Required + Region *string `json:"region" tf:"-"` + + // The SAML authentication options for an AWS Elasticsearch Domain. + // +kubebuilder:validation:Optional + SAMLOptions []SAMLOptionsParameters `json:"samlOptions,omitempty" tf:"saml_options,omitempty"` +} + +type IdpObservation struct { +} + +type IdpParameters struct { + + // The unique Entity ID of the application in SAML Identity Provider. + // +kubebuilder:validation:Required + EntityID *string `json:"entityId" tf:"entity_id,omitempty"` + + // The Metadata of the SAML application in xml format. + // +kubebuilder:validation:Required + MetadataContent *string `json:"metadataContent" tf:"metadata_content,omitempty"` +} + +type SAMLOptionsObservation struct { +} + +type SAMLOptionsParameters struct { + + // Whether SAML authentication is enabled. + // +kubebuilder:validation:Optional + Enabled *bool `json:"enabled,omitempty" tf:"enabled,omitempty"` + + // Information from your identity provider. + // +kubebuilder:validation:Optional + Idp []IdpParameters `json:"idp,omitempty" tf:"idp,omitempty"` + + // This backend role from the SAML IdP receives full permissions to the cluster, equivalent to a new master user. + // +kubebuilder:validation:Optional + MasterBackendRole *string `json:"masterBackendRole,omitempty" tf:"master_backend_role,omitempty"` + + // This username from the SAML IdP receives full permissions to the cluster, equivalent to a new master user. + // +kubebuilder:validation:Optional + MasterUserNameSecretRef *v1.SecretKeySelector `json:"masterUserNameSecretRef,omitempty" tf:"-"` + + // Element of the SAML assertion to use for backend roles. Default is roles. + // +kubebuilder:validation:Optional + RolesKey *string `json:"rolesKey,omitempty" tf:"roles_key,omitempty"` + + // Duration of a session in minutes after a user logs in. Default is 60. Maximum value is 1,440. + // +kubebuilder:validation:Optional + SessionTimeoutMinutes *float64 `json:"sessionTimeoutMinutes,omitempty" tf:"session_timeout_minutes,omitempty"` + + // Custom SAML attribute to use for user names. Default is an empty string - "". This will cause Elasticsearch to use the NameID element of the Subject, which is the default location for name identifiers in the SAML specification. + // +kubebuilder:validation:Optional + SubjectKey *string `json:"subjectKey,omitempty" tf:"subject_key,omitempty"` +} + +// DomainSAMLOptionsSpec defines the desired state of DomainSAMLOptions +type DomainSAMLOptionsSpec struct { + v1.ResourceSpec `json:",inline"` + ForProvider DomainSAMLOptionsParameters `json:"forProvider"` +} + +// DomainSAMLOptionsStatus defines the observed state of DomainSAMLOptions. +type DomainSAMLOptionsStatus struct { + v1.ResourceStatus `json:",inline"` + AtProvider DomainSAMLOptionsObservation `json:"atProvider,omitempty"` +} + +// +kubebuilder:object:root=true + +// DomainSAMLOptions is the Schema for the DomainSAMLOptionss API. +// +kubebuilder:printcolumn:name="READY",type="string",JSONPath=".status.conditions[?(@.type=='Ready')].status" +// +kubebuilder:printcolumn:name="SYNCED",type="string",JSONPath=".status.conditions[?(@.type=='Synced')].status" +// +kubebuilder:printcolumn:name="EXTERNAL-NAME",type="string",JSONPath=".metadata.annotations.crossplane\\.io/external-name" +// +kubebuilder:printcolumn:name="AGE",type="date",JSONPath=".metadata.creationTimestamp" +// +kubebuilder:subresource:status +// +kubebuilder:resource:scope=Cluster,categories={crossplane,managed,aws} +type DomainSAMLOptions struct { + metav1.TypeMeta `json:",inline"` + metav1.ObjectMeta `json:"metadata,omitempty"` + Spec DomainSAMLOptionsSpec `json:"spec"` + Status DomainSAMLOptionsStatus `json:"status,omitempty"` +} + +// +kubebuilder:object:root=true + +// DomainSAMLOptionsList contains a list of DomainSAMLOptionss +type DomainSAMLOptionsList struct { + metav1.TypeMeta `json:",inline"` + metav1.ListMeta `json:"metadata,omitempty"` + Items []DomainSAMLOptions `json:"items"` +} + +// Repository type metadata. +var ( + DomainSAMLOptions_Kind = "DomainSAMLOptions" + DomainSAMLOptions_GroupKind = schema.GroupKind{Group: CRDGroup, Kind: DomainSAMLOptions_Kind}.String() + DomainSAMLOptions_KindAPIVersion = DomainSAMLOptions_Kind + "." + CRDGroupVersion.String() + DomainSAMLOptions_GroupVersionKind = CRDGroupVersion.WithKind(DomainSAMLOptions_Kind) +) + +func init() { + SchemeBuilder.Register(&DomainSAMLOptions{}, &DomainSAMLOptionsList{}) +} diff --git a/apis/elasticsearch/v1beta1/zz_generated.deepcopy.go b/apis/elasticsearch/v1beta1/zz_generated.deepcopy.go index 81093c2194..3eb98949db 100644 --- a/apis/elasticsearch/v1beta1/zz_generated.deepcopy.go +++ b/apis/elasticsearch/v1beta1/zz_generated.deepcopy.go @@ -595,6 +595,299 @@ func (in *DomainParameters) DeepCopy() *DomainParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DomainPolicy) DeepCopyInto(out *DomainPolicy) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainPolicy. +func (in *DomainPolicy) DeepCopy() *DomainPolicy { + if in == nil { + return nil + } + out := new(DomainPolicy) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *DomainPolicy) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DomainPolicyList) DeepCopyInto(out *DomainPolicyList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]DomainPolicy, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainPolicyList. +func (in *DomainPolicyList) DeepCopy() *DomainPolicyList { + if in == nil { + return nil + } + out := new(DomainPolicyList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *DomainPolicyList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DomainPolicyObservation) DeepCopyInto(out *DomainPolicyObservation) { + *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainPolicyObservation. +func (in *DomainPolicyObservation) DeepCopy() *DomainPolicyObservation { + if in == nil { + return nil + } + out := new(DomainPolicyObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DomainPolicyParameters) DeepCopyInto(out *DomainPolicyParameters) { + *out = *in + if in.AccessPolicies != nil { + in, out := &in.AccessPolicies, &out.AccessPolicies + *out = new(string) + **out = **in + } + if in.DomainName != nil { + in, out := &in.DomainName, &out.DomainName + *out = new(string) + **out = **in + } + if in.DomainNameRef != nil { + in, out := &in.DomainNameRef, &out.DomainNameRef + *out = new(v1.Reference) + (*in).DeepCopyInto(*out) + } + if in.DomainNameSelector != nil { + in, out := &in.DomainNameSelector, &out.DomainNameSelector + *out = new(v1.Selector) + (*in).DeepCopyInto(*out) + } + if in.Region != nil { + in, out := &in.Region, &out.Region + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainPolicyParameters. +func (in *DomainPolicyParameters) DeepCopy() *DomainPolicyParameters { + if in == nil { + return nil + } + out := new(DomainPolicyParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DomainPolicySpec) DeepCopyInto(out *DomainPolicySpec) { + *out = *in + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainPolicySpec. +func (in *DomainPolicySpec) DeepCopy() *DomainPolicySpec { + if in == nil { + return nil + } + out := new(DomainPolicySpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DomainPolicyStatus) DeepCopyInto(out *DomainPolicyStatus) { + *out = *in + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainPolicyStatus. +func (in *DomainPolicyStatus) DeepCopy() *DomainPolicyStatus { + if in == nil { + return nil + } + out := new(DomainPolicyStatus) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DomainSAMLOptions) DeepCopyInto(out *DomainSAMLOptions) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ObjectMeta.DeepCopyInto(&out.ObjectMeta) + in.Spec.DeepCopyInto(&out.Spec) + in.Status.DeepCopyInto(&out.Status) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainSAMLOptions. +func (in *DomainSAMLOptions) DeepCopy() *DomainSAMLOptions { + if in == nil { + return nil + } + out := new(DomainSAMLOptions) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *DomainSAMLOptions) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DomainSAMLOptionsList) DeepCopyInto(out *DomainSAMLOptionsList) { + *out = *in + out.TypeMeta = in.TypeMeta + in.ListMeta.DeepCopyInto(&out.ListMeta) + if in.Items != nil { + in, out := &in.Items, &out.Items + *out = make([]DomainSAMLOptions, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainSAMLOptionsList. +func (in *DomainSAMLOptionsList) DeepCopy() *DomainSAMLOptionsList { + if in == nil { + return nil + } + out := new(DomainSAMLOptionsList) + in.DeepCopyInto(out) + return out +} + +// DeepCopyObject is an autogenerated deepcopy function, copying the receiver, creating a new runtime.Object. +func (in *DomainSAMLOptionsList) DeepCopyObject() runtime.Object { + if c := in.DeepCopy(); c != nil { + return c + } + return nil +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DomainSAMLOptionsObservation) DeepCopyInto(out *DomainSAMLOptionsObservation) { + *out = *in + if in.ID != nil { + in, out := &in.ID, &out.ID + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainSAMLOptionsObservation. +func (in *DomainSAMLOptionsObservation) DeepCopy() *DomainSAMLOptionsObservation { + if in == nil { + return nil + } + out := new(DomainSAMLOptionsObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DomainSAMLOptionsParameters) DeepCopyInto(out *DomainSAMLOptionsParameters) { + *out = *in + if in.Region != nil { + in, out := &in.Region, &out.Region + *out = new(string) + **out = **in + } + if in.SAMLOptions != nil { + in, out := &in.SAMLOptions, &out.SAMLOptions + *out = make([]SAMLOptionsParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainSAMLOptionsParameters. +func (in *DomainSAMLOptionsParameters) DeepCopy() *DomainSAMLOptionsParameters { + if in == nil { + return nil + } + out := new(DomainSAMLOptionsParameters) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DomainSAMLOptionsSpec) DeepCopyInto(out *DomainSAMLOptionsSpec) { + *out = *in + in.ResourceSpec.DeepCopyInto(&out.ResourceSpec) + in.ForProvider.DeepCopyInto(&out.ForProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainSAMLOptionsSpec. +func (in *DomainSAMLOptionsSpec) DeepCopy() *DomainSAMLOptionsSpec { + if in == nil { + return nil + } + out := new(DomainSAMLOptionsSpec) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *DomainSAMLOptionsStatus) DeepCopyInto(out *DomainSAMLOptionsStatus) { + *out = *in + in.ResourceStatus.DeepCopyInto(&out.ResourceStatus) + in.AtProvider.DeepCopyInto(&out.AtProvider) +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new DomainSAMLOptionsStatus. +func (in *DomainSAMLOptionsStatus) DeepCopy() *DomainSAMLOptionsStatus { + if in == nil { + return nil + } + out := new(DomainSAMLOptionsStatus) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *DomainSpec) DeepCopyInto(out *DomainSpec) { *out = *in @@ -764,6 +1057,46 @@ func (in *EncryptAtRestParameters) DeepCopy() *EncryptAtRestParameters { return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IdpObservation) DeepCopyInto(out *IdpObservation) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdpObservation. +func (in *IdpObservation) DeepCopy() *IdpObservation { + if in == nil { + return nil + } + out := new(IdpObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *IdpParameters) DeepCopyInto(out *IdpParameters) { + *out = *in + if in.EntityID != nil { + in, out := &in.EntityID, &out.EntityID + *out = new(string) + **out = **in + } + if in.MetadataContent != nil { + in, out := &in.MetadataContent, &out.MetadataContent + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new IdpParameters. +func (in *IdpParameters) DeepCopy() *IdpParameters { + if in == nil { + return nil + } + out := new(IdpParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *LogPublishingOptionsObservation) DeepCopyInto(out *LogPublishingOptionsObservation) { *out = *in @@ -946,6 +1279,73 @@ func (in *NodeToNodeEncryptionParameters) DeepCopy() *NodeToNodeEncryptionParame return out } +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SAMLOptionsObservation) DeepCopyInto(out *SAMLOptionsObservation) { + *out = *in +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SAMLOptionsObservation. +func (in *SAMLOptionsObservation) DeepCopy() *SAMLOptionsObservation { + if in == nil { + return nil + } + out := new(SAMLOptionsObservation) + in.DeepCopyInto(out) + return out +} + +// DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. +func (in *SAMLOptionsParameters) DeepCopyInto(out *SAMLOptionsParameters) { + *out = *in + if in.Enabled != nil { + in, out := &in.Enabled, &out.Enabled + *out = new(bool) + **out = **in + } + if in.Idp != nil { + in, out := &in.Idp, &out.Idp + *out = make([]IdpParameters, len(*in)) + for i := range *in { + (*in)[i].DeepCopyInto(&(*out)[i]) + } + } + if in.MasterBackendRole != nil { + in, out := &in.MasterBackendRole, &out.MasterBackendRole + *out = new(string) + **out = **in + } + if in.MasterUserNameSecretRef != nil { + in, out := &in.MasterUserNameSecretRef, &out.MasterUserNameSecretRef + *out = new(v1.SecretKeySelector) + **out = **in + } + if in.RolesKey != nil { + in, out := &in.RolesKey, &out.RolesKey + *out = new(string) + **out = **in + } + if in.SessionTimeoutMinutes != nil { + in, out := &in.SessionTimeoutMinutes, &out.SessionTimeoutMinutes + *out = new(float64) + **out = **in + } + if in.SubjectKey != nil { + in, out := &in.SubjectKey, &out.SubjectKey + *out = new(string) + **out = **in + } +} + +// DeepCopy is an autogenerated deepcopy function, copying the receiver, creating a new SAMLOptionsParameters. +func (in *SAMLOptionsParameters) DeepCopy() *SAMLOptionsParameters { + if in == nil { + return nil + } + out := new(SAMLOptionsParameters) + in.DeepCopyInto(out) + return out +} + // DeepCopyInto is an autogenerated deepcopy function, copying the receiver, writing into out. in must be non-nil. func (in *SnapshotOptionsObservation) DeepCopyInto(out *SnapshotOptionsObservation) { *out = *in diff --git a/apis/elasticsearch/v1beta1/zz_generated.managed.go b/apis/elasticsearch/v1beta1/zz_generated.managed.go index 9d063759ec..440d249f2e 100644 --- a/apis/elasticsearch/v1beta1/zz_generated.managed.go +++ b/apis/elasticsearch/v1beta1/zz_generated.managed.go @@ -72,3 +72,135 @@ func (mg *Domain) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetails func (mg *Domain) SetWriteConnectionSecretToReference(r *xpv1.SecretReference) { mg.Spec.WriteConnectionSecretToReference = r } + +// GetCondition of this DomainPolicy. +func (mg *DomainPolicy) GetCondition(ct xpv1.ConditionType) xpv1.Condition { + return mg.Status.GetCondition(ct) +} + +// GetDeletionPolicy of this DomainPolicy. +func (mg *DomainPolicy) GetDeletionPolicy() xpv1.DeletionPolicy { + return mg.Spec.DeletionPolicy +} + +// GetProviderConfigReference of this DomainPolicy. +func (mg *DomainPolicy) GetProviderConfigReference() *xpv1.Reference { + return mg.Spec.ProviderConfigReference +} + +/* +GetProviderReference of this DomainPolicy. +Deprecated: Use GetProviderConfigReference. +*/ +func (mg *DomainPolicy) GetProviderReference() *xpv1.Reference { + return mg.Spec.ProviderReference +} + +// GetPublishConnectionDetailsTo of this DomainPolicy. +func (mg *DomainPolicy) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { + return mg.Spec.PublishConnectionDetailsTo +} + +// GetWriteConnectionSecretToReference of this DomainPolicy. +func (mg *DomainPolicy) GetWriteConnectionSecretToReference() *xpv1.SecretReference { + return mg.Spec.WriteConnectionSecretToReference +} + +// SetConditions of this DomainPolicy. +func (mg *DomainPolicy) SetConditions(c ...xpv1.Condition) { + mg.Status.SetConditions(c...) +} + +// SetDeletionPolicy of this DomainPolicy. +func (mg *DomainPolicy) SetDeletionPolicy(r xpv1.DeletionPolicy) { + mg.Spec.DeletionPolicy = r +} + +// SetProviderConfigReference of this DomainPolicy. +func (mg *DomainPolicy) SetProviderConfigReference(r *xpv1.Reference) { + mg.Spec.ProviderConfigReference = r +} + +/* +SetProviderReference of this DomainPolicy. +Deprecated: Use SetProviderConfigReference. +*/ +func (mg *DomainPolicy) SetProviderReference(r *xpv1.Reference) { + mg.Spec.ProviderReference = r +} + +// SetPublishConnectionDetailsTo of this DomainPolicy. +func (mg *DomainPolicy) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { + mg.Spec.PublishConnectionDetailsTo = r +} + +// SetWriteConnectionSecretToReference of this DomainPolicy. +func (mg *DomainPolicy) SetWriteConnectionSecretToReference(r *xpv1.SecretReference) { + mg.Spec.WriteConnectionSecretToReference = r +} + +// GetCondition of this DomainSAMLOptions. +func (mg *DomainSAMLOptions) GetCondition(ct xpv1.ConditionType) xpv1.Condition { + return mg.Status.GetCondition(ct) +} + +// GetDeletionPolicy of this DomainSAMLOptions. +func (mg *DomainSAMLOptions) GetDeletionPolicy() xpv1.DeletionPolicy { + return mg.Spec.DeletionPolicy +} + +// GetProviderConfigReference of this DomainSAMLOptions. +func (mg *DomainSAMLOptions) GetProviderConfigReference() *xpv1.Reference { + return mg.Spec.ProviderConfigReference +} + +/* +GetProviderReference of this DomainSAMLOptions. +Deprecated: Use GetProviderConfigReference. +*/ +func (mg *DomainSAMLOptions) GetProviderReference() *xpv1.Reference { + return mg.Spec.ProviderReference +} + +// GetPublishConnectionDetailsTo of this DomainSAMLOptions. +func (mg *DomainSAMLOptions) GetPublishConnectionDetailsTo() *xpv1.PublishConnectionDetailsTo { + return mg.Spec.PublishConnectionDetailsTo +} + +// GetWriteConnectionSecretToReference of this DomainSAMLOptions. +func (mg *DomainSAMLOptions) GetWriteConnectionSecretToReference() *xpv1.SecretReference { + return mg.Spec.WriteConnectionSecretToReference +} + +// SetConditions of this DomainSAMLOptions. +func (mg *DomainSAMLOptions) SetConditions(c ...xpv1.Condition) { + mg.Status.SetConditions(c...) +} + +// SetDeletionPolicy of this DomainSAMLOptions. +func (mg *DomainSAMLOptions) SetDeletionPolicy(r xpv1.DeletionPolicy) { + mg.Spec.DeletionPolicy = r +} + +// SetProviderConfigReference of this DomainSAMLOptions. +func (mg *DomainSAMLOptions) SetProviderConfigReference(r *xpv1.Reference) { + mg.Spec.ProviderConfigReference = r +} + +/* +SetProviderReference of this DomainSAMLOptions. +Deprecated: Use SetProviderConfigReference. +*/ +func (mg *DomainSAMLOptions) SetProviderReference(r *xpv1.Reference) { + mg.Spec.ProviderReference = r +} + +// SetPublishConnectionDetailsTo of this DomainSAMLOptions. +func (mg *DomainSAMLOptions) SetPublishConnectionDetailsTo(r *xpv1.PublishConnectionDetailsTo) { + mg.Spec.PublishConnectionDetailsTo = r +} + +// SetWriteConnectionSecretToReference of this DomainSAMLOptions. +func (mg *DomainSAMLOptions) SetWriteConnectionSecretToReference(r *xpv1.SecretReference) { + mg.Spec.WriteConnectionSecretToReference = r +} diff --git a/apis/elasticsearch/v1beta1/zz_generated.managedlist.go b/apis/elasticsearch/v1beta1/zz_generated.managedlist.go index 00b0f7255d..c3100d79aa 100644 --- a/apis/elasticsearch/v1beta1/zz_generated.managedlist.go +++ b/apis/elasticsearch/v1beta1/zz_generated.managedlist.go @@ -15,3 +15,21 @@ func (l *DomainList) GetItems() []resource.Managed { } return items } + +// GetItems of this DomainPolicyList. +func (l *DomainPolicyList) GetItems() []resource.Managed { + items := make([]resource.Managed, len(l.Items)) + for i := range l.Items { + items[i] = &l.Items[i] + } + return items +} + +// GetItems of this DomainSAMLOptionsList. +func (l *DomainSAMLOptionsList) GetItems() []resource.Managed { + items := make([]resource.Managed, len(l.Items)) + for i := range l.Items { + items[i] = &l.Items[i] + } + return items +} diff --git a/apis/elasticsearch/v1beta1/zz_generated.resolvers.go b/apis/elasticsearch/v1beta1/zz_generated.resolvers.go index e40b5dbbe2..7778a2d06b 100644 --- a/apis/elasticsearch/v1beta1/zz_generated.resolvers.go +++ b/apis/elasticsearch/v1beta1/zz_generated.resolvers.go @@ -42,3 +42,29 @@ func (mg *Domain) ResolveReferences(ctx context.Context, c client.Reader) error return nil } + +// ResolveReferences of this DomainPolicy. +func (mg *DomainPolicy) ResolveReferences(ctx context.Context, c client.Reader) error { + r := reference.NewAPIResolver(c, mg) + + var rsp reference.ResolutionResponse + var err error + + rsp, err = r.Resolve(ctx, reference.ResolutionRequest{ + CurrentValue: reference.FromPtrValue(mg.Spec.ForProvider.DomainName), + Extract: reference.ExternalName(), + Reference: mg.Spec.ForProvider.DomainNameRef, + Selector: mg.Spec.ForProvider.DomainNameSelector, + To: reference.To{ + List: &DomainList{}, + Managed: &Domain{}, + }, + }) + if err != nil { + return errors.Wrap(err, "mg.Spec.ForProvider.DomainName") + } + mg.Spec.ForProvider.DomainName = reference.ToPtrValue(rsp.ResolvedValue) + mg.Spec.ForProvider.DomainNameRef = rsp.ResolvedReference + + return nil +} diff --git a/apis/elasticsearch/v1beta1/zz_generated_terraformed.go b/apis/elasticsearch/v1beta1/zz_generated_terraformed.go index 33ceeb15bf..e412991033 100755 --- a/apis/elasticsearch/v1beta1/zz_generated_terraformed.go +++ b/apis/elasticsearch/v1beta1/zz_generated_terraformed.go @@ -86,3 +86,151 @@ func (tr *Domain) LateInitialize(attrs []byte) (bool, error) { func (tr *Domain) GetTerraformSchemaVersion() int { return 0 } + +// GetTerraformResourceType returns Terraform resource type for this DomainPolicy +func (mg *DomainPolicy) GetTerraformResourceType() string { + return "aws_elasticsearch_domain_policy" +} + +// GetConnectionDetailsMapping for this DomainPolicy +func (tr *DomainPolicy) GetConnectionDetailsMapping() map[string]string { + return nil +} + +// GetObservation of this DomainPolicy +func (tr *DomainPolicy) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this DomainPolicy +func (tr *DomainPolicy) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this DomainPolicy +func (tr *DomainPolicy) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this DomainPolicy +func (tr *DomainPolicy) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this DomainPolicy +func (tr *DomainPolicy) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// LateInitialize this DomainPolicy using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *DomainPolicy) LateInitialize(attrs []byte) (bool, error) { + params := &DomainPolicyParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *DomainPolicy) GetTerraformSchemaVersion() int { + return 0 +} + +// GetTerraformResourceType returns Terraform resource type for this DomainSAMLOptions +func (mg *DomainSAMLOptions) GetTerraformResourceType() string { + return "aws_elasticsearch_domain_saml_options" +} + +// GetConnectionDetailsMapping for this DomainSAMLOptions +func (tr *DomainSAMLOptions) GetConnectionDetailsMapping() map[string]string { + return map[string]string{"saml_options[*].master_user_name": "spec.forProvider.samlOptions[*].masterUserNameSecretRef"} +} + +// GetObservation of this DomainSAMLOptions +func (tr *DomainSAMLOptions) GetObservation() (map[string]any, error) { + o, err := json.TFParser.Marshal(tr.Status.AtProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(o, &base) +} + +// SetObservation for this DomainSAMLOptions +func (tr *DomainSAMLOptions) SetObservation(obs map[string]any) error { + p, err := json.TFParser.Marshal(obs) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Status.AtProvider) +} + +// GetID returns ID of underlying Terraform resource of this DomainSAMLOptions +func (tr *DomainSAMLOptions) GetID() string { + if tr.Status.AtProvider.ID == nil { + return "" + } + return *tr.Status.AtProvider.ID +} + +// GetParameters of this DomainSAMLOptions +func (tr *DomainSAMLOptions) GetParameters() (map[string]any, error) { + p, err := json.TFParser.Marshal(tr.Spec.ForProvider) + if err != nil { + return nil, err + } + base := map[string]any{} + return base, json.TFParser.Unmarshal(p, &base) +} + +// SetParameters for this DomainSAMLOptions +func (tr *DomainSAMLOptions) SetParameters(params map[string]any) error { + p, err := json.TFParser.Marshal(params) + if err != nil { + return err + } + return json.TFParser.Unmarshal(p, &tr.Spec.ForProvider) +} + +// LateInitialize this DomainSAMLOptions using its observed tfState. +// returns True if there are any spec changes for the resource. +func (tr *DomainSAMLOptions) LateInitialize(attrs []byte) (bool, error) { + params := &DomainSAMLOptionsParameters{} + if err := json.TFParser.Unmarshal(attrs, params); err != nil { + return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") + } + opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + + li := resource.NewGenericLateInitializer(opts...) + return li.LateInitialize(&tr.Spec.ForProvider, params) +} + +// GetTerraformSchemaVersion returns the associated Terraform schema version +func (tr *DomainSAMLOptions) GetTerraformSchemaVersion() int { + return 0 +} diff --git a/config/externalname.go b/config/externalname.go index 0f080a2efa..1b516fa2be 100644 --- a/config/externalname.go +++ b/config/externalname.go @@ -2312,6 +2312,10 @@ var ExternalNameConfigs = map[string]config.ExternalName{ // // Elasticsearch domains can be imported using the domain_name "aws_elasticsearch_domain": config.TemplatedStringAsIdentifier("domain_name", "arn:aws:es:{{ .setup.configuration.region }}:{{ .setup.client_metadata.account_id }}:domain/{{ .external_name }}"), + // No import + "aws_elasticsearch_domain_policy": config.IdentifierFromProvider, + // Elasticsearch domains can be imported using the domain_name + "aws_elasticsearch_domain_saml_options": config.ParameterAsIdentifier("domain_name"), // xray // diff --git a/config/externalnamenottested.go b/config/externalnamenottested.go index fed6425074..afbbad919d 100644 --- a/config/externalnamenottested.go +++ b/config/externalnamenottested.go @@ -288,13 +288,6 @@ var ExternalNameNotTestedConfigs = map[string]config.ExternalName{ // Elastic Beanstalk Environments can be imported using the id "aws_elastic_beanstalk_environment": config.IdentifierFromProvider, - // elasticsearch - // - // No import - "aws_elasticsearch_domain_policy": config.IdentifierFromProvider, - // Elasticsearch domains can be imported using the domain_name - "aws_elasticsearch_domain_saml_options": config.ParameterAsIdentifier("domain_name"), - // elbv2 // // Listener Certificates can be imported by using the listener arn and certificate arn, separated by an underscore (_) diff --git a/config/generated.lst b/config/generated.lst index 71642535be..76f8f1e17a 100644 --- a/config/generated.lst +++ b/config/generated.lst @@ -1 +1 @@ -["aws_accessanalyzer_analyzer","aws_accessanalyzer_archive_rule","aws_account_alternate_contact","aws_acm_certificate","aws_acm_certificate_validation","aws_acmpca_certificate","aws_acmpca_certificate_authority","aws_acmpca_certificate_authority_certificate","aws_acmpca_permission","aws_acmpca_policy","aws_ami","aws_ami_copy","aws_ami_launch_permission","aws_amplify_app","aws_amplify_backend_environment","aws_amplify_branch","aws_amplify_webhook","aws_api_gateway_account","aws_api_gateway_api_key","aws_api_gateway_authorizer","aws_api_gateway_base_path_mapping","aws_api_gateway_client_certificate","aws_api_gateway_deployment","aws_api_gateway_documentation_part","aws_api_gateway_documentation_version","aws_api_gateway_domain_name","aws_api_gateway_gateway_response","aws_api_gateway_integration","aws_api_gateway_integration_response","aws_api_gateway_method","aws_api_gateway_method_response","aws_api_gateway_method_settings","aws_api_gateway_model","aws_api_gateway_request_validator","aws_api_gateway_resource","aws_api_gateway_rest_api","aws_api_gateway_rest_api_policy","aws_api_gateway_stage","aws_api_gateway_usage_plan","aws_api_gateway_usage_plan_key","aws_api_gateway_vpc_link","aws_apigatewayv2_api","aws_apigatewayv2_api_mapping","aws_apigatewayv2_authorizer","aws_apigatewayv2_deployment","aws_apigatewayv2_domain_name","aws_apigatewayv2_integration","aws_apigatewayv2_integration_response","aws_apigatewayv2_model","aws_apigatewayv2_route","aws_apigatewayv2_route_response","aws_apigatewayv2_stage","aws_apigatewayv2_vpc_link","aws_app_cookie_stickiness_policy","aws_appautoscaling_policy","aws_appautoscaling_scheduled_action","aws_appautoscaling_target","aws_appconfig_application","aws_appconfig_configuration_profile","aws_appconfig_deployment","aws_appconfig_deployment_strategy","aws_appconfig_environment","aws_appconfig_extension","aws_appconfig_extension_association","aws_appconfig_hosted_configuration_version","aws_appflow_flow","aws_appintegrations_event_integration","aws_applicationinsights_application","aws_appmesh_gateway_route","aws_appmesh_mesh","aws_appmesh_route","aws_appmesh_virtual_gateway","aws_appmesh_virtual_node","aws_appmesh_virtual_router","aws_appmesh_virtual_service","aws_apprunner_auto_scaling_configuration_version","aws_apprunner_connection","aws_apprunner_observability_configuration","aws_apprunner_service","aws_apprunner_vpc_connector","aws_appstream_directory_config","aws_appstream_fleet","aws_appstream_fleet_stack_association","aws_appstream_image_builder","aws_appstream_stack","aws_appstream_user","aws_appstream_user_stack_association","aws_appsync_api_cache","aws_appsync_api_key","aws_appsync_datasource","aws_appsync_function","aws_appsync_graphql_api","aws_appsync_resolver","aws_athena_data_catalog","aws_athena_database","aws_athena_named_query","aws_athena_workgroup","aws_autoscaling_attachment","aws_autoscaling_group","aws_autoscaling_group_tag","aws_autoscaling_lifecycle_hook","aws_autoscaling_notification","aws_autoscaling_policy","aws_autoscaling_schedule","aws_autoscalingplans_scaling_plan","aws_backup_framework","aws_backup_global_settings","aws_backup_plan","aws_backup_region_settings","aws_backup_report_plan","aws_backup_selection","aws_backup_vault","aws_backup_vault_lock_configuration","aws_backup_vault_notifications","aws_backup_vault_policy","aws_batch_scheduling_policy","aws_budgets_budget","aws_budgets_budget_action","aws_ce_anomaly_monitor","aws_chime_voice_connector","aws_chime_voice_connector_group","aws_chime_voice_connector_logging","aws_chime_voice_connector_origination","aws_chime_voice_connector_streaming","aws_chime_voice_connector_termination","aws_chime_voice_connector_termination_credentials","aws_cloud9_environment_ec2","aws_cloud9_environment_membership","aws_cloudcontrolapi_resource","aws_cloudformation_stack","aws_cloudformation_stack_set","aws_cloudfront_cache_policy","aws_cloudfront_distribution","aws_cloudfront_field_level_encryption_config","aws_cloudfront_field_level_encryption_profile","aws_cloudfront_function","aws_cloudfront_key_group","aws_cloudfront_monitoring_subscription","aws_cloudfront_origin_access_control","aws_cloudfront_origin_access_identity","aws_cloudfront_origin_request_policy","aws_cloudfront_public_key","aws_cloudfront_realtime_log_config","aws_cloudfront_response_headers_policy","aws_cloudsearch_domain","aws_cloudsearch_domain_service_access_policy","aws_cloudtrail","aws_cloudtrail_event_data_store","aws_cloudwatch_composite_alarm","aws_cloudwatch_dashboard","aws_cloudwatch_event_api_destination","aws_cloudwatch_event_archive","aws_cloudwatch_event_bus","aws_cloudwatch_event_bus_policy","aws_cloudwatch_event_connection","aws_cloudwatch_event_permission","aws_cloudwatch_event_rule","aws_cloudwatch_event_target","aws_cloudwatch_log_destination","aws_cloudwatch_log_destination_policy","aws_cloudwatch_log_group","aws_cloudwatch_log_metric_filter","aws_cloudwatch_log_resource_policy","aws_cloudwatch_log_stream","aws_cloudwatch_log_subscription_filter","aws_cloudwatch_metric_alarm","aws_cloudwatch_metric_stream","aws_cloudwatch_query_definition","aws_codecommit_approval_rule_template","aws_codecommit_approval_rule_template_association","aws_codecommit_repository","aws_codecommit_trigger","aws_codedeploy_app","aws_codedeploy_deployment_config","aws_codedeploy_deployment_group","aws_codepipeline","aws_codepipeline_custom_action_type","aws_codepipeline_webhook","aws_codestarconnections_connection","aws_codestarconnections_host","aws_codestarnotifications_notification_rule","aws_cognito_identity_pool","aws_cognito_identity_pool_provider_principal_tag","aws_cognito_identity_pool_roles_attachment","aws_cognito_identity_provider","aws_cognito_resource_server","aws_cognito_risk_configuration","aws_cognito_user","aws_cognito_user_group","aws_cognito_user_in_group","aws_cognito_user_pool","aws_cognito_user_pool_client","aws_cognito_user_pool_domain","aws_cognito_user_pool_ui_customization","aws_config_config_rule","aws_config_configuration_aggregator","aws_config_configuration_recorder","aws_config_configuration_recorder_status","aws_config_conformance_pack","aws_config_delivery_channel","aws_config_remediation_configuration","aws_connect_bot_association","aws_connect_contact_flow","aws_connect_contact_flow_module","aws_connect_hours_of_operation","aws_connect_instance","aws_connect_instance_storage_config","aws_connect_lambda_function_association","aws_connect_phone_number","aws_connect_queue","aws_connect_quick_connect","aws_connect_routing_profile","aws_connect_security_profile","aws_connect_user","aws_connect_user_hierarchy_structure","aws_connect_vocabulary","aws_cur_report_definition","aws_customer_gateway","aws_dataexchange_data_set","aws_dataexchange_revision","aws_datapipeline_pipeline","aws_dax_cluster","aws_dax_parameter_group","aws_dax_subnet_group","aws_db_cluster_snapshot","aws_db_event_subscription","aws_db_instance","aws_db_instance_automated_backups_replication","aws_db_instance_role_association","aws_db_option_group","aws_db_parameter_group","aws_db_proxy","aws_db_proxy_default_target_group","aws_db_proxy_endpoint","aws_db_proxy_target","aws_db_security_group","aws_db_snapshot","aws_db_snapshot_copy","aws_db_subnet_group","aws_default_network_acl","aws_default_route_table","aws_default_security_group","aws_default_subnet","aws_default_vpc","aws_default_vpc_dhcp_options","aws_detective_graph","aws_detective_invitation_accepter","aws_detective_member","aws_devicefarm_device_pool","aws_devicefarm_instance_profile","aws_devicefarm_network_profile","aws_devicefarm_project","aws_devicefarm_test_grid_project","aws_devicefarm_upload","aws_directory_service_conditional_forwarder","aws_directory_service_directory","aws_dlm_lifecycle_policy","aws_dms_certificate","aws_dms_endpoint","aws_dms_event_subscription","aws_dms_replication_instance","aws_dms_replication_subnet_group","aws_dms_replication_task","aws_docdb_cluster","aws_docdb_cluster_instance","aws_docdb_cluster_parameter_group","aws_docdb_cluster_snapshot","aws_docdb_event_subscription","aws_docdb_global_cluster","aws_docdb_subnet_group","aws_dx_bgp_peer","aws_dx_connection","aws_dx_connection_association","aws_dx_gateway","aws_dx_gateway_association","aws_dx_gateway_association_proposal","aws_dx_hosted_private_virtual_interface","aws_dx_hosted_private_virtual_interface_accepter","aws_dx_hosted_public_virtual_interface","aws_dx_hosted_public_virtual_interface_accepter","aws_dx_hosted_transit_virtual_interface","aws_dx_hosted_transit_virtual_interface_accepter","aws_dx_lag","aws_dx_private_virtual_interface","aws_dx_public_virtual_interface","aws_dx_transit_virtual_interface","aws_dynamodb_contributor_insights","aws_dynamodb_global_table","aws_dynamodb_kinesis_streaming_destination","aws_dynamodb_table","aws_dynamodb_table_item","aws_dynamodb_tag","aws_ebs_default_kms_key","aws_ebs_encryption_by_default","aws_ebs_snapshot","aws_ebs_snapshot_copy","aws_ebs_snapshot_import","aws_ebs_volume","aws_ec2_availability_zone_group","aws_ec2_capacity_reservation","aws_ec2_carrier_gateway","aws_ec2_host","aws_ec2_instance_state","aws_ec2_managed_prefix_list","aws_ec2_managed_prefix_list_entry","aws_ec2_network_insights_analysis","aws_ec2_network_insights_path","aws_ec2_serial_console_access","aws_ec2_subnet_cidr_reservation","aws_ec2_traffic_mirror_filter","aws_ec2_traffic_mirror_filter_rule","aws_ec2_transit_gateway","aws_ec2_transit_gateway_connect","aws_ec2_transit_gateway_connect_peer","aws_ec2_transit_gateway_multicast_domain","aws_ec2_transit_gateway_multicast_domain_association","aws_ec2_transit_gateway_multicast_group_member","aws_ec2_transit_gateway_multicast_group_source","aws_ec2_transit_gateway_peering_attachment","aws_ec2_transit_gateway_peering_attachment_accepter","aws_ec2_transit_gateway_policy_table","aws_ec2_transit_gateway_prefix_list_reference","aws_ec2_transit_gateway_route","aws_ec2_transit_gateway_route_table","aws_ec2_transit_gateway_route_table_association","aws_ec2_transit_gateway_route_table_propagation","aws_ec2_transit_gateway_vpc_attachment","aws_ec2_transit_gateway_vpc_attachment_accepter","aws_ecr_lifecycle_policy","aws_ecr_pull_through_cache_rule","aws_ecr_registry_policy","aws_ecr_registry_scanning_configuration","aws_ecr_replication_configuration","aws_ecr_repository","aws_ecr_repository_policy","aws_ecrpublic_repository","aws_ecrpublic_repository_policy","aws_ecs_account_setting_default","aws_ecs_capacity_provider","aws_ecs_cluster","aws_ecs_cluster_capacity_providers","aws_ecs_service","aws_ecs_task_definition","aws_efs_access_point","aws_efs_backup_policy","aws_efs_file_system","aws_efs_file_system_policy","aws_efs_mount_target","aws_egress_only_internet_gateway","aws_eip","aws_eip_association","aws_eks_addon","aws_eks_cluster","aws_eks_fargate_profile","aws_eks_identity_provider_config","aws_eks_node_group","aws_elastic_beanstalk_application","aws_elastic_beanstalk_application_version","aws_elastic_beanstalk_configuration_template","aws_elasticache_cluster","aws_elasticache_parameter_group","aws_elasticache_replication_group","aws_elasticache_subnet_group","aws_elasticache_user","aws_elasticache_user_group","aws_elasticsearch_domain","aws_elastictranscoder_pipeline","aws_elastictranscoder_preset","aws_elb","aws_elb_attachment","aws_emr_security_configuration","aws_evidently_feature","aws_evidently_project","aws_evidently_segment","aws_fis_experiment_template","aws_flow_log","aws_fsx_backup","aws_fsx_data_repository_association","aws_fsx_lustre_file_system","aws_fsx_ontap_file_system","aws_fsx_ontap_storage_virtual_machine","aws_fsx_windows_file_system","aws_gamelift_alias","aws_gamelift_build","aws_gamelift_fleet","aws_gamelift_game_session_queue","aws_gamelift_script","aws_glacier_vault","aws_glacier_vault_lock","aws_globalaccelerator_accelerator","aws_globalaccelerator_endpoint_group","aws_globalaccelerator_listener","aws_glue_catalog_database","aws_glue_catalog_table","aws_glue_classifier","aws_glue_connection","aws_glue_crawler","aws_glue_data_catalog_encryption_settings","aws_glue_job","aws_glue_registry","aws_glue_resource_policy","aws_glue_schema","aws_glue_security_configuration","aws_glue_trigger","aws_glue_user_defined_function","aws_glue_workflow","aws_grafana_license_association","aws_grafana_role_association","aws_grafana_workspace","aws_grafana_workspace_api_key","aws_grafana_workspace_saml_configuration","aws_guardduty_detector","aws_guardduty_filter","aws_guardduty_member","aws_iam_access_key","aws_iam_account_alias","aws_iam_account_password_policy","aws_iam_group","aws_iam_group_membership","aws_iam_group_policy_attachment","aws_iam_instance_profile","aws_iam_openid_connect_provider","aws_iam_policy","aws_iam_role","aws_iam_role_policy_attachment","aws_iam_saml_provider","aws_iam_server_certificate","aws_iam_service_linked_role","aws_iam_service_specific_credential","aws_iam_signing_certificate","aws_iam_user","aws_iam_user_group_membership","aws_iam_user_login_profile","aws_iam_user_policy_attachment","aws_iam_user_ssh_key","aws_iam_virtual_mfa_device","aws_imagebuilder_component","aws_imagebuilder_container_recipe","aws_imagebuilder_distribution_configuration","aws_imagebuilder_image","aws_imagebuilder_image_pipeline","aws_imagebuilder_image_recipe","aws_imagebuilder_infrastructure_configuration","aws_inspector2_enabler","aws_inspector_assessment_target","aws_inspector_assessment_template","aws_inspector_resource_group","aws_instance","aws_internet_gateway","aws_iot_certificate","aws_iot_indexing_configuration","aws_iot_logging_options","aws_iot_policy","aws_iot_policy_attachment","aws_iot_provisioning_template","aws_iot_role_alias","aws_iot_thing","aws_iot_thing_group","aws_iot_thing_group_membership","aws_iot_thing_principal_attachment","aws_iot_thing_type","aws_iot_topic_rule","aws_ivs_channel","aws_ivs_recording_configuration","aws_kendra_data_source","aws_kendra_experience","aws_kendra_index","aws_kendra_query_suggestions_block_list","aws_kendra_thesaurus","aws_key_pair","aws_keyspaces_keyspace","aws_keyspaces_table","aws_kinesis_analytics_application","aws_kinesis_firehose_delivery_stream","aws_kinesis_stream","aws_kinesis_stream_consumer","aws_kinesis_video_stream","aws_kinesisanalyticsv2_application","aws_kinesisanalyticsv2_application_snapshot","aws_kms_alias","aws_kms_ciphertext","aws_kms_external_key","aws_kms_grant","aws_kms_key","aws_kms_replica_external_key","aws_kms_replica_key","aws_lakeformation_data_lake_settings","aws_lakeformation_permissions","aws_lakeformation_resource","aws_lambda_alias","aws_lambda_code_signing_config","aws_lambda_event_source_mapping","aws_lambda_function","aws_lambda_function_event_invoke_config","aws_lambda_function_url","aws_lambda_invocation","aws_lambda_layer_version","aws_lambda_layer_version_permission","aws_lambda_permission","aws_lambda_provisioned_concurrency_config","aws_launch_configuration","aws_launch_template","aws_lb","aws_lb_cookie_stickiness_policy","aws_lb_listener","aws_lb_listener_rule","aws_lb_ssl_negotiation_policy","aws_lb_target_group","aws_lb_target_group_attachment","aws_lex_bot","aws_lex_bot_alias","aws_lex_intent","aws_lex_slot_type","aws_licensemanager_association","aws_licensemanager_license_configuration","aws_lightsail_bucket","aws_lightsail_certificate","aws_lightsail_container_service","aws_lightsail_disk","aws_lightsail_disk_attachment","aws_lightsail_domain","aws_lightsail_domain_entry","aws_lightsail_instance","aws_lightsail_instance_public_ports","aws_lightsail_key_pair","aws_lightsail_lb","aws_lightsail_lb_attachment","aws_lightsail_lb_certificate","aws_lightsail_lb_stickiness_policy","aws_lightsail_static_ip","aws_lightsail_static_ip_attachment","aws_load_balancer_backend_server_policy","aws_load_balancer_listener_policy","aws_load_balancer_policy","aws_location_geofence_collection","aws_location_place_index","aws_location_route_calculator","aws_location_tracker","aws_location_tracker_association","aws_macie2_account","aws_macie2_classification_job","aws_macie2_custom_data_identifier","aws_macie2_findings_filter","aws_macie2_invitation_accepter","aws_macie2_member","aws_main_route_table_association","aws_media_convert_queue","aws_media_package_channel","aws_media_store_container","aws_media_store_container_policy","aws_medialive_channel","aws_medialive_input","aws_medialive_input_security_group","aws_medialive_multiplex","aws_memorydb_acl","aws_memorydb_cluster","aws_memorydb_parameter_group","aws_memorydb_snapshot","aws_memorydb_subnet_group","aws_mq_broker","aws_mq_configuration","aws_msk_cluster","aws_msk_configuration","aws_nat_gateway","aws_neptune_cluster","aws_neptune_cluster_endpoint","aws_neptune_cluster_instance","aws_neptune_cluster_parameter_group","aws_neptune_cluster_snapshot","aws_neptune_event_subscription","aws_neptune_global_cluster","aws_neptune_parameter_group","aws_neptune_subnet_group","aws_network_acl","aws_network_acl_rule","aws_network_interface","aws_network_interface_attachment","aws_network_interface_sg_attachment","aws_networkfirewall_firewall","aws_networkfirewall_firewall_policy","aws_networkfirewall_rule_group","aws_networkmanager_attachment_accepter","aws_networkmanager_connect_attachment","aws_networkmanager_connection","aws_networkmanager_core_network","aws_networkmanager_customer_gateway_association","aws_networkmanager_device","aws_networkmanager_global_network","aws_networkmanager_link","aws_networkmanager_link_association","aws_networkmanager_site","aws_networkmanager_transit_gateway_connect_peer_association","aws_networkmanager_transit_gateway_registration","aws_networkmanager_vpc_attachment","aws_opensearch_domain","aws_opensearch_domain_policy","aws_opensearch_domain_saml_options","aws_opsworks_application","aws_opsworks_custom_layer","aws_opsworks_ecs_cluster_layer","aws_opsworks_ganglia_layer","aws_opsworks_haproxy_layer","aws_opsworks_instance","aws_opsworks_java_app_layer","aws_opsworks_memcached_layer","aws_opsworks_mysql_layer","aws_opsworks_nodejs_app_layer","aws_opsworks_permission","aws_opsworks_php_app_layer","aws_opsworks_rails_app_layer","aws_opsworks_rds_db_instance","aws_opsworks_stack","aws_opsworks_static_web_layer","aws_opsworks_user_profile","aws_organizations_account","aws_organizations_delegated_administrator","aws_organizations_organization","aws_organizations_organizational_unit","aws_organizations_policy","aws_organizations_policy_attachment","aws_pinpoint_app","aws_pinpoint_sms_channel","aws_placement_group","aws_prometheus_alert_manager_definition","aws_prometheus_rule_group_namespace","aws_prometheus_workspace","aws_proxy_protocol_policy","aws_qldb_ledger","aws_qldb_stream","aws_quicksight_group","aws_quicksight_user","aws_ram_resource_share","aws_rds_cluster","aws_rds_cluster_activity_stream","aws_rds_cluster_endpoint","aws_rds_cluster_instance","aws_rds_cluster_parameter_group","aws_rds_cluster_role_association","aws_rds_global_cluster","aws_redshift_authentication_profile","aws_redshift_cluster","aws_redshift_event_subscription","aws_redshift_hsm_client_certificate","aws_redshift_hsm_configuration","aws_redshift_parameter_group","aws_redshift_scheduled_action","aws_redshift_snapshot_copy_grant","aws_redshift_snapshot_schedule","aws_redshift_snapshot_schedule_association","aws_redshift_subnet_group","aws_redshift_usage_limit","aws_resourcegroups_group","aws_rolesanywhere_profile","aws_route","aws_route53_delegation_set","aws_route53_health_check","aws_route53_hosted_zone_dnssec","aws_route53_record","aws_route53_resolver_config","aws_route53_resolver_endpoint","aws_route53_resolver_rule","aws_route53_resolver_rule_association","aws_route53_traffic_policy","aws_route53_traffic_policy_instance","aws_route53_vpc_association_authorization","aws_route53_zone","aws_route53recoverycontrolconfig_cluster","aws_route53recoverycontrolconfig_control_panel","aws_route53recoverycontrolconfig_routing_control","aws_route53recoverycontrolconfig_safety_rule","aws_route53recoveryreadiness_cell","aws_route53recoveryreadiness_readiness_check","aws_route53recoveryreadiness_recovery_group","aws_route53recoveryreadiness_resource_set","aws_route_table","aws_route_table_association","aws_rum_app_monitor","aws_rum_metrics_destination","aws_s3_access_point","aws_s3_account_public_access_block","aws_s3_bucket","aws_s3_bucket_accelerate_configuration","aws_s3_bucket_acl","aws_s3_bucket_analytics_configuration","aws_s3_bucket_cors_configuration","aws_s3_bucket_intelligent_tiering_configuration","aws_s3_bucket_inventory","aws_s3_bucket_lifecycle_configuration","aws_s3_bucket_logging","aws_s3_bucket_metric","aws_s3_bucket_notification","aws_s3_bucket_object","aws_s3_bucket_object_lock_configuration","aws_s3_bucket_ownership_controls","aws_s3_bucket_policy","aws_s3_bucket_public_access_block","aws_s3_bucket_replication_configuration","aws_s3_bucket_request_payment_configuration","aws_s3_bucket_server_side_encryption_configuration","aws_s3_bucket_versioning","aws_s3_bucket_website_configuration","aws_s3_object","aws_s3_object_copy","aws_s3control_access_point_policy","aws_s3control_multi_region_access_point","aws_s3control_multi_region_access_point_policy","aws_s3control_object_lambda_access_point","aws_s3control_object_lambda_access_point_policy","aws_s3control_storage_lens_configuration","aws_sagemaker_app","aws_sagemaker_app_image_config","aws_sagemaker_code_repository","aws_sagemaker_device","aws_sagemaker_device_fleet","aws_sagemaker_domain","aws_sagemaker_endpoint_configuration","aws_sagemaker_feature_group","aws_sagemaker_image","aws_sagemaker_image_version","aws_sagemaker_model","aws_sagemaker_model_package_group","aws_sagemaker_model_package_group_policy","aws_sagemaker_notebook_instance","aws_sagemaker_notebook_instance_lifecycle_configuration","aws_sagemaker_servicecatalog_portfolio_status","aws_sagemaker_space","aws_sagemaker_studio_lifecycle_config","aws_sagemaker_user_profile","aws_sagemaker_workforce","aws_sagemaker_workteam","aws_scheduler_schedule","aws_scheduler_schedule_group","aws_schemas_discoverer","aws_schemas_registry","aws_schemas_schema","aws_secretsmanager_secret","aws_secretsmanager_secret_policy","aws_secretsmanager_secret_rotation","aws_secretsmanager_secret_version","aws_security_group","aws_security_group_rule","aws_securityhub_account","aws_securityhub_action_target","aws_securityhub_finding_aggregator","aws_securityhub_insight","aws_securityhub_invite_accepter","aws_securityhub_member","aws_securityhub_product_subscription","aws_securityhub_standards_subscription","aws_serverlessapplicationrepository_cloudformation_stack","aws_service_discovery_http_namespace","aws_service_discovery_private_dns_namespace","aws_service_discovery_public_dns_namespace","aws_service_discovery_service","aws_servicecatalog_budget_resource_association","aws_servicecatalog_constraint","aws_servicecatalog_portfolio","aws_servicecatalog_portfolio_share","aws_servicecatalog_principal_portfolio_association","aws_servicecatalog_product","aws_servicecatalog_product_portfolio_association","aws_servicecatalog_provisioning_artifact","aws_servicecatalog_service_action","aws_servicecatalog_tag_option","aws_servicecatalog_tag_option_resource_association","aws_servicequotas_service_quota","aws_ses_active_receipt_rule_set","aws_ses_configuration_set","aws_ses_domain_dkim","aws_ses_domain_identity","aws_ses_domain_mail_from","aws_ses_email_identity","aws_ses_event_destination","aws_ses_identity_notification_topic","aws_ses_identity_policy","aws_ses_receipt_filter","aws_ses_receipt_rule","aws_ses_receipt_rule_set","aws_ses_template","aws_sesv2_configuration_set","aws_sesv2_configuration_set_event_destination","aws_sesv2_dedicated_ip_pool","aws_sesv2_email_identity","aws_sesv2_email_identity_feedback_attributes","aws_sesv2_email_identity_mail_from_attributes","aws_sfn_activity","aws_sfn_state_machine","aws_signer_signing_job","aws_signer_signing_profile","aws_signer_signing_profile_permission","aws_simpledb_domain","aws_snapshot_create_volume_permission","aws_sns_platform_application","aws_sns_sms_preferences","aws_sns_topic","aws_sns_topic_policy","aws_sns_topic_subscription","aws_spot_datafeed_subscription","aws_spot_fleet_request","aws_spot_instance_request","aws_sqs_queue","aws_sqs_queue_policy","aws_sqs_queue_redrive_allow_policy","aws_sqs_queue_redrive_policy","aws_ssm_activation","aws_ssm_association","aws_ssm_default_patch_baseline","aws_ssm_document","aws_ssm_maintenance_window","aws_ssm_maintenance_window_target","aws_ssm_maintenance_window_task","aws_ssm_parameter","aws_ssm_patch_baseline","aws_ssm_patch_group","aws_ssm_resource_data_sync","aws_ssm_service_setting","aws_ssoadmin_account_assignment","aws_ssoadmin_managed_policy_attachment","aws_ssoadmin_permission_set","aws_ssoadmin_permission_set_inline_policy","aws_subnet","aws_swf_domain","aws_timestreamwrite_database","aws_timestreamwrite_table","aws_transcribe_language_model","aws_transcribe_vocabulary","aws_transcribe_vocabulary_filter","aws_transfer_server","aws_transfer_ssh_key","aws_transfer_tag","aws_transfer_user","aws_transfer_workflow","aws_volume_attachment","aws_vpc","aws_vpc_dhcp_options","aws_vpc_dhcp_options_association","aws_vpc_endpoint","aws_vpc_endpoint_connection_notification","aws_vpc_endpoint_route_table_association","aws_vpc_endpoint_security_group_association","aws_vpc_endpoint_service","aws_vpc_endpoint_service_allowed_principal","aws_vpc_endpoint_subnet_association","aws_vpc_ipam","aws_vpc_ipam_pool","aws_vpc_ipam_pool_cidr","aws_vpc_ipam_pool_cidr_allocation","aws_vpc_ipam_scope","aws_vpc_ipv4_cidr_block_association","aws_vpc_network_performance_metric_subscription","aws_vpc_peering_connection","aws_vpc_peering_connection_accepter","aws_vpc_peering_connection_options","aws_vpn_connection","aws_vpn_connection_route","aws_vpn_gateway","aws_vpn_gateway_attachment","aws_vpn_gateway_route_propagation","aws_waf_byte_match_set","aws_waf_geo_match_set","aws_waf_ipset","aws_waf_rate_based_rule","aws_waf_regex_match_set","aws_waf_regex_pattern_set","aws_waf_rule","aws_waf_size_constraint_set","aws_waf_sql_injection_match_set","aws_waf_web_acl","aws_waf_xss_match_set","aws_wafregional_byte_match_set","aws_wafregional_geo_match_set","aws_wafregional_ipset","aws_wafregional_rate_based_rule","aws_wafregional_regex_match_set","aws_wafregional_regex_pattern_set","aws_wafregional_rule","aws_wafregional_size_constraint_set","aws_wafregional_sql_injection_match_set","aws_wafregional_web_acl","aws_wafregional_xss_match_set","aws_wafv2_ip_set","aws_wafv2_regex_pattern_set","aws_workspaces_directory","aws_workspaces_ip_group","aws_xray_encryption_config","aws_xray_group","aws_xray_sampling_rule"] \ No newline at end of file +["aws_accessanalyzer_analyzer","aws_accessanalyzer_archive_rule","aws_account_alternate_contact","aws_acm_certificate","aws_acm_certificate_validation","aws_acmpca_certificate","aws_acmpca_certificate_authority","aws_acmpca_certificate_authority_certificate","aws_acmpca_permission","aws_acmpca_policy","aws_ami","aws_ami_copy","aws_ami_launch_permission","aws_amplify_app","aws_amplify_backend_environment","aws_amplify_branch","aws_amplify_webhook","aws_api_gateway_account","aws_api_gateway_api_key","aws_api_gateway_authorizer","aws_api_gateway_base_path_mapping","aws_api_gateway_client_certificate","aws_api_gateway_deployment","aws_api_gateway_documentation_part","aws_api_gateway_documentation_version","aws_api_gateway_domain_name","aws_api_gateway_gateway_response","aws_api_gateway_integration","aws_api_gateway_integration_response","aws_api_gateway_method","aws_api_gateway_method_response","aws_api_gateway_method_settings","aws_api_gateway_model","aws_api_gateway_request_validator","aws_api_gateway_resource","aws_api_gateway_rest_api","aws_api_gateway_rest_api_policy","aws_api_gateway_stage","aws_api_gateway_usage_plan","aws_api_gateway_usage_plan_key","aws_api_gateway_vpc_link","aws_apigatewayv2_api","aws_apigatewayv2_api_mapping","aws_apigatewayv2_authorizer","aws_apigatewayv2_deployment","aws_apigatewayv2_domain_name","aws_apigatewayv2_integration","aws_apigatewayv2_integration_response","aws_apigatewayv2_model","aws_apigatewayv2_route","aws_apigatewayv2_route_response","aws_apigatewayv2_stage","aws_apigatewayv2_vpc_link","aws_app_cookie_stickiness_policy","aws_appautoscaling_policy","aws_appautoscaling_scheduled_action","aws_appautoscaling_target","aws_appconfig_application","aws_appconfig_configuration_profile","aws_appconfig_deployment","aws_appconfig_deployment_strategy","aws_appconfig_environment","aws_appconfig_extension","aws_appconfig_extension_association","aws_appconfig_hosted_configuration_version","aws_appflow_flow","aws_appintegrations_event_integration","aws_applicationinsights_application","aws_appmesh_gateway_route","aws_appmesh_mesh","aws_appmesh_route","aws_appmesh_virtual_gateway","aws_appmesh_virtual_node","aws_appmesh_virtual_router","aws_appmesh_virtual_service","aws_apprunner_auto_scaling_configuration_version","aws_apprunner_connection","aws_apprunner_observability_configuration","aws_apprunner_service","aws_apprunner_vpc_connector","aws_appstream_directory_config","aws_appstream_fleet","aws_appstream_fleet_stack_association","aws_appstream_image_builder","aws_appstream_stack","aws_appstream_user","aws_appstream_user_stack_association","aws_appsync_api_cache","aws_appsync_api_key","aws_appsync_datasource","aws_appsync_function","aws_appsync_graphql_api","aws_appsync_resolver","aws_athena_data_catalog","aws_athena_database","aws_athena_named_query","aws_athena_workgroup","aws_autoscaling_attachment","aws_autoscaling_group","aws_autoscaling_group_tag","aws_autoscaling_lifecycle_hook","aws_autoscaling_notification","aws_autoscaling_policy","aws_autoscaling_schedule","aws_autoscalingplans_scaling_plan","aws_backup_framework","aws_backup_global_settings","aws_backup_plan","aws_backup_region_settings","aws_backup_report_plan","aws_backup_selection","aws_backup_vault","aws_backup_vault_lock_configuration","aws_backup_vault_notifications","aws_backup_vault_policy","aws_batch_scheduling_policy","aws_budgets_budget","aws_budgets_budget_action","aws_ce_anomaly_monitor","aws_chime_voice_connector","aws_chime_voice_connector_group","aws_chime_voice_connector_logging","aws_chime_voice_connector_origination","aws_chime_voice_connector_streaming","aws_chime_voice_connector_termination","aws_chime_voice_connector_termination_credentials","aws_cloud9_environment_ec2","aws_cloud9_environment_membership","aws_cloudcontrolapi_resource","aws_cloudformation_stack","aws_cloudformation_stack_set","aws_cloudfront_cache_policy","aws_cloudfront_distribution","aws_cloudfront_field_level_encryption_config","aws_cloudfront_field_level_encryption_profile","aws_cloudfront_function","aws_cloudfront_key_group","aws_cloudfront_monitoring_subscription","aws_cloudfront_origin_access_control","aws_cloudfront_origin_access_identity","aws_cloudfront_origin_request_policy","aws_cloudfront_public_key","aws_cloudfront_realtime_log_config","aws_cloudfront_response_headers_policy","aws_cloudsearch_domain","aws_cloudsearch_domain_service_access_policy","aws_cloudtrail","aws_cloudtrail_event_data_store","aws_cloudwatch_composite_alarm","aws_cloudwatch_dashboard","aws_cloudwatch_event_api_destination","aws_cloudwatch_event_archive","aws_cloudwatch_event_bus","aws_cloudwatch_event_bus_policy","aws_cloudwatch_event_connection","aws_cloudwatch_event_permission","aws_cloudwatch_event_rule","aws_cloudwatch_event_target","aws_cloudwatch_log_destination","aws_cloudwatch_log_destination_policy","aws_cloudwatch_log_group","aws_cloudwatch_log_metric_filter","aws_cloudwatch_log_resource_policy","aws_cloudwatch_log_stream","aws_cloudwatch_log_subscription_filter","aws_cloudwatch_metric_alarm","aws_cloudwatch_metric_stream","aws_cloudwatch_query_definition","aws_codecommit_approval_rule_template","aws_codecommit_approval_rule_template_association","aws_codecommit_repository","aws_codecommit_trigger","aws_codedeploy_app","aws_codedeploy_deployment_config","aws_codedeploy_deployment_group","aws_codepipeline","aws_codepipeline_custom_action_type","aws_codepipeline_webhook","aws_codestarconnections_connection","aws_codestarconnections_host","aws_codestarnotifications_notification_rule","aws_cognito_identity_pool","aws_cognito_identity_pool_provider_principal_tag","aws_cognito_identity_pool_roles_attachment","aws_cognito_identity_provider","aws_cognito_resource_server","aws_cognito_risk_configuration","aws_cognito_user","aws_cognito_user_group","aws_cognito_user_in_group","aws_cognito_user_pool","aws_cognito_user_pool_client","aws_cognito_user_pool_domain","aws_cognito_user_pool_ui_customization","aws_config_config_rule","aws_config_configuration_aggregator","aws_config_configuration_recorder","aws_config_configuration_recorder_status","aws_config_conformance_pack","aws_config_delivery_channel","aws_config_remediation_configuration","aws_connect_bot_association","aws_connect_contact_flow","aws_connect_contact_flow_module","aws_connect_hours_of_operation","aws_connect_instance","aws_connect_instance_storage_config","aws_connect_lambda_function_association","aws_connect_phone_number","aws_connect_queue","aws_connect_quick_connect","aws_connect_routing_profile","aws_connect_security_profile","aws_connect_user","aws_connect_user_hierarchy_structure","aws_connect_vocabulary","aws_cur_report_definition","aws_customer_gateway","aws_dataexchange_data_set","aws_dataexchange_revision","aws_datapipeline_pipeline","aws_dax_cluster","aws_dax_parameter_group","aws_dax_subnet_group","aws_db_cluster_snapshot","aws_db_event_subscription","aws_db_instance","aws_db_instance_automated_backups_replication","aws_db_instance_role_association","aws_db_option_group","aws_db_parameter_group","aws_db_proxy","aws_db_proxy_default_target_group","aws_db_proxy_endpoint","aws_db_proxy_target","aws_db_security_group","aws_db_snapshot","aws_db_snapshot_copy","aws_db_subnet_group","aws_default_network_acl","aws_default_route_table","aws_default_security_group","aws_default_subnet","aws_default_vpc","aws_default_vpc_dhcp_options","aws_detective_graph","aws_detective_invitation_accepter","aws_detective_member","aws_devicefarm_device_pool","aws_devicefarm_instance_profile","aws_devicefarm_network_profile","aws_devicefarm_project","aws_devicefarm_test_grid_project","aws_devicefarm_upload","aws_directory_service_conditional_forwarder","aws_directory_service_directory","aws_dlm_lifecycle_policy","aws_dms_certificate","aws_dms_endpoint","aws_dms_event_subscription","aws_dms_replication_instance","aws_dms_replication_subnet_group","aws_dms_replication_task","aws_docdb_cluster","aws_docdb_cluster_instance","aws_docdb_cluster_parameter_group","aws_docdb_cluster_snapshot","aws_docdb_event_subscription","aws_docdb_global_cluster","aws_docdb_subnet_group","aws_dx_bgp_peer","aws_dx_connection","aws_dx_connection_association","aws_dx_gateway","aws_dx_gateway_association","aws_dx_gateway_association_proposal","aws_dx_hosted_private_virtual_interface","aws_dx_hosted_private_virtual_interface_accepter","aws_dx_hosted_public_virtual_interface","aws_dx_hosted_public_virtual_interface_accepter","aws_dx_hosted_transit_virtual_interface","aws_dx_hosted_transit_virtual_interface_accepter","aws_dx_lag","aws_dx_private_virtual_interface","aws_dx_public_virtual_interface","aws_dx_transit_virtual_interface","aws_dynamodb_contributor_insights","aws_dynamodb_global_table","aws_dynamodb_kinesis_streaming_destination","aws_dynamodb_table","aws_dynamodb_table_item","aws_dynamodb_tag","aws_ebs_default_kms_key","aws_ebs_encryption_by_default","aws_ebs_snapshot","aws_ebs_snapshot_copy","aws_ebs_snapshot_import","aws_ebs_volume","aws_ec2_availability_zone_group","aws_ec2_capacity_reservation","aws_ec2_carrier_gateway","aws_ec2_host","aws_ec2_instance_state","aws_ec2_managed_prefix_list","aws_ec2_managed_prefix_list_entry","aws_ec2_network_insights_analysis","aws_ec2_network_insights_path","aws_ec2_serial_console_access","aws_ec2_subnet_cidr_reservation","aws_ec2_traffic_mirror_filter","aws_ec2_traffic_mirror_filter_rule","aws_ec2_transit_gateway","aws_ec2_transit_gateway_connect","aws_ec2_transit_gateway_connect_peer","aws_ec2_transit_gateway_multicast_domain","aws_ec2_transit_gateway_multicast_domain_association","aws_ec2_transit_gateway_multicast_group_member","aws_ec2_transit_gateway_multicast_group_source","aws_ec2_transit_gateway_peering_attachment","aws_ec2_transit_gateway_peering_attachment_accepter","aws_ec2_transit_gateway_policy_table","aws_ec2_transit_gateway_prefix_list_reference","aws_ec2_transit_gateway_route","aws_ec2_transit_gateway_route_table","aws_ec2_transit_gateway_route_table_association","aws_ec2_transit_gateway_route_table_propagation","aws_ec2_transit_gateway_vpc_attachment","aws_ec2_transit_gateway_vpc_attachment_accepter","aws_ecr_lifecycle_policy","aws_ecr_pull_through_cache_rule","aws_ecr_registry_policy","aws_ecr_registry_scanning_configuration","aws_ecr_replication_configuration","aws_ecr_repository","aws_ecr_repository_policy","aws_ecrpublic_repository","aws_ecrpublic_repository_policy","aws_ecs_account_setting_default","aws_ecs_capacity_provider","aws_ecs_cluster","aws_ecs_cluster_capacity_providers","aws_ecs_service","aws_ecs_task_definition","aws_efs_access_point","aws_efs_backup_policy","aws_efs_file_system","aws_efs_file_system_policy","aws_efs_mount_target","aws_egress_only_internet_gateway","aws_eip","aws_eip_association","aws_eks_addon","aws_eks_cluster","aws_eks_fargate_profile","aws_eks_identity_provider_config","aws_eks_node_group","aws_elastic_beanstalk_application","aws_elastic_beanstalk_application_version","aws_elastic_beanstalk_configuration_template","aws_elasticache_cluster","aws_elasticache_parameter_group","aws_elasticache_replication_group","aws_elasticache_subnet_group","aws_elasticache_user","aws_elasticache_user_group","aws_elasticsearch_domain","aws_elasticsearch_domain_policy","aws_elasticsearch_domain_saml_options","aws_elastictranscoder_pipeline","aws_elastictranscoder_preset","aws_elb","aws_elb_attachment","aws_emr_security_configuration","aws_evidently_feature","aws_evidently_project","aws_evidently_segment","aws_fis_experiment_template","aws_flow_log","aws_fsx_backup","aws_fsx_data_repository_association","aws_fsx_lustre_file_system","aws_fsx_ontap_file_system","aws_fsx_ontap_storage_virtual_machine","aws_fsx_windows_file_system","aws_gamelift_alias","aws_gamelift_build","aws_gamelift_fleet","aws_gamelift_game_session_queue","aws_gamelift_script","aws_glacier_vault","aws_glacier_vault_lock","aws_globalaccelerator_accelerator","aws_globalaccelerator_endpoint_group","aws_globalaccelerator_listener","aws_glue_catalog_database","aws_glue_catalog_table","aws_glue_classifier","aws_glue_connection","aws_glue_crawler","aws_glue_data_catalog_encryption_settings","aws_glue_job","aws_glue_registry","aws_glue_resource_policy","aws_glue_schema","aws_glue_security_configuration","aws_glue_trigger","aws_glue_user_defined_function","aws_glue_workflow","aws_grafana_license_association","aws_grafana_role_association","aws_grafana_workspace","aws_grafana_workspace_api_key","aws_grafana_workspace_saml_configuration","aws_guardduty_detector","aws_guardduty_filter","aws_guardduty_member","aws_iam_access_key","aws_iam_account_alias","aws_iam_account_password_policy","aws_iam_group","aws_iam_group_membership","aws_iam_group_policy_attachment","aws_iam_instance_profile","aws_iam_openid_connect_provider","aws_iam_policy","aws_iam_role","aws_iam_role_policy_attachment","aws_iam_saml_provider","aws_iam_server_certificate","aws_iam_service_linked_role","aws_iam_service_specific_credential","aws_iam_signing_certificate","aws_iam_user","aws_iam_user_group_membership","aws_iam_user_login_profile","aws_iam_user_policy_attachment","aws_iam_user_ssh_key","aws_iam_virtual_mfa_device","aws_imagebuilder_component","aws_imagebuilder_container_recipe","aws_imagebuilder_distribution_configuration","aws_imagebuilder_image","aws_imagebuilder_image_pipeline","aws_imagebuilder_image_recipe","aws_imagebuilder_infrastructure_configuration","aws_inspector2_enabler","aws_inspector_assessment_target","aws_inspector_assessment_template","aws_inspector_resource_group","aws_instance","aws_internet_gateway","aws_iot_certificate","aws_iot_indexing_configuration","aws_iot_logging_options","aws_iot_policy","aws_iot_policy_attachment","aws_iot_provisioning_template","aws_iot_role_alias","aws_iot_thing","aws_iot_thing_group","aws_iot_thing_group_membership","aws_iot_thing_principal_attachment","aws_iot_thing_type","aws_iot_topic_rule","aws_ivs_channel","aws_ivs_recording_configuration","aws_kendra_data_source","aws_kendra_experience","aws_kendra_index","aws_kendra_query_suggestions_block_list","aws_kendra_thesaurus","aws_key_pair","aws_keyspaces_keyspace","aws_keyspaces_table","aws_kinesis_analytics_application","aws_kinesis_firehose_delivery_stream","aws_kinesis_stream","aws_kinesis_stream_consumer","aws_kinesis_video_stream","aws_kinesisanalyticsv2_application","aws_kinesisanalyticsv2_application_snapshot","aws_kms_alias","aws_kms_ciphertext","aws_kms_external_key","aws_kms_grant","aws_kms_key","aws_kms_replica_external_key","aws_kms_replica_key","aws_lakeformation_data_lake_settings","aws_lakeformation_permissions","aws_lakeformation_resource","aws_lambda_alias","aws_lambda_code_signing_config","aws_lambda_event_source_mapping","aws_lambda_function","aws_lambda_function_event_invoke_config","aws_lambda_function_url","aws_lambda_invocation","aws_lambda_layer_version","aws_lambda_layer_version_permission","aws_lambda_permission","aws_lambda_provisioned_concurrency_config","aws_launch_configuration","aws_launch_template","aws_lb","aws_lb_cookie_stickiness_policy","aws_lb_listener","aws_lb_listener_rule","aws_lb_ssl_negotiation_policy","aws_lb_target_group","aws_lb_target_group_attachment","aws_lex_bot","aws_lex_bot_alias","aws_lex_intent","aws_lex_slot_type","aws_licensemanager_association","aws_licensemanager_license_configuration","aws_lightsail_bucket","aws_lightsail_certificate","aws_lightsail_container_service","aws_lightsail_disk","aws_lightsail_disk_attachment","aws_lightsail_domain","aws_lightsail_domain_entry","aws_lightsail_instance","aws_lightsail_instance_public_ports","aws_lightsail_key_pair","aws_lightsail_lb","aws_lightsail_lb_attachment","aws_lightsail_lb_certificate","aws_lightsail_lb_stickiness_policy","aws_lightsail_static_ip","aws_lightsail_static_ip_attachment","aws_load_balancer_backend_server_policy","aws_load_balancer_listener_policy","aws_load_balancer_policy","aws_location_geofence_collection","aws_location_place_index","aws_location_route_calculator","aws_location_tracker","aws_location_tracker_association","aws_macie2_account","aws_macie2_classification_job","aws_macie2_custom_data_identifier","aws_macie2_findings_filter","aws_macie2_invitation_accepter","aws_macie2_member","aws_main_route_table_association","aws_media_convert_queue","aws_media_package_channel","aws_media_store_container","aws_media_store_container_policy","aws_medialive_channel","aws_medialive_input","aws_medialive_input_security_group","aws_medialive_multiplex","aws_memorydb_acl","aws_memorydb_cluster","aws_memorydb_parameter_group","aws_memorydb_snapshot","aws_memorydb_subnet_group","aws_mq_broker","aws_mq_configuration","aws_msk_cluster","aws_msk_configuration","aws_nat_gateway","aws_neptune_cluster","aws_neptune_cluster_endpoint","aws_neptune_cluster_instance","aws_neptune_cluster_parameter_group","aws_neptune_cluster_snapshot","aws_neptune_event_subscription","aws_neptune_global_cluster","aws_neptune_parameter_group","aws_neptune_subnet_group","aws_network_acl","aws_network_acl_rule","aws_network_interface","aws_network_interface_attachment","aws_network_interface_sg_attachment","aws_networkfirewall_firewall","aws_networkfirewall_firewall_policy","aws_networkfirewall_rule_group","aws_networkmanager_attachment_accepter","aws_networkmanager_connect_attachment","aws_networkmanager_connection","aws_networkmanager_core_network","aws_networkmanager_customer_gateway_association","aws_networkmanager_device","aws_networkmanager_global_network","aws_networkmanager_link","aws_networkmanager_link_association","aws_networkmanager_site","aws_networkmanager_transit_gateway_connect_peer_association","aws_networkmanager_transit_gateway_registration","aws_networkmanager_vpc_attachment","aws_opensearch_domain","aws_opensearch_domain_policy","aws_opensearch_domain_saml_options","aws_opsworks_application","aws_opsworks_custom_layer","aws_opsworks_ecs_cluster_layer","aws_opsworks_ganglia_layer","aws_opsworks_haproxy_layer","aws_opsworks_instance","aws_opsworks_java_app_layer","aws_opsworks_memcached_layer","aws_opsworks_mysql_layer","aws_opsworks_nodejs_app_layer","aws_opsworks_permission","aws_opsworks_php_app_layer","aws_opsworks_rails_app_layer","aws_opsworks_rds_db_instance","aws_opsworks_stack","aws_opsworks_static_web_layer","aws_opsworks_user_profile","aws_organizations_account","aws_organizations_delegated_administrator","aws_organizations_organization","aws_organizations_organizational_unit","aws_organizations_policy","aws_organizations_policy_attachment","aws_pinpoint_app","aws_pinpoint_sms_channel","aws_placement_group","aws_prometheus_alert_manager_definition","aws_prometheus_rule_group_namespace","aws_prometheus_workspace","aws_proxy_protocol_policy","aws_qldb_ledger","aws_qldb_stream","aws_quicksight_group","aws_quicksight_user","aws_ram_resource_share","aws_rds_cluster","aws_rds_cluster_activity_stream","aws_rds_cluster_endpoint","aws_rds_cluster_instance","aws_rds_cluster_parameter_group","aws_rds_cluster_role_association","aws_rds_global_cluster","aws_redshift_authentication_profile","aws_redshift_cluster","aws_redshift_event_subscription","aws_redshift_hsm_client_certificate","aws_redshift_hsm_configuration","aws_redshift_parameter_group","aws_redshift_scheduled_action","aws_redshift_snapshot_copy_grant","aws_redshift_snapshot_schedule","aws_redshift_snapshot_schedule_association","aws_redshift_subnet_group","aws_redshift_usage_limit","aws_resourcegroups_group","aws_rolesanywhere_profile","aws_route","aws_route53_delegation_set","aws_route53_health_check","aws_route53_hosted_zone_dnssec","aws_route53_record","aws_route53_resolver_config","aws_route53_resolver_endpoint","aws_route53_resolver_rule","aws_route53_resolver_rule_association","aws_route53_traffic_policy","aws_route53_traffic_policy_instance","aws_route53_vpc_association_authorization","aws_route53_zone","aws_route53recoverycontrolconfig_cluster","aws_route53recoverycontrolconfig_control_panel","aws_route53recoverycontrolconfig_routing_control","aws_route53recoverycontrolconfig_safety_rule","aws_route53recoveryreadiness_cell","aws_route53recoveryreadiness_readiness_check","aws_route53recoveryreadiness_recovery_group","aws_route53recoveryreadiness_resource_set","aws_route_table","aws_route_table_association","aws_rum_app_monitor","aws_rum_metrics_destination","aws_s3_access_point","aws_s3_account_public_access_block","aws_s3_bucket","aws_s3_bucket_accelerate_configuration","aws_s3_bucket_acl","aws_s3_bucket_analytics_configuration","aws_s3_bucket_cors_configuration","aws_s3_bucket_intelligent_tiering_configuration","aws_s3_bucket_inventory","aws_s3_bucket_lifecycle_configuration","aws_s3_bucket_logging","aws_s3_bucket_metric","aws_s3_bucket_notification","aws_s3_bucket_object","aws_s3_bucket_object_lock_configuration","aws_s3_bucket_ownership_controls","aws_s3_bucket_policy","aws_s3_bucket_public_access_block","aws_s3_bucket_replication_configuration","aws_s3_bucket_request_payment_configuration","aws_s3_bucket_server_side_encryption_configuration","aws_s3_bucket_versioning","aws_s3_bucket_website_configuration","aws_s3_object","aws_s3_object_copy","aws_s3control_access_point_policy","aws_s3control_multi_region_access_point","aws_s3control_multi_region_access_point_policy","aws_s3control_object_lambda_access_point","aws_s3control_object_lambda_access_point_policy","aws_s3control_storage_lens_configuration","aws_sagemaker_app","aws_sagemaker_app_image_config","aws_sagemaker_code_repository","aws_sagemaker_device","aws_sagemaker_device_fleet","aws_sagemaker_domain","aws_sagemaker_endpoint_configuration","aws_sagemaker_feature_group","aws_sagemaker_image","aws_sagemaker_image_version","aws_sagemaker_model","aws_sagemaker_model_package_group","aws_sagemaker_model_package_group_policy","aws_sagemaker_notebook_instance","aws_sagemaker_notebook_instance_lifecycle_configuration","aws_sagemaker_servicecatalog_portfolio_status","aws_sagemaker_space","aws_sagemaker_studio_lifecycle_config","aws_sagemaker_user_profile","aws_sagemaker_workforce","aws_sagemaker_workteam","aws_scheduler_schedule","aws_scheduler_schedule_group","aws_schemas_discoverer","aws_schemas_registry","aws_schemas_schema","aws_secretsmanager_secret","aws_secretsmanager_secret_policy","aws_secretsmanager_secret_rotation","aws_secretsmanager_secret_version","aws_security_group","aws_security_group_rule","aws_securityhub_account","aws_securityhub_action_target","aws_securityhub_finding_aggregator","aws_securityhub_insight","aws_securityhub_invite_accepter","aws_securityhub_member","aws_securityhub_product_subscription","aws_securityhub_standards_subscription","aws_serverlessapplicationrepository_cloudformation_stack","aws_service_discovery_http_namespace","aws_service_discovery_private_dns_namespace","aws_service_discovery_public_dns_namespace","aws_service_discovery_service","aws_servicecatalog_budget_resource_association","aws_servicecatalog_constraint","aws_servicecatalog_portfolio","aws_servicecatalog_portfolio_share","aws_servicecatalog_principal_portfolio_association","aws_servicecatalog_product","aws_servicecatalog_product_portfolio_association","aws_servicecatalog_provisioning_artifact","aws_servicecatalog_service_action","aws_servicecatalog_tag_option","aws_servicecatalog_tag_option_resource_association","aws_servicequotas_service_quota","aws_ses_active_receipt_rule_set","aws_ses_configuration_set","aws_ses_domain_dkim","aws_ses_domain_identity","aws_ses_domain_mail_from","aws_ses_email_identity","aws_ses_event_destination","aws_ses_identity_notification_topic","aws_ses_identity_policy","aws_ses_receipt_filter","aws_ses_receipt_rule","aws_ses_receipt_rule_set","aws_ses_template","aws_sesv2_configuration_set","aws_sesv2_configuration_set_event_destination","aws_sesv2_dedicated_ip_pool","aws_sesv2_email_identity","aws_sesv2_email_identity_feedback_attributes","aws_sesv2_email_identity_mail_from_attributes","aws_sfn_activity","aws_sfn_state_machine","aws_signer_signing_job","aws_signer_signing_profile","aws_signer_signing_profile_permission","aws_simpledb_domain","aws_snapshot_create_volume_permission","aws_sns_platform_application","aws_sns_sms_preferences","aws_sns_topic","aws_sns_topic_policy","aws_sns_topic_subscription","aws_spot_datafeed_subscription","aws_spot_fleet_request","aws_spot_instance_request","aws_sqs_queue","aws_sqs_queue_policy","aws_sqs_queue_redrive_allow_policy","aws_sqs_queue_redrive_policy","aws_ssm_activation","aws_ssm_association","aws_ssm_default_patch_baseline","aws_ssm_document","aws_ssm_maintenance_window","aws_ssm_maintenance_window_target","aws_ssm_maintenance_window_task","aws_ssm_parameter","aws_ssm_patch_baseline","aws_ssm_patch_group","aws_ssm_resource_data_sync","aws_ssm_service_setting","aws_ssoadmin_account_assignment","aws_ssoadmin_managed_policy_attachment","aws_ssoadmin_permission_set","aws_ssoadmin_permission_set_inline_policy","aws_subnet","aws_swf_domain","aws_timestreamwrite_database","aws_timestreamwrite_table","aws_transcribe_language_model","aws_transcribe_vocabulary","aws_transcribe_vocabulary_filter","aws_transfer_server","aws_transfer_ssh_key","aws_transfer_tag","aws_transfer_user","aws_transfer_workflow","aws_volume_attachment","aws_vpc","aws_vpc_dhcp_options","aws_vpc_dhcp_options_association","aws_vpc_endpoint","aws_vpc_endpoint_connection_notification","aws_vpc_endpoint_route_table_association","aws_vpc_endpoint_security_group_association","aws_vpc_endpoint_service","aws_vpc_endpoint_service_allowed_principal","aws_vpc_endpoint_subnet_association","aws_vpc_ipam","aws_vpc_ipam_pool","aws_vpc_ipam_pool_cidr","aws_vpc_ipam_pool_cidr_allocation","aws_vpc_ipam_scope","aws_vpc_ipv4_cidr_block_association","aws_vpc_network_performance_metric_subscription","aws_vpc_peering_connection","aws_vpc_peering_connection_accepter","aws_vpc_peering_connection_options","aws_vpn_connection","aws_vpn_connection_route","aws_vpn_gateway","aws_vpn_gateway_attachment","aws_vpn_gateway_route_propagation","aws_waf_byte_match_set","aws_waf_geo_match_set","aws_waf_ipset","aws_waf_rate_based_rule","aws_waf_regex_match_set","aws_waf_regex_pattern_set","aws_waf_rule","aws_waf_size_constraint_set","aws_waf_sql_injection_match_set","aws_waf_web_acl","aws_waf_xss_match_set","aws_wafregional_byte_match_set","aws_wafregional_geo_match_set","aws_wafregional_ipset","aws_wafregional_rate_based_rule","aws_wafregional_regex_match_set","aws_wafregional_regex_pattern_set","aws_wafregional_rule","aws_wafregional_size_constraint_set","aws_wafregional_sql_injection_match_set","aws_wafregional_web_acl","aws_wafregional_xss_match_set","aws_wafv2_ip_set","aws_wafv2_regex_pattern_set","aws_workspaces_directory","aws_workspaces_ip_group","aws_xray_encryption_config","aws_xray_group","aws_xray_sampling_rule"] \ No newline at end of file diff --git a/examples-generated/elasticsearch/domainpolicy.yaml b/examples-generated/elasticsearch/domainpolicy.yaml new file mode 100644 index 0000000000..15bdd5266c --- /dev/null +++ b/examples-generated/elasticsearch/domainpolicy.yaml @@ -0,0 +1,47 @@ +apiVersion: elasticsearch.aws.upbound.io/v1beta1 +kind: DomainPolicy +metadata: + annotations: + meta.upbound.io/example-id: elasticsearch/v1beta1/domainpolicy + labels: + testing.upbound.io/example-name: main + name: main +spec: + forProvider: + accessPolicies: | + { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "es:*", + "Principal": "*", + "Effect": "Allow", + "Condition": { + "IpAddress": {"aws:SourceIp": "127.0.0.1/32"} + }, + "Resource": "${aws_elasticsearch_domain.example.arn}/*" + } + ] + } + domainNameSelector: + matchLabels: + testing.upbound.io/example-name: example + region: us-west-1 + +--- + +apiVersion: elasticsearch.aws.upbound.io/v1beta1 +kind: Domain +metadata: + annotations: + meta.upbound.io/example-id: elasticsearch/v1beta1/domainpolicy + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + elasticsearchVersion: "2.3" + region: us-west-1 + +--- + diff --git a/examples-generated/elasticsearch/domainsamloptions.yaml b/examples-generated/elasticsearch/domainsamloptions.yaml new file mode 100644 index 0000000000..84accfd061 --- /dev/null +++ b/examples-generated/elasticsearch/domainsamloptions.yaml @@ -0,0 +1,40 @@ +apiVersion: elasticsearch.aws.upbound.io/v1beta1 +kind: DomainSAMLOptions +metadata: + annotations: + meta.upbound.io/example-id: elasticsearch/v1beta1/domainsamloptions + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + region: us-west-1 + samlOptions: + - enabled: true + idp: + - entityId: https://example.com + metadataContent: ${file("./saml-metadata.xml")} + +--- + +apiVersion: elasticsearch.aws.upbound.io/v1beta1 +kind: Domain +metadata: + annotations: + meta.upbound.io/example-id: elasticsearch/v1beta1/domainsamloptions + labels: + testing.upbound.io/example-name: example + name: example +spec: + forProvider: + clusterConfig: + - instanceType: r4.large.elasticsearch + elasticsearchVersion: "1.5" + region: us-west-1 + snapshotOptions: + - automatedSnapshotStartHour: 23 + tags: + Domain: TestDomain + +--- + diff --git a/examples/elasticsearch/domainpolicy.yaml b/examples/elasticsearch/domainpolicy.yaml new file mode 100644 index 0000000000..dd59b84221 --- /dev/null +++ b/examples/elasticsearch/domainpolicy.yaml @@ -0,0 +1,50 @@ +apiVersion: elasticsearch.aws.upbound.io/v1beta1 +kind: DomainPolicy +metadata: + annotations: + meta.upbound.io/example-id: elasticsearch/v1beta1/domainpolicy + labels: + testing.upbound.io/example-name: main + name: main +spec: + forProvider: + accessPolicies: | + { + "Version": "2012-10-17", + "Statement": [ + { + "Action": "es:*", + "Principal": "*", + "Effect": "Allow", + "Condition": { + "IpAddress": {"aws:SourceIp": "127.0.0.1/32"} + }, + "Resource": "arn:aws:es:us-west-1:domain/example/*" + } + ] + } + domainNameSelector: + matchLabels: + testing.upbound.io/example-name: example + region: us-west-1 + +--- + +apiVersion: elasticsearch.aws.upbound.io/v1beta1 +kind: Domain +metadata: + annotations: + meta.upbound.io/example-id: elasticsearch/v1beta1/domainpolicy + uptest.upbound.io/timeout: "3600" + labels: + testing.upbound.io/example-name: example + name: example-domainpolicy +spec: + forProvider: + clusterConfig: + - instanceType: r4.large.elasticsearch + ebsOptions: + - ebsEnabled: true + volumeSize: 30 + elasticsearchVersion: "5.3" + region: us-west-1 diff --git a/examples/elasticsearch/domainsamloptions.yaml b/examples/elasticsearch/domainsamloptions.yaml new file mode 100644 index 0000000000..497ae73985 --- /dev/null +++ b/examples/elasticsearch/domainsamloptions.yaml @@ -0,0 +1,38 @@ +apiVersion: elasticsearch.aws.upbound.io/v1beta1 +kind: DomainSAMLOptions +metadata: + annotations: + meta.upbound.io/example-id: elasticsearch/v1beta1/domainsamloptions + upjet.upbound.io/manual-intervention: "This resource requires a valid saml metadata content." + labels: + testing.upbound.io/example-name: example + name: example-domainsamloptions +spec: + forProvider: + region: us-west-1 + samlOptions: + - enabled: true + idp: + - entityId: https://example.com + metadataContent: ${file("./saml-metadata.xml")} + +--- + +apiVersion: elasticsearch.aws.upbound.io/v1beta1 +kind: Domain +metadata: + annotations: + meta.upbound.io/example-id: elasticsearch/v1beta1/domainsamloptions + upjet.upbound.io/manual-intervention: "This resource is dependency of DomainSAMLOptions. This resource is skipping because parent resource was skipped." + labels: + testing.upbound.io/example-name: example + name: example-domainsamloptions +spec: + forProvider: + clusterConfig: + - instanceType: r4.large.elasticsearch + ebsOptions: + - ebsEnabled: true + volumeSize: 30 + elasticsearchVersion: "5.3" + region: us-west-1 diff --git a/internal/controller/elasticsearch/domainpolicy/zz_controller.go b/internal/controller/elasticsearch/domainpolicy/zz_controller.go new file mode 100755 index 0000000000..75ae92a02f --- /dev/null +++ b/internal/controller/elasticsearch/domainpolicy/zz_controller.go @@ -0,0 +1,51 @@ +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package domainpolicy + +import ( + "time" + + "github.com/crossplane/crossplane-runtime/pkg/connection" + "github.com/crossplane/crossplane-runtime/pkg/event" + "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" + "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" + xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" + tjcontroller "github.com/upbound/upjet/pkg/controller" + "github.com/upbound/upjet/pkg/terraform" + ctrl "sigs.k8s.io/controller-runtime" + + v1beta1 "github.com/upbound/provider-aws/apis/elasticsearch/v1beta1" +) + +// Setup adds a controller that reconciles DomainPolicy managed resources. +func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { + name := managed.ControllerName(v1beta1.DomainPolicy_GroupVersionKind.String()) + var initializers managed.InitializerChain + cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} + if o.SecretStoreConfigGVK != nil { + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + } + r := managed.NewReconciler(mgr, + xpresource.ManagedKind(v1beta1.DomainPolicy_GroupVersionKind), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["aws_elasticsearch_domain_policy"], + tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.DomainPolicy_GroupVersionKind))), + )), + managed.WithLogger(o.Logger.WithValues("controller", name)), + managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), + managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), + managed.WithTimeout(3*time.Minute), + managed.WithInitializers(initializers), + managed.WithConnectionPublishers(cps...), + managed.WithPollInterval(o.PollInterval), + ) + + return ctrl.NewControllerManagedBy(mgr). + Named(name). + WithOptions(o.ForControllerRuntime()). + For(&v1beta1.DomainPolicy{}). + Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) +} diff --git a/internal/controller/elasticsearch/domainsamloptions/zz_controller.go b/internal/controller/elasticsearch/domainsamloptions/zz_controller.go new file mode 100755 index 0000000000..741fd8f350 --- /dev/null +++ b/internal/controller/elasticsearch/domainsamloptions/zz_controller.go @@ -0,0 +1,52 @@ +/* +Copyright 2022 Upbound Inc. +*/ + +// Code generated by upjet. DO NOT EDIT. + +package domainsamloptions + +import ( + "time" + + "github.com/crossplane/crossplane-runtime/pkg/connection" + "github.com/crossplane/crossplane-runtime/pkg/event" + "github.com/crossplane/crossplane-runtime/pkg/ratelimiter" + "github.com/crossplane/crossplane-runtime/pkg/reconciler/managed" + xpresource "github.com/crossplane/crossplane-runtime/pkg/resource" + tjcontroller "github.com/upbound/upjet/pkg/controller" + "github.com/upbound/upjet/pkg/terraform" + ctrl "sigs.k8s.io/controller-runtime" + + v1beta1 "github.com/upbound/provider-aws/apis/elasticsearch/v1beta1" +) + +// Setup adds a controller that reconciles DomainSAMLOptions managed resources. +func Setup(mgr ctrl.Manager, o tjcontroller.Options) error { + name := managed.ControllerName(v1beta1.DomainSAMLOptions_GroupVersionKind.String()) + var initializers managed.InitializerChain + initializers = append(initializers, managed.NewNameAsExternalName(mgr.GetClient())) + cps := []managed.ConnectionPublisher{managed.NewAPISecretPublisher(mgr.GetClient(), mgr.GetScheme())} + if o.SecretStoreConfigGVK != nil { + cps = append(cps, connection.NewDetailsManager(mgr.GetClient(), *o.SecretStoreConfigGVK)) + } + r := managed.NewReconciler(mgr, + xpresource.ManagedKind(v1beta1.DomainSAMLOptions_GroupVersionKind), + managed.WithExternalConnecter(tjcontroller.NewConnector(mgr.GetClient(), o.WorkspaceStore, o.SetupFn, o.Provider.Resources["aws_elasticsearch_domain_saml_options"], + tjcontroller.WithCallbackProvider(tjcontroller.NewAPICallbacks(mgr, xpresource.ManagedKind(v1beta1.DomainSAMLOptions_GroupVersionKind))), + )), + managed.WithLogger(o.Logger.WithValues("controller", name)), + managed.WithRecorder(event.NewAPIRecorder(mgr.GetEventRecorderFor(name))), + managed.WithFinalizer(terraform.NewWorkspaceFinalizer(o.WorkspaceStore, xpresource.NewAPIFinalizer(mgr.GetClient(), managed.FinalizerName))), + managed.WithTimeout(3*time.Minute), + managed.WithInitializers(initializers), + managed.WithConnectionPublishers(cps...), + managed.WithPollInterval(o.PollInterval), + ) + + return ctrl.NewControllerManagedBy(mgr). + Named(name). + WithOptions(o.ForControllerRuntime()). + For(&v1beta1.DomainSAMLOptions{}). + Complete(ratelimiter.NewReconciler(name, r, o.GlobalRateLimiter)) +} diff --git a/internal/controller/zz_setup.go b/internal/controller/zz_setup.go index b575e95d26..59f8f5390e 100755 --- a/internal/controller/zz_setup.go +++ b/internal/controller/zz_setup.go @@ -412,6 +412,8 @@ import ( applicationversion "github.com/upbound/provider-aws/internal/controller/elasticbeanstalk/applicationversion" configurationtemplate "github.com/upbound/provider-aws/internal/controller/elasticbeanstalk/configurationtemplate" domainelasticsearch "github.com/upbound/provider-aws/internal/controller/elasticsearch/domain" + domainpolicy "github.com/upbound/provider-aws/internal/controller/elasticsearch/domainpolicy" + domainsamloptions "github.com/upbound/provider-aws/internal/controller/elasticsearch/domainsamloptions" pipelineelastictranscoder "github.com/upbound/provider-aws/internal/controller/elastictranscoder/pipeline" preset "github.com/upbound/provider-aws/internal/controller/elastictranscoder/preset" appcookiestickinesspolicy "github.com/upbound/provider-aws/internal/controller/elb/appcookiestickinesspolicy" @@ -630,8 +632,8 @@ import ( transitgatewayregistration "github.com/upbound/provider-aws/internal/controller/networkmanager/transitgatewayregistration" vpcattachment "github.com/upbound/provider-aws/internal/controller/networkmanager/vpcattachment" domainopensearch "github.com/upbound/provider-aws/internal/controller/opensearch/domain" - domainpolicy "github.com/upbound/provider-aws/internal/controller/opensearch/domainpolicy" - domainsamloptions "github.com/upbound/provider-aws/internal/controller/opensearch/domainsamloptions" + domainpolicyopensearch "github.com/upbound/provider-aws/internal/controller/opensearch/domainpolicy" + domainsamloptionsopensearch "github.com/upbound/provider-aws/internal/controller/opensearch/domainsamloptions" applicationopsworks "github.com/upbound/provider-aws/internal/controller/opsworks/application" customlayer "github.com/upbound/provider-aws/internal/controller/opsworks/customlayer" ecsclusterlayer "github.com/upbound/provider-aws/internal/controller/opsworks/ecsclusterlayer" @@ -1307,6 +1309,8 @@ func Setup(mgr ctrl.Manager, o controller.Options) error { applicationversion.Setup, configurationtemplate.Setup, domainelasticsearch.Setup, + domainpolicy.Setup, + domainsamloptions.Setup, pipelineelastictranscoder.Setup, preset.Setup, appcookiestickinesspolicy.Setup, @@ -1525,8 +1529,8 @@ func Setup(mgr ctrl.Manager, o controller.Options) error { transitgatewayregistration.Setup, vpcattachment.Setup, domainopensearch.Setup, - domainpolicy.Setup, - domainsamloptions.Setup, + domainpolicyopensearch.Setup, + domainsamloptionsopensearch.Setup, applicationopsworks.Setup, customlayer.Setup, ecsclusterlayer.Setup, diff --git a/package/crds/elasticsearch.aws.upbound.io_domainpolicies.yaml b/package/crds/elasticsearch.aws.upbound.io_domainpolicies.yaml new file mode 100644 index 0000000000..78f76b2ad5 --- /dev/null +++ b/package/crds/elasticsearch.aws.upbound.io_domainpolicies.yaml @@ -0,0 +1,382 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + name: domainpolicies.elasticsearch.aws.upbound.io +spec: + group: elasticsearch.aws.upbound.io + names: + categories: + - crossplane + - managed + - aws + kind: DomainPolicy + listKind: DomainPolicyList + plural: domainpolicies + singular: domainpolicy + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNCED + type: string + - jsonPath: .metadata.annotations.crossplane\.io/external-name + name: EXTERNAL-NAME + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: DomainPolicy is the Schema for the DomainPolicys API. Provides + an Elasticsearch Domain Policy. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DomainPolicySpec defines the desired state of DomainPolicy + properties: + deletionPolicy: + default: Delete + description: DeletionPolicy specifies what will happen to the underlying + external when this managed resource is deleted - either "Delete" + or "Orphan" the external resource. + enum: + - Orphan + - Delete + type: string + forProvider: + properties: + accessPolicies: + description: IAM policy document specifying the access policies + for the domain + type: string + domainName: + description: Name of the domain. + type: string + domainNameRef: + description: Reference to a Domain in elasticsearch to populate + domainName. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + domainNameSelector: + description: Selector for a Domain in elasticsearch to populate + domainName. + properties: + matchControllerRef: + description: MatchControllerRef ensures an object with the + same controller reference as the selecting object is selected. + type: boolean + matchLabels: + additionalProperties: + type: string + description: MatchLabels ensures an object with matching labels + is selected. + type: object + policy: + description: Policies for selection. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + type: object + region: + description: Region is the region you'd like your resource to + be created in. + type: string + required: + - accessPolicies + - region + type: object + providerConfigRef: + default: + name: default + description: ProviderConfigReference specifies how the provider that + will be used to create, observe, update, and delete this managed + resource should be configured. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of this + reference is required. The default is 'Required', which + means the reconcile will fail if the reference cannot be + resolved. 'Optional' means this reference will be a no-op + if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will attempt + to resolve the reference only when the corresponding field + is not present. Use 'Always' to resolve the reference on + every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + providerRef: + description: 'ProviderReference specifies the provider that will be + used to create, observe, update, and delete this managed resource. + Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of this + reference is required. The default is 'Required', which + means the reconcile will fail if the reference cannot be + resolved. 'Optional' means this reference will be a no-op + if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will attempt + to resolve the reference only when the corresponding field + is not present. Use 'Always' to resolve the reference on + every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + publishConnectionDetailsTo: + description: PublishConnectionDetailsTo specifies the connection secret + config which contains a name, metadata and a reference to secret + store config to which any connection details for this managed resource + should be written. Connection details frequently include the endpoint, + username, and password required to connect to the managed resource. + properties: + configRef: + default: + name: default + description: SecretStoreConfigRef specifies which secret store + config should be used for this ConnectionSecret. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + metadata: + description: Metadata is the metadata for connection secret. + properties: + annotations: + additionalProperties: + type: string + description: Annotations are the annotations to be added to + connection secret. - For Kubernetes secrets, this will be + used as "metadata.annotations". - It is up to Secret Store + implementation for others store types. + type: object + labels: + additionalProperties: + type: string + description: Labels are the labels/tags to be added to connection + secret. - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store + types. + type: object + type: + description: Type is the SecretType for the connection secret. + - Only valid for Kubernetes Secret Stores. + type: string + type: object + name: + description: Name is the name of the connection secret. + type: string + required: + - name + type: object + writeConnectionSecretToRef: + description: WriteConnectionSecretToReference specifies the namespace + and name of a Secret to which any connection details for this managed + resource should be written. Connection details frequently include + the endpoint, username, and password required to connect to the + managed resource. This field is planned to be replaced in a future + release in favor of PublishConnectionDetailsTo. Currently, both + could be set independently and connection details would be published + to both without affecting each other. + properties: + name: + description: Name of the secret. + type: string + namespace: + description: Namespace of the secret. + type: string + required: + - name + - namespace + type: object + required: + - forProvider + type: object + status: + description: DomainPolicyStatus defines the observed state of DomainPolicy. + properties: + atProvider: + properties: + id: + type: string + type: object + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: LastTransitionTime is the last time this condition + transitioned from one status to another. + format: date-time + type: string + message: + description: A Message containing details about this condition's + last transition from one status to another, if any. + type: string + reason: + description: A Reason for this condition's last transition from + one status to another. + type: string + status: + description: Status of this condition; is it currently True, + False, or Unknown? + type: string + type: + description: Type of this condition. At most one of each condition + type may apply to a resource at any point in time. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: [] diff --git a/package/crds/elasticsearch.aws.upbound.io_domainsamloptions.yaml b/package/crds/elasticsearch.aws.upbound.io_domainsamloptions.yaml new file mode 100644 index 0000000000..5728fafa19 --- /dev/null +++ b/package/crds/elasticsearch.aws.upbound.io_domainsamloptions.yaml @@ -0,0 +1,365 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.8.0 + creationTimestamp: null + name: domainsamloptions.elasticsearch.aws.upbound.io +spec: + group: elasticsearch.aws.upbound.io + names: + categories: + - crossplane + - managed + - aws + kind: DomainSAMLOptions + listKind: DomainSAMLOptionsList + plural: domainsamloptions + singular: domainsamloptions + scope: Cluster + versions: + - additionalPrinterColumns: + - jsonPath: .status.conditions[?(@.type=='Ready')].status + name: READY + type: string + - jsonPath: .status.conditions[?(@.type=='Synced')].status + name: SYNCED + type: string + - jsonPath: .metadata.annotations.crossplane\.io/external-name + name: EXTERNAL-NAME + type: string + - jsonPath: .metadata.creationTimestamp + name: AGE + type: date + name: v1beta1 + schema: + openAPIV3Schema: + description: DomainSAMLOptions is the Schema for the DomainSAMLOptionss API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: DomainSAMLOptionsSpec defines the desired state of DomainSAMLOptions + properties: + deletionPolicy: + default: Delete + description: DeletionPolicy specifies what will happen to the underlying + external when this managed resource is deleted - either "Delete" + or "Orphan" the external resource. + enum: + - Orphan + - Delete + type: string + forProvider: + properties: + region: + description: Region is the region you'd like your resource to + be created in. + type: string + samlOptions: + description: The SAML authentication options for an AWS Elasticsearch + Domain. + items: + properties: + enabled: + description: Whether SAML authentication is enabled. + type: boolean + idp: + description: Information from your identity provider. + items: + properties: + entityId: + description: The unique Entity ID of the application + in SAML Identity Provider. + type: string + metadataContent: + description: The Metadata of the SAML application + in xml format. + type: string + required: + - entityId + - metadataContent + type: object + type: array + masterBackendRole: + description: This backend role from the SAML IdP receives + full permissions to the cluster, equivalent to a new master + user. + type: string + masterUserNameSecretRef: + description: This username from the SAML IdP receives full + permissions to the cluster, equivalent to a new master + user. + properties: + key: + description: The key to select. + type: string + name: + description: Name of the secret. + type: string + namespace: + description: Namespace of the secret. + type: string + required: + - key + - name + - namespace + type: object + rolesKey: + description: Element of the SAML assertion to use for backend + roles. Default is roles. + type: string + sessionTimeoutMinutes: + description: Duration of a session in minutes after a user + logs in. Default is 60. Maximum value is 1,440. + type: number + subjectKey: + description: Custom SAML attribute to use for user names. + Default is an empty string - "". This will cause Elasticsearch + to use the NameID element of the Subject, which is the + default location for name identifiers in the SAML specification. + type: string + type: object + type: array + required: + - region + type: object + providerConfigRef: + default: + name: default + description: ProviderConfigReference specifies how the provider that + will be used to create, observe, update, and delete this managed + resource should be configured. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of this + reference is required. The default is 'Required', which + means the reconcile will fail if the reference cannot be + resolved. 'Optional' means this reference will be a no-op + if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will attempt + to resolve the reference only when the corresponding field + is not present. Use 'Always' to resolve the reference on + every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + providerRef: + description: 'ProviderReference specifies the provider that will be + used to create, observe, update, and delete this managed resource. + Deprecated: Please use ProviderConfigReference, i.e. `providerConfigRef`' + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of this + reference is required. The default is 'Required', which + means the reconcile will fail if the reference cannot be + resolved. 'Optional' means this reference will be a no-op + if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will attempt + to resolve the reference only when the corresponding field + is not present. Use 'Always' to resolve the reference on + every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + publishConnectionDetailsTo: + description: PublishConnectionDetailsTo specifies the connection secret + config which contains a name, metadata and a reference to secret + store config to which any connection details for this managed resource + should be written. Connection details frequently include the endpoint, + username, and password required to connect to the managed resource. + properties: + configRef: + default: + name: default + description: SecretStoreConfigRef specifies which secret store + config should be used for this ConnectionSecret. + properties: + name: + description: Name of the referenced object. + type: string + policy: + description: Policies for referencing. + properties: + resolution: + default: Required + description: Resolution specifies whether resolution of + this reference is required. The default is 'Required', + which means the reconcile will fail if the reference + cannot be resolved. 'Optional' means this reference + will be a no-op if it cannot be resolved. + enum: + - Required + - Optional + type: string + resolve: + description: Resolve specifies when this reference should + be resolved. The default is 'IfNotPresent', which will + attempt to resolve the reference only when the corresponding + field is not present. Use 'Always' to resolve the reference + on every reconcile. + enum: + - Always + - IfNotPresent + type: string + type: object + required: + - name + type: object + metadata: + description: Metadata is the metadata for connection secret. + properties: + annotations: + additionalProperties: + type: string + description: Annotations are the annotations to be added to + connection secret. - For Kubernetes secrets, this will be + used as "metadata.annotations". - It is up to Secret Store + implementation for others store types. + type: object + labels: + additionalProperties: + type: string + description: Labels are the labels/tags to be added to connection + secret. - For Kubernetes secrets, this will be used as "metadata.labels". + - It is up to Secret Store implementation for others store + types. + type: object + type: + description: Type is the SecretType for the connection secret. + - Only valid for Kubernetes Secret Stores. + type: string + type: object + name: + description: Name is the name of the connection secret. + type: string + required: + - name + type: object + writeConnectionSecretToRef: + description: WriteConnectionSecretToReference specifies the namespace + and name of a Secret to which any connection details for this managed + resource should be written. Connection details frequently include + the endpoint, username, and password required to connect to the + managed resource. This field is planned to be replaced in a future + release in favor of PublishConnectionDetailsTo. Currently, both + could be set independently and connection details would be published + to both without affecting each other. + properties: + name: + description: Name of the secret. + type: string + namespace: + description: Namespace of the secret. + type: string + required: + - name + - namespace + type: object + required: + - forProvider + type: object + status: + description: DomainSAMLOptionsStatus defines the observed state of DomainSAMLOptions. + properties: + atProvider: + properties: + id: + description: The name of the domain the SAML options are associated + with. + type: string + type: object + conditions: + description: Conditions of the resource. + items: + description: A Condition that may apply to a resource. + properties: + lastTransitionTime: + description: LastTransitionTime is the last time this condition + transitioned from one status to another. + format: date-time + type: string + message: + description: A Message containing details about this condition's + last transition from one status to another, if any. + type: string + reason: + description: A Reason for this condition's last transition from + one status to another. + type: string + status: + description: Status of this condition; is it currently True, + False, or Unknown? + type: string + type: + description: Type of this condition. At most one of each condition + type may apply to a resource at any point in time. + type: string + required: + - lastTransitionTime + - reason + - status + - type + type: object + type: array + type: object + required: + - spec + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: [] + storedVersions: []