diff --git a/apis/iam/v1beta1/zz_accesskey_types.go b/apis/iam/v1beta1/zz_accesskey_types.go index 1e8a6680ea..28137b0210 100755 --- a/apis/iam/v1beta1/zz_accesskey_types.go +++ b/apis/iam/v1beta1/zz_accesskey_types.go @@ -22,14 +22,14 @@ type AccessKeyInitParameters struct { Status *string `json:"status,omitempty" tf:"status,omitempty"` // IAM user to associate with this access key. - // +crossplane:generate:reference:type=User + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.User User *string `json:"user,omitempty" tf:"user,omitempty"` - // Reference to a User to populate user. + // Reference to a User in iam to populate user. // +kubebuilder:validation:Optional UserRef *v1.Reference `json:"userRef,omitempty" tf:"-"` - // Selector for a User to populate user. + // Selector for a User in iam to populate user. // +kubebuilder:validation:Optional UserSelector *v1.Selector `json:"userSelector,omitempty" tf:"-"` } @@ -72,15 +72,15 @@ type AccessKeyParameters struct { Status *string `json:"status,omitempty" tf:"status,omitempty"` // IAM user to associate with this access key. - // +crossplane:generate:reference:type=User + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.User // +kubebuilder:validation:Optional User *string `json:"user,omitempty" tf:"user,omitempty"` - // Reference to a User to populate user. + // Reference to a User in iam to populate user. // +kubebuilder:validation:Optional UserRef *v1.Reference `json:"userRef,omitempty" tf:"-"` - // Selector for a User to populate user. + // Selector for a User in iam to populate user. // +kubebuilder:validation:Optional UserSelector *v1.Selector `json:"userSelector,omitempty" tf:"-"` } diff --git a/apis/iam/v1beta1/zz_grouppolicyattachment_types.go b/apis/iam/v1beta1/zz_grouppolicyattachment_types.go index f264973e89..98fa91c010 100755 --- a/apis/iam/v1beta1/zz_grouppolicyattachment_types.go +++ b/apis/iam/v1beta1/zz_grouppolicyattachment_types.go @@ -16,27 +16,27 @@ import ( type GroupPolicyAttachmentInitParameters struct { // The group the policy should be applied to - // +crossplane:generate:reference:type=Group + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Group Group *string `json:"group,omitempty" tf:"group,omitempty"` - // Reference to a Group to populate group. + // Reference to a Group in iam to populate group. // +kubebuilder:validation:Optional GroupRef *v1.Reference `json:"groupRef,omitempty" tf:"-"` - // Selector for a Group to populate group. + // Selector for a Group in iam to populate group. // +kubebuilder:validation:Optional GroupSelector *v1.Selector `json:"groupSelector,omitempty" tf:"-"` // The ARN of the policy you want to apply - // +crossplane:generate:reference:type=Policy + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Policy // +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor() PolicyArn *string `json:"policyArn,omitempty" tf:"policy_arn,omitempty"` - // Reference to a Policy to populate policyArn. + // Reference to a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnRef *v1.Reference `json:"policyArnRef,omitempty" tf:"-"` - // Selector for a Policy to populate policyArn. + // Selector for a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnSelector *v1.Selector `json:"policyArnSelector,omitempty" tf:"-"` } @@ -55,29 +55,29 @@ type GroupPolicyAttachmentObservation struct { type GroupPolicyAttachmentParameters struct { // The group the policy should be applied to - // +crossplane:generate:reference:type=Group + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Group // +kubebuilder:validation:Optional Group *string `json:"group,omitempty" tf:"group,omitempty"` - // Reference to a Group to populate group. + // Reference to a Group in iam to populate group. // +kubebuilder:validation:Optional GroupRef *v1.Reference `json:"groupRef,omitempty" tf:"-"` - // Selector for a Group to populate group. + // Selector for a Group in iam to populate group. // +kubebuilder:validation:Optional GroupSelector *v1.Selector `json:"groupSelector,omitempty" tf:"-"` // The ARN of the policy you want to apply - // +crossplane:generate:reference:type=Policy + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Policy // +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor() // +kubebuilder:validation:Optional PolicyArn *string `json:"policyArn,omitempty" tf:"policy_arn,omitempty"` - // Reference to a Policy to populate policyArn. + // Reference to a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnRef *v1.Reference `json:"policyArnRef,omitempty" tf:"-"` - // Selector for a Policy to populate policyArn. + // Selector for a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnSelector *v1.Selector `json:"policyArnSelector,omitempty" tf:"-"` } diff --git a/apis/iam/v1beta1/zz_instanceprofile_types.go b/apis/iam/v1beta1/zz_instanceprofile_types.go index a4f0066b93..628fb1ddf3 100755 --- a/apis/iam/v1beta1/zz_instanceprofile_types.go +++ b/apis/iam/v1beta1/zz_instanceprofile_types.go @@ -19,14 +19,14 @@ type InstanceProfileInitParameters struct { Path *string `json:"path,omitempty" tf:"path,omitempty"` // Name of the role to add to the profile. - // +crossplane:generate:reference:type=Role + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Role Role *string `json:"role,omitempty" tf:"role,omitempty"` - // Reference to a Role to populate role. + // Reference to a Role in iam to populate role. // +kubebuilder:validation:Optional RoleRef *v1.Reference `json:"roleRef,omitempty" tf:"-"` - // Selector for a Role to populate role. + // Selector for a Role in iam to populate role. // +kubebuilder:validation:Optional RoleSelector *v1.Selector `json:"roleSelector,omitempty" tf:"-"` @@ -71,15 +71,15 @@ type InstanceProfileParameters struct { Path *string `json:"path,omitempty" tf:"path,omitempty"` // Name of the role to add to the profile. - // +crossplane:generate:reference:type=Role + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Role // +kubebuilder:validation:Optional Role *string `json:"role,omitempty" tf:"role,omitempty"` - // Reference to a Role to populate role. + // Reference to a Role in iam to populate role. // +kubebuilder:validation:Optional RoleRef *v1.Reference `json:"roleRef,omitempty" tf:"-"` - // Selector for a Role to populate role. + // Selector for a Role in iam to populate role. // +kubebuilder:validation:Optional RoleSelector *v1.Selector `json:"roleSelector,omitempty" tf:"-"` diff --git a/apis/iam/v1beta1/zz_role_terraformed.go b/apis/iam/v1beta1/zz_role_terraformed.go index 05b3c9e480..750747671a 100755 --- a/apis/iam/v1beta1/zz_role_terraformed.go +++ b/apis/iam/v1beta1/zz_role_terraformed.go @@ -118,6 +118,7 @@ func (tr *Role) LateInitialize(attrs []byte) (bool, error) { return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") } opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + opts = append(opts, resource.WithNameFilter("InlinePolicy")) opts = append(opts, resource.WithNameFilter("ManagedPolicyArns")) li := resource.NewGenericLateInitializer(opts...) diff --git a/apis/iam/v1beta1/zz_rolepolicyattachment_types.go b/apis/iam/v1beta1/zz_rolepolicyattachment_types.go index a89ab86c34..f7ce7e8547 100755 --- a/apis/iam/v1beta1/zz_rolepolicyattachment_types.go +++ b/apis/iam/v1beta1/zz_rolepolicyattachment_types.go @@ -16,27 +16,27 @@ import ( type RolePolicyAttachmentInitParameters struct { // The ARN of the policy you want to apply - // +crossplane:generate:reference:type=Policy + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Policy // +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor() PolicyArn *string `json:"policyArn,omitempty" tf:"policy_arn,omitempty"` - // Reference to a Policy to populate policyArn. + // Reference to a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnRef *v1.Reference `json:"policyArnRef,omitempty" tf:"-"` - // Selector for a Policy to populate policyArn. + // Selector for a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnSelector *v1.Selector `json:"policyArnSelector,omitempty" tf:"-"` // The name of the IAM role to which the policy should be applied - // +crossplane:generate:reference:type=Role + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Role Role *string `json:"role,omitempty" tf:"role,omitempty"` - // Reference to a Role to populate role. + // Reference to a Role in iam to populate role. // +kubebuilder:validation:Optional RoleRef *v1.Reference `json:"roleRef,omitempty" tf:"-"` - // Selector for a Role to populate role. + // Selector for a Role in iam to populate role. // +kubebuilder:validation:Optional RoleSelector *v1.Selector `json:"roleSelector,omitempty" tf:"-"` } @@ -54,29 +54,29 @@ type RolePolicyAttachmentObservation struct { type RolePolicyAttachmentParameters struct { // The ARN of the policy you want to apply - // +crossplane:generate:reference:type=Policy + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Policy // +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor() // +kubebuilder:validation:Optional PolicyArn *string `json:"policyArn,omitempty" tf:"policy_arn,omitempty"` - // Reference to a Policy to populate policyArn. + // Reference to a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnRef *v1.Reference `json:"policyArnRef,omitempty" tf:"-"` - // Selector for a Policy to populate policyArn. + // Selector for a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnSelector *v1.Selector `json:"policyArnSelector,omitempty" tf:"-"` // The name of the IAM role to which the policy should be applied - // +crossplane:generate:reference:type=Role + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Role // +kubebuilder:validation:Optional Role *string `json:"role,omitempty" tf:"role,omitempty"` - // Reference to a Role to populate role. + // Reference to a Role in iam to populate role. // +kubebuilder:validation:Optional RoleRef *v1.Reference `json:"roleRef,omitempty" tf:"-"` - // Selector for a Role to populate role. + // Selector for a Role in iam to populate role. // +kubebuilder:validation:Optional RoleSelector *v1.Selector `json:"roleSelector,omitempty" tf:"-"` } diff --git a/apis/iam/v1beta1/zz_usergroupmembership_types.go b/apis/iam/v1beta1/zz_usergroupmembership_types.go index 5ea0417c6e..1c6da3d2e8 100755 --- a/apis/iam/v1beta1/zz_usergroupmembership_types.go +++ b/apis/iam/v1beta1/zz_usergroupmembership_types.go @@ -15,30 +15,30 @@ import ( type UserGroupMembershipInitParameters struct { - // References to Group to populate groups. + // References to Group in iam to populate groups. // +kubebuilder:validation:Optional GroupRefs []v1.Reference `json:"groupRefs,omitempty" tf:"-"` - // Selector for a list of Group to populate groups. + // Selector for a list of Group in iam to populate groups. // +kubebuilder:validation:Optional GroupSelector *v1.Selector `json:"groupSelector,omitempty" tf:"-"` // A list of IAM Groups to add the user to - // +crossplane:generate:reference:type=Group + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Group // +crossplane:generate:reference:refFieldName=GroupRefs // +crossplane:generate:reference:selectorFieldName=GroupSelector // +listType=set Groups []*string `json:"groups,omitempty" tf:"groups,omitempty"` // The name of the IAM User to add to groups - // +crossplane:generate:reference:type=User + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.User User *string `json:"user,omitempty" tf:"user,omitempty"` - // Reference to a User to populate user. + // Reference to a User in iam to populate user. // +kubebuilder:validation:Optional UserRef *v1.Reference `json:"userRef,omitempty" tf:"-"` - // Selector for a User to populate user. + // Selector for a User in iam to populate user. // +kubebuilder:validation:Optional UserSelector *v1.Selector `json:"userSelector,omitempty" tf:"-"` } @@ -57,16 +57,16 @@ type UserGroupMembershipObservation struct { type UserGroupMembershipParameters struct { - // References to Group to populate groups. + // References to Group in iam to populate groups. // +kubebuilder:validation:Optional GroupRefs []v1.Reference `json:"groupRefs,omitempty" tf:"-"` - // Selector for a list of Group to populate groups. + // Selector for a list of Group in iam to populate groups. // +kubebuilder:validation:Optional GroupSelector *v1.Selector `json:"groupSelector,omitempty" tf:"-"` // A list of IAM Groups to add the user to - // +crossplane:generate:reference:type=Group + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Group // +crossplane:generate:reference:refFieldName=GroupRefs // +crossplane:generate:reference:selectorFieldName=GroupSelector // +kubebuilder:validation:Optional @@ -74,15 +74,15 @@ type UserGroupMembershipParameters struct { Groups []*string `json:"groups,omitempty" tf:"groups,omitempty"` // The name of the IAM User to add to groups - // +crossplane:generate:reference:type=User + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.User // +kubebuilder:validation:Optional User *string `json:"user,omitempty" tf:"user,omitempty"` - // Reference to a User to populate user. + // Reference to a User in iam to populate user. // +kubebuilder:validation:Optional UserRef *v1.Reference `json:"userRef,omitempty" tf:"-"` - // Selector for a User to populate user. + // Selector for a User in iam to populate user. // +kubebuilder:validation:Optional UserSelector *v1.Selector `json:"userSelector,omitempty" tf:"-"` } diff --git a/apis/iam/v1beta1/zz_userpolicyattachment_types.go b/apis/iam/v1beta1/zz_userpolicyattachment_types.go index 3630ad449e..59bd2f9510 100755 --- a/apis/iam/v1beta1/zz_userpolicyattachment_types.go +++ b/apis/iam/v1beta1/zz_userpolicyattachment_types.go @@ -16,27 +16,27 @@ import ( type UserPolicyAttachmentInitParameters struct { // The ARN of the policy you want to apply - // +crossplane:generate:reference:type=Policy + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Policy // +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor() PolicyArn *string `json:"policyArn,omitempty" tf:"policy_arn,omitempty"` - // Reference to a Policy to populate policyArn. + // Reference to a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnRef *v1.Reference `json:"policyArnRef,omitempty" tf:"-"` - // Selector for a Policy to populate policyArn. + // Selector for a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnSelector *v1.Selector `json:"policyArnSelector,omitempty" tf:"-"` // The user the policy should be applied to - // +crossplane:generate:reference:type=User + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.User User *string `json:"user,omitempty" tf:"user,omitempty"` - // Reference to a User to populate user. + // Reference to a User in iam to populate user. // +kubebuilder:validation:Optional UserRef *v1.Reference `json:"userRef,omitempty" tf:"-"` - // Selector for a User to populate user. + // Selector for a User in iam to populate user. // +kubebuilder:validation:Optional UserSelector *v1.Selector `json:"userSelector,omitempty" tf:"-"` } @@ -54,29 +54,29 @@ type UserPolicyAttachmentObservation struct { type UserPolicyAttachmentParameters struct { // The ARN of the policy you want to apply - // +crossplane:generate:reference:type=Policy + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.Policy // +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor() // +kubebuilder:validation:Optional PolicyArn *string `json:"policyArn,omitempty" tf:"policy_arn,omitempty"` - // Reference to a Policy to populate policyArn. + // Reference to a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnRef *v1.Reference `json:"policyArnRef,omitempty" tf:"-"` - // Selector for a Policy to populate policyArn. + // Selector for a Policy in iam to populate policyArn. // +kubebuilder:validation:Optional PolicyArnSelector *v1.Selector `json:"policyArnSelector,omitempty" tf:"-"` // The user the policy should be applied to - // +crossplane:generate:reference:type=User + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/iam/v1beta1.User // +kubebuilder:validation:Optional User *string `json:"user,omitempty" tf:"user,omitempty"` - // Reference to a User to populate user. + // Reference to a User in iam to populate user. // +kubebuilder:validation:Optional UserRef *v1.Reference `json:"userRef,omitempty" tf:"-"` - // Selector for a User to populate user. + // Selector for a User in iam to populate user. // +kubebuilder:validation:Optional UserSelector *v1.Selector `json:"userSelector,omitempty" tf:"-"` } diff --git a/apis/sns/v1beta1/zz_topic_terraformed.go b/apis/sns/v1beta1/zz_topic_terraformed.go index 7bb3c10337..ac26bb67d7 100755 --- a/apis/sns/v1beta1/zz_topic_terraformed.go +++ b/apis/sns/v1beta1/zz_topic_terraformed.go @@ -118,6 +118,7 @@ func (tr *Topic) LateInitialize(attrs []byte) (bool, error) { return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") } opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + opts = append(opts, resource.WithNameFilter("Policy")) li := resource.NewGenericLateInitializer(opts...) return li.LateInitialize(&tr.Spec.ForProvider, params) diff --git a/apis/sns/v1beta1/zz_topicsubscription_types.go b/apis/sns/v1beta1/zz_topicsubscription_types.go index d623abf419..1e8a2099c5 100755 --- a/apis/sns/v1beta1/zz_topicsubscription_types.go +++ b/apis/sns/v1beta1/zz_topicsubscription_types.go @@ -69,15 +69,15 @@ type TopicSubscriptionInitParameters struct { SubscriptionRoleArnSelector *v1.Selector `json:"subscriptionRoleArnSelector,omitempty" tf:"-"` // ARN of the SNS topic to subscribe to. - // +crossplane:generate:reference:type=Topic + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/sns/v1beta1.Topic // +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor() TopicArn *string `json:"topicArn,omitempty" tf:"topic_arn,omitempty"` - // Reference to a Topic to populate topicArn. + // Reference to a Topic in sns to populate topicArn. // +kubebuilder:validation:Optional TopicArnRef *v1.Reference `json:"topicArnRef,omitempty" tf:"-"` - // Selector for a Topic to populate topicArn. + // Selector for a Topic in sns to populate topicArn. // +kubebuilder:validation:Optional TopicArnSelector *v1.Selector `json:"topicArnSelector,omitempty" tf:"-"` } @@ -208,16 +208,16 @@ type TopicSubscriptionParameters struct { SubscriptionRoleArnSelector *v1.Selector `json:"subscriptionRoleArnSelector,omitempty" tf:"-"` // ARN of the SNS topic to subscribe to. - // +crossplane:generate:reference:type=Topic + // +crossplane:generate:reference:type=github.com/upbound/provider-aws/apis/sns/v1beta1.Topic // +crossplane:generate:reference:extractor=github.com/upbound/provider-aws/config/common.ARNExtractor() // +kubebuilder:validation:Optional TopicArn *string `json:"topicArn,omitempty" tf:"topic_arn,omitempty"` - // Reference to a Topic to populate topicArn. + // Reference to a Topic in sns to populate topicArn. // +kubebuilder:validation:Optional TopicArnRef *v1.Reference `json:"topicArnRef,omitempty" tf:"-"` - // Selector for a Topic to populate topicArn. + // Selector for a Topic in sns to populate topicArn. // +kubebuilder:validation:Optional TopicArnSelector *v1.Selector `json:"topicArnSelector,omitempty" tf:"-"` } diff --git a/apis/sqs/v1beta1/zz_queue_terraformed.go b/apis/sqs/v1beta1/zz_queue_terraformed.go index db514a2a83..ddb2ec11d3 100755 --- a/apis/sqs/v1beta1/zz_queue_terraformed.go +++ b/apis/sqs/v1beta1/zz_queue_terraformed.go @@ -118,6 +118,7 @@ func (tr *Queue) LateInitialize(attrs []byte) (bool, error) { return false, errors.Wrap(err, "failed to unmarshal Terraform state parameters for late-initialization") } opts := []resource.GenericLateInitializerOption{resource.WithZeroValueJSONOmitEmptyFilter(resource.CNameWildcard)} + opts = append(opts, resource.WithNameFilter("Policy")) li := resource.NewGenericLateInitializer(opts...) return li.LateInitialize(&tr.Spec.ForProvider, params) diff --git a/config/iam/config.go b/config/iam/config.go index 53b1131eea..29f843c5ad 100644 --- a/config/iam/config.go +++ b/config/iam/config.go @@ -13,10 +13,8 @@ import ( // Configure adds configurations for the iam group. func Configure(p *config.Provider) { p.AddResourceConfigurator("aws_iam_access_key", func(r *config.Resource) { - r.References = config.References{ - "user": config.Reference{ - Type: "User", - }, + r.References["user"] = config.Reference{ + TerraformName: "aws_iam_user", } r.Sensitive.AdditionalConnectionDetailsFn = func(attr map[string]any) (map[string][]byte, error) { conn := map[string][]byte{} @@ -33,65 +31,58 @@ func Configure(p *config.Provider) { p.AddResourceConfigurator("aws_iam_role", func(r *config.Resource) { r.MetaResource.ArgumentDocs["inline_policy"] = `Configuration block defining an exclusive set of IAM inline policies associated with the IAM role. See below. If no blocks are configured, Crossplane will not manage any inline policies in this resource. Configuring one empty block (i.e., inline_policy {}) will cause Crossplane to remove all inline policies added out of band on apply.` r.MetaResource.ArgumentDocs["managed_policy_arns"] = `Set of exclusive IAM managed policy ARNs to attach to the IAM role. If this attribute is not configured, Crossplane will ignore policy attachments to this resource. When configured, Crossplane will align the role's managed policy attachments with this set by attaching or detaching managed policies. Configuring an empty set (i.e., managed_policy_arns = []) will cause Crossplane to remove all managed policy attachments.` - r.LateInitializer = config.LateInitializer{ - IgnoredFields: []string{"managed_policy_arns"}, - } + + // Both inline and attached policies can either be specified in and managed by the Role resource, or by separate + // RolePolicy and RolePolicyAttachment resources, so the Role should not late initialize them if they were unset + // by the user, as that would cause reconciliation conflicts with potential future RolePolicy or + // RolePolicyAttachment resources. See github issues #933 and #1207 + r.LateInitializer.IgnoredFields = append(r.LateInitializer.IgnoredFields, "managed_policy_arns", "inline_policy") }) p.AddResourceConfigurator("aws_iam_instance_profile", func(r *config.Resource) { - r.References = config.References{ - "role": config.Reference{ - Type: "Role", - }, + r.References["role"] = config.Reference{ + TerraformName: "aws_iam_role", } }) p.AddResourceConfigurator("aws_iam_role_policy_attachment", func(r *config.Resource) { - r.References = config.References{ - "role": config.Reference{ - Type: "Role", - }, - "policy_arn": config.Reference{ - Type: "Policy", - Extractor: common.PathARNExtractor, - }, + r.References["role"] = config.Reference{ + TerraformName: "aws_iam_role", + } + r.References["policy_arn"] = config.Reference{ + TerraformName: "aws_iam_policy", + Extractor: common.PathARNExtractor, } }) p.AddResourceConfigurator("aws_iam_user_policy_attachment", func(r *config.Resource) { - r.References = config.References{ - "user": config.Reference{ - Type: "User", - }, - "policy_arn": config.Reference{ - Type: "Policy", - Extractor: common.PathARNExtractor, - }, + r.References["user"] = config.Reference{ + TerraformName: "aws_iam_user", + } + r.References["policy_arn"] = config.Reference{ + TerraformName: "aws_iam_policy", + Extractor: common.PathARNExtractor, } }) p.AddResourceConfigurator("aws_iam_group_policy_attachment", func(r *config.Resource) { - r.References = config.References{ - "group": config.Reference{ - Type: "Group", - }, - "policy_arn": config.Reference{ - Type: "Policy", - Extractor: common.PathARNExtractor, - }, + r.References["group"] = config.Reference{ + TerraformName: "aws_iam_group", + } + r.References["policy_arn"] = config.Reference{ + TerraformName: "aws_iam_policy", + Extractor: common.PathARNExtractor, } }) p.AddResourceConfigurator("aws_iam_user_group_membership", func(r *config.Resource) { - r.References = config.References{ - "user": config.Reference{ - Type: "User", - }, - "groups": config.Reference{ - Type: "Group", - RefFieldName: "GroupRefs", - SelectorFieldName: "GroupSelector", - }, + r.References["user"] = config.Reference{ + TerraformName: "aws_iam_user", + } + r.References["groups"] = config.Reference{ + TerraformName: "aws_iam_group", + RefFieldName: "GroupRefs", + SelectorFieldName: "GroupSelector", } }) diff --git a/config/sns/config.go b/config/sns/config.go index 64654cfe03..aaf80d56d5 100644 --- a/config/sns/config.go +++ b/config/sns/config.go @@ -14,12 +14,17 @@ import ( func Configure(p *config.Provider) { p.AddResourceConfigurator("aws_sns_topic_subscription", func(r *config.Resource) { r.References["endpoint"] = config.Reference{ - Type: "github.com/upbound/provider-aws/apis/sqs/v1beta1.Queue", - Extractor: common.PathARNExtractor, + TerraformName: "aws_sqs_queue", + Extractor: common.PathARNExtractor, } r.References["topic_arn"] = config.Reference{ - Type: "Topic", - Extractor: common.PathARNExtractor, + TerraformName: "aws_sns_topic", + Extractor: common.PathARNExtractor, } }) + p.AddResourceConfigurator("aws_sns_topic", func(r *config.Resource) { + // If the topic policy is unset on the Topic resource, don't late initialize it, to avoid conflicts with the + // policy managed by a TopicPolicy resource. + r.LateInitializer.IgnoredFields = append(r.LateInitializer.IgnoredFields, "policy") + }) } diff --git a/config/sqs/config.go b/config/sqs/config.go index b68cd4da50..e78834b1ff 100644 --- a/config/sqs/config.go +++ b/config/sqs/config.go @@ -27,9 +27,9 @@ func Configure(p *config.Provider) { } return conn, nil } - r.LateInitializer = config.LateInitializer{ - IgnoredFields: []string{"name_prefix"}, - } + // If the key policy is unset on the Queue resource, don't late initialize it, to avoid conflicts with the policy + // managed by a QueuePolicy resource. + r.LateInitializer.IgnoredFields = append(r.LateInitializer.IgnoredFields, "name_prefix", "policy") }) p.AddResourceConfigurator("aws_sqs_queue_redrive_policy", func(r *config.Resource) { diff --git a/examples/iam/v1beta1/instanceprofile.yaml b/examples/iam/v1beta1/instanceprofile.yaml index 815742655b..1c94bdd615 100644 --- a/examples/iam/v1beta1/instanceprofile.yaml +++ b/examples/iam/v1beta1/instanceprofile.yaml @@ -8,10 +8,35 @@ metadata: annotations: meta.upbound.io/example-id: iam/v1beta1/instanceprofile labels: - testing.upbound.io/example-name: test_profile - name: test-profile + testing.upbound.io/example-name: instance-profile + name: instance-profile spec: forProvider: roleSelector: matchLabels: - testing.upbound.io/example-name: role + testing.upbound.io/example-name: instance-profile + +--- +apiVersion: iam.aws.upbound.io/v1beta1 +kind: Role +metadata: + annotations: + meta.upbound.io/example-id: iam/v1beta1/instanceprofile + labels: + testing.upbound.io/example-name: instance-profile + name: instance-profile +spec: + forProvider: + assumeRolePolicy: | + { + "Version": "2012-10-17", + "Statement": [ + { + "Effect": "Allow", + "Principal": { + "Service": "ec2.amazonaws.com" + }, + "Action": "sts:AssumeRole" + } + ] + } diff --git a/examples/s3/v1beta1/bucketnotification.yaml b/examples/s3/v1beta1/bucketnotification.yaml index c56777e708..eb4075fd70 100644 --- a/examples/s3/v1beta1/bucketnotification.yaml +++ b/examples/s3/v1beta1/bucketnotification.yaml @@ -7,17 +7,128 @@ kind: BucketNotification metadata: name: example annotations: - upjet.upbound.io/manual-intervention: "Requires a TopicPolicy for the referenced Topic and TopicPolicy is not covered yet." + meta.upbound.io/example-id: s3/v1beta1/bucketnotification + labels: + testing.upbound.io/example-name: bucket-notification spec: forProvider: - region: us-west-1 bucketSelector: matchLabels: - testing.upbound.io/example-name: s3 + testing.upbound.io/example-name: bucket-notification + queue: + - events: + - "s3:ObjectCreated:*" + filterSuffix: ".log" + queueArnSelector: + matchLabels: + testing.upbound.io/example-name: bucket-notification + region: us-west-1 topic: - events: - - "s3:ObjectCreated:*" + - "s3:ObjectRemoved:*" filterSuffix: ".log" topicArnSelector: matchLabels: - testing.upbound.io/example-name: s3 + testing.upbound.io/example-name: bucket-notification + +--- +apiVersion: s3.aws.upbound.io/v1beta1 +kind: Bucket +metadata: + name: bucket-notification + annotations: + meta.upbound.io/example-id: s3/v1beta1/bucketnotification + crossplane.io/external-name: ${Rand.RFC1123Subdomain} + labels: + testing.upbound.io/example-name: bucket-notification +spec: + forProvider: + region: us-west-1 +--- +apiVersion: sns.aws.upbound.io/v1beta1 +kind: Topic +metadata: + name: bucket-notification + annotations: + meta.upbound.io/example-id: s3/v1beta1/bucketnotification + labels: + testing.upbound.io/example-name: bucket-notification +spec: + forProvider: + region: us-west-1 + +--- +apiVersion: sns.aws.upbound.io/v1beta1 +kind: TopicPolicy +metadata: + name: bucket-notification + annotations: + meta.upbound.io/example-id: s3/v1beta1/bucketnotification + labels: + testing.upbound.io/example-name: bucket-notification +spec: + forProvider: + region: us-west-1 + arnSelector: + matchLabels: + testing.upbound.io/example-name: bucket-notification + policy: | + { + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "example", + "Effect": "Allow", + "Principal": { + "Service": "s3.amazonaws.com" + }, + "Action": "sns:Publish", + "Resource": "arn:aws:sns:us-west-1:*:bucket-notification" + } + ] + } + +--- +apiVersion: sqs.aws.upbound.io/v1beta1 +kind: Queue +metadata: + name: bucket-notification + annotations: + meta.upbound.io/example-id: s3/v1beta1/bucketnotification + labels: + testing.upbound.io/example-name: bucket-notification +spec: + forProvider: + region: us-west-1 + name: bucket-notification + +--- +apiVersion: sqs.aws.upbound.io/v1beta1 +kind: QueuePolicy +metadata: + name: bucket-notification + annotations: + meta.upbound.io/example-id: s3/v1beta1/bucketnotification + labels: + testing.upbound.io/example-name: bucket-notification +spec: + forProvider: + region: us-west-1 + queueUrlSelector: + matchLabels: + testing.upbound.io/example-name: bucket-notification + policy: | + { + "Version": "2012-10-17", + "Statement": [ + { + "Sid": "example", + "Effect": "Allow", + "Principal": { + "Service": "s3.amazonaws.com" + }, + "Action": "sqs:SendMessage", + "Resource": "arn:aws:sqs:us-west-1:*:bucket-notification" + } + ] + } diff --git a/examples/sqs/v1beta1/queuepolicy.yaml b/examples/sqs/v1beta1/queuepolicy.yaml index 4fe6524c31..0c50d9a8d5 100644 --- a/examples/sqs/v1beta1/queuepolicy.yaml +++ b/examples/sqs/v1beta1/queuepolicy.yaml @@ -5,43 +5,43 @@ apiVersion: sqs.aws.upbound.io/v1beta1 kind: QueuePolicy metadata: - labels: - testing.upbound.io/example-name: test - name: test + name: queue-policy annotations: - upjet.upbound.io/manual-intervention: "This resource requires manual intervention for adding resource and source ARNs." + meta.upbound.io/example-id: sqs/v1beta1/queue-policy + labels: + testing.upbound.io/example-name: queue-policy spec: forProvider: + region: us-west-1 + queueUrlSelector: + matchLabels: + testing.upbound.io/example-name: queue-policy policy: | { "Version": "2012-10-17", - "Id": "sqspolicy", "Statement": [ { - "Sid": "First", + "Sid": "example", "Effect": "Allow", - "Principal": "*", + "Principal": { + "Service": "s3.amazonaws.com" + }, "Action": "sqs:SendMessage", - "Resource": "${resource_arn}", - "Condition": { - "ArnEquals": { - "aws:SourceArn": "${source_arn}}" - } - } + "Resource": "arn:aws:sqs:us-west-1:*:queue-policy" } ] } - queueUrlSelector: - matchLabels: - testing.upbound.io/example-name: example - region: us-west-1 --- - -apiVersion: sns.aws.upbound.io/v1beta1 -kind: Topic +apiVersion: sqs.aws.upbound.io/v1beta1 +kind: Queue metadata: - name: user-updates-topic + name: queue-policy + annotations: + meta.upbound.io/example-id: sqs/v1beta1/queuepolicy + labels: + testing.upbound.io/example-name: queue-policy spec: forProvider: region: us-west-1 + name: queue-policy diff --git a/package/crds/iam.aws.upbound.io_accesskeys.yaml b/package/crds/iam.aws.upbound.io_accesskeys.yaml index 7de63d9592..ab166b6002 100644 --- a/package/crds/iam.aws.upbound.io_accesskeys.yaml +++ b/package/crds/iam.aws.upbound.io_accesskeys.yaml @@ -90,7 +90,7 @@ spec: description: IAM user to associate with this access key. type: string userRef: - description: Reference to a User to populate user. + description: Reference to a User in iam to populate user. properties: name: description: Name of the referenced object. @@ -124,7 +124,7 @@ spec: - name type: object userSelector: - description: Selector for a User to populate user. + description: Selector for a User in iam to populate user. properties: matchControllerRef: description: |- @@ -193,7 +193,7 @@ spec: description: IAM user to associate with this access key. type: string userRef: - description: Reference to a User to populate user. + description: Reference to a User in iam to populate user. properties: name: description: Name of the referenced object. @@ -227,7 +227,7 @@ spec: - name type: object userSelector: - description: Selector for a User to populate user. + description: Selector for a User in iam to populate user. properties: matchControllerRef: description: |- diff --git a/package/crds/iam.aws.upbound.io_grouppolicyattachments.yaml b/package/crds/iam.aws.upbound.io_grouppolicyattachments.yaml index 660b5279b3..db084acc84 100644 --- a/package/crds/iam.aws.upbound.io_grouppolicyattachments.yaml +++ b/package/crds/iam.aws.upbound.io_grouppolicyattachments.yaml @@ -77,7 +77,7 @@ spec: description: The group the policy should be applied to type: string groupRef: - description: Reference to a Group to populate group. + description: Reference to a Group in iam to populate group. properties: name: description: Name of the referenced object. @@ -111,7 +111,7 @@ spec: - name type: object groupSelector: - description: Selector for a Group to populate group. + description: Selector for a Group in iam to populate group. properties: matchControllerRef: description: |- @@ -154,7 +154,7 @@ spec: description: The ARN of the policy you want to apply type: string policyArnRef: - description: Reference to a Policy to populate policyArn. + description: Reference to a Policy in iam to populate policyArn. properties: name: description: Name of the referenced object. @@ -188,7 +188,7 @@ spec: - name type: object policyArnSelector: - description: Selector for a Policy to populate policyArn. + description: Selector for a Policy in iam to populate policyArn. properties: matchControllerRef: description: |- @@ -245,7 +245,7 @@ spec: description: The group the policy should be applied to type: string groupRef: - description: Reference to a Group to populate group. + description: Reference to a Group in iam to populate group. properties: name: description: Name of the referenced object. @@ -279,7 +279,7 @@ spec: - name type: object groupSelector: - description: Selector for a Group to populate group. + description: Selector for a Group in iam to populate group. properties: matchControllerRef: description: |- @@ -322,7 +322,7 @@ spec: description: The ARN of the policy you want to apply type: string policyArnRef: - description: Reference to a Policy to populate policyArn. + description: Reference to a Policy in iam to populate policyArn. properties: name: description: Name of the referenced object. @@ -356,7 +356,7 @@ spec: - name type: object policyArnSelector: - description: Selector for a Policy to populate policyArn. + description: Selector for a Policy in iam to populate policyArn. properties: matchControllerRef: description: |- diff --git a/package/crds/iam.aws.upbound.io_instanceprofiles.yaml b/package/crds/iam.aws.upbound.io_instanceprofiles.yaml index 816140955c..af1fdb49de 100644 --- a/package/crds/iam.aws.upbound.io_instanceprofiles.yaml +++ b/package/crds/iam.aws.upbound.io_instanceprofiles.yaml @@ -86,7 +86,7 @@ spec: description: Name of the role to add to the profile. type: string roleRef: - description: Reference to a Role to populate role. + description: Reference to a Role in iam to populate role. properties: name: description: Name of the referenced object. @@ -120,7 +120,7 @@ spec: - name type: object roleSelector: - description: Selector for a Role to populate role. + description: Selector for a Role in iam to populate role. properties: matchControllerRef: description: |- @@ -192,7 +192,7 @@ spec: description: Name of the role to add to the profile. type: string roleRef: - description: Reference to a Role to populate role. + description: Reference to a Role in iam to populate role. properties: name: description: Name of the referenced object. @@ -226,7 +226,7 @@ spec: - name type: object roleSelector: - description: Selector for a Role to populate role. + description: Selector for a Role in iam to populate role. properties: matchControllerRef: description: |- diff --git a/package/crds/iam.aws.upbound.io_rolepolicyattachments.yaml b/package/crds/iam.aws.upbound.io_rolepolicyattachments.yaml index 6875a6b1f2..77507796d5 100644 --- a/package/crds/iam.aws.upbound.io_rolepolicyattachments.yaml +++ b/package/crds/iam.aws.upbound.io_rolepolicyattachments.yaml @@ -77,7 +77,7 @@ spec: description: The ARN of the policy you want to apply type: string policyArnRef: - description: Reference to a Policy to populate policyArn. + description: Reference to a Policy in iam to populate policyArn. properties: name: description: Name of the referenced object. @@ -111,7 +111,7 @@ spec: - name type: object policyArnSelector: - description: Selector for a Policy to populate policyArn. + description: Selector for a Policy in iam to populate policyArn. properties: matchControllerRef: description: |- @@ -155,7 +155,7 @@ spec: be applied type: string roleRef: - description: Reference to a Role to populate role. + description: Reference to a Role in iam to populate role. properties: name: description: Name of the referenced object. @@ -189,7 +189,7 @@ spec: - name type: object roleSelector: - description: Selector for a Role to populate role. + description: Selector for a Role in iam to populate role. properties: matchControllerRef: description: |- @@ -246,7 +246,7 @@ spec: description: The ARN of the policy you want to apply type: string policyArnRef: - description: Reference to a Policy to populate policyArn. + description: Reference to a Policy in iam to populate policyArn. properties: name: description: Name of the referenced object. @@ -280,7 +280,7 @@ spec: - name type: object policyArnSelector: - description: Selector for a Policy to populate policyArn. + description: Selector for a Policy in iam to populate policyArn. properties: matchControllerRef: description: |- @@ -324,7 +324,7 @@ spec: be applied type: string roleRef: - description: Reference to a Role to populate role. + description: Reference to a Role in iam to populate role. properties: name: description: Name of the referenced object. @@ -358,7 +358,7 @@ spec: - name type: object roleSelector: - description: Selector for a Role to populate role. + description: Selector for a Role in iam to populate role. properties: matchControllerRef: description: |- diff --git a/package/crds/iam.aws.upbound.io_usergroupmemberships.yaml b/package/crds/iam.aws.upbound.io_usergroupmemberships.yaml index 0e6323e34f..87f9c93501 100644 --- a/package/crds/iam.aws.upbound.io_usergroupmemberships.yaml +++ b/package/crds/iam.aws.upbound.io_usergroupmemberships.yaml @@ -75,7 +75,7 @@ spec: forProvider: properties: groupRefs: - description: References to Group to populate groups. + description: References to Group in iam to populate groups. items: description: A Reference to a named object. properties: @@ -112,7 +112,7 @@ spec: type: object type: array groupSelector: - description: Selector for a list of Group to populate groups. + description: Selector for a list of Group in iam to populate groups. properties: matchControllerRef: description: |- @@ -161,7 +161,7 @@ spec: description: The name of the IAM User to add to groups type: string userRef: - description: Reference to a User to populate user. + description: Reference to a User in iam to populate user. properties: name: description: Name of the referenced object. @@ -195,7 +195,7 @@ spec: - name type: object userSelector: - description: Selector for a User to populate user. + description: Selector for a User in iam to populate user. properties: matchControllerRef: description: |- @@ -249,7 +249,7 @@ spec: autoscaler. properties: groupRefs: - description: References to Group to populate groups. + description: References to Group in iam to populate groups. items: description: A Reference to a named object. properties: @@ -286,7 +286,7 @@ spec: type: object type: array groupSelector: - description: Selector for a list of Group to populate groups. + description: Selector for a list of Group in iam to populate groups. properties: matchControllerRef: description: |- @@ -335,7 +335,7 @@ spec: description: The name of the IAM User to add to groups type: string userRef: - description: Reference to a User to populate user. + description: Reference to a User in iam to populate user. properties: name: description: Name of the referenced object. @@ -369,7 +369,7 @@ spec: - name type: object userSelector: - description: Selector for a User to populate user. + description: Selector for a User in iam to populate user. properties: matchControllerRef: description: |- diff --git a/package/crds/iam.aws.upbound.io_userpolicyattachments.yaml b/package/crds/iam.aws.upbound.io_userpolicyattachments.yaml index 96e6d8a9b5..9abd686374 100644 --- a/package/crds/iam.aws.upbound.io_userpolicyattachments.yaml +++ b/package/crds/iam.aws.upbound.io_userpolicyattachments.yaml @@ -77,7 +77,7 @@ spec: description: The ARN of the policy you want to apply type: string policyArnRef: - description: Reference to a Policy to populate policyArn. + description: Reference to a Policy in iam to populate policyArn. properties: name: description: Name of the referenced object. @@ -111,7 +111,7 @@ spec: - name type: object policyArnSelector: - description: Selector for a Policy to populate policyArn. + description: Selector for a Policy in iam to populate policyArn. properties: matchControllerRef: description: |- @@ -154,7 +154,7 @@ spec: description: The user the policy should be applied to type: string userRef: - description: Reference to a User to populate user. + description: Reference to a User in iam to populate user. properties: name: description: Name of the referenced object. @@ -188,7 +188,7 @@ spec: - name type: object userSelector: - description: Selector for a User to populate user. + description: Selector for a User in iam to populate user. properties: matchControllerRef: description: |- @@ -245,7 +245,7 @@ spec: description: The ARN of the policy you want to apply type: string policyArnRef: - description: Reference to a Policy to populate policyArn. + description: Reference to a Policy in iam to populate policyArn. properties: name: description: Name of the referenced object. @@ -279,7 +279,7 @@ spec: - name type: object policyArnSelector: - description: Selector for a Policy to populate policyArn. + description: Selector for a Policy in iam to populate policyArn. properties: matchControllerRef: description: |- @@ -322,7 +322,7 @@ spec: description: The user the policy should be applied to type: string userRef: - description: Reference to a User to populate user. + description: Reference to a User in iam to populate user. properties: name: description: Name of the referenced object. @@ -356,7 +356,7 @@ spec: - name type: object userSelector: - description: Selector for a User to populate user. + description: Selector for a User in iam to populate user. properties: matchControllerRef: description: |- diff --git a/package/crds/sns.aws.upbound.io_topicsubscriptions.yaml b/package/crds/sns.aws.upbound.io_topicsubscriptions.yaml index 8cc0d8efa9..b663f282be 100644 --- a/package/crds/sns.aws.upbound.io_topicsubscriptions.yaml +++ b/package/crds/sns.aws.upbound.io_topicsubscriptions.yaml @@ -280,7 +280,7 @@ spec: description: ARN of the SNS topic to subscribe to. type: string topicArnRef: - description: Reference to a Topic to populate topicArn. + description: Reference to a Topic in sns to populate topicArn. properties: name: description: Name of the referenced object. @@ -314,7 +314,7 @@ spec: - name type: object topicArnSelector: - description: Selector for a Topic to populate topicArn. + description: Selector for a Topic in sns to populate topicArn. properties: matchControllerRef: description: |- @@ -572,7 +572,7 @@ spec: description: ARN of the SNS topic to subscribe to. type: string topicArnRef: - description: Reference to a Topic to populate topicArn. + description: Reference to a Topic in sns to populate topicArn. properties: name: description: Name of the referenced object. @@ -606,7 +606,7 @@ spec: - name type: object topicArnSelector: - description: Selector for a Topic to populate topicArn. + description: Selector for a Topic in sns to populate topicArn. properties: matchControllerRef: description: |-