diff --git a/operators/ack-ec2-controller/1.1.0/bundle.Dockerfile b/operators/ack-ec2-controller/1.1.0/bundle.Dockerfile new file mode 100644 index 00000000000..50ccfac3d94 --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/bundle.Dockerfile @@ -0,0 +1,21 @@ +FROM scratch + +# Core bundle labels. +LABEL operators.operatorframework.io.bundle.mediatype.v1=registry+v1 +LABEL operators.operatorframework.io.bundle.manifests.v1=manifests/ +LABEL operators.operatorframework.io.bundle.metadata.v1=metadata/ +LABEL operators.operatorframework.io.bundle.package.v1=ack-ec2-controller +LABEL operators.operatorframework.io.bundle.channels.v1=alpha +LABEL operators.operatorframework.io.bundle.channel.default.v1=alpha +LABEL operators.operatorframework.io.metrics.builder=operator-sdk-v1.28.0 +LABEL operators.operatorframework.io.metrics.mediatype.v1=metrics+v1 +LABEL operators.operatorframework.io.metrics.project_layout=unknown + +# Labels for testing. +LABEL operators.operatorframework.io.test.mediatype.v1=scorecard+v1 +LABEL operators.operatorframework.io.test.config.v1=tests/scorecard/ + +# Copy files to locations specified by labels. +COPY bundle/manifests /manifests/ +COPY bundle/metadata /metadata/ +COPY bundle/tests/scorecard /tests/scorecard/ diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ack-ec2-controller.clusterserviceversion.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ack-ec2-controller.clusterserviceversion.yaml new file mode 100644 index 00000000000..b3c307eb735 --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ack-ec2-controller.clusterserviceversion.yaml @@ -0,0 +1,674 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "ec2.services.k8s.aws/v1alpha1", + "kind": "DHCPOptions", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "ec2.services.k8s.aws/v1alpha1", + "kind": "ElasticIPAddress", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "ec2.services.k8s.aws/v1alpha1", + "kind": "Instance", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "ec2.services.k8s.aws/v1alpha1", + "kind": "InternetGateway", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "ec2.services.k8s.aws/v1alpha1", + "kind": "NATGateway", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "ec2.services.k8s.aws/v1alpha1", + "kind": "RouteTable", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "ec2.services.k8s.aws/v1alpha1", + "kind": "SecurityGroup", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "ec2.services.k8s.aws/v1alpha1", + "kind": "Subnet", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "ec2.services.k8s.aws/v1alpha1", + "kind": "TransitGateway", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "ec2.services.k8s.aws/v1alpha1", + "kind": "VPC", + "metadata": { + "name": "example" + }, + "spec": {} + }, + { + "apiVersion": "ec2.services.k8s.aws/v1alpha1", + "kind": "VPCEndpoint", + "metadata": { + "name": "example" + }, + "spec": {} + } + ] + capabilities: Basic Install + categories: Cloud Provider + certified: "false" + containerImage: public.ecr.aws/aws-controllers-k8s/ec2-controller:1.1.0 + createdAt: "2023-12-06T22:23:21Z" + description: AWS EC2 controller is a service controller for managing EC2 resources + in Kubernetes + operatorframework.io/suggested-namespace: ack-system + operators.operatorframework.io/builder: operator-sdk-v1.28.0 + operators.operatorframework.io/project_layout: unknown + repository: https://github.com/aws-controllers-k8s + support: Community + name: ack-ec2-controller.v1.1.0 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: DHCPOptions represents the state of an AWS ec2 DHCPOptions resource. + displayName: DHCPOptions + kind: DHCPOptions + name: dhcpoptions.ec2.services.k8s.aws + version: v1alpha1 + - description: ElasticIPAddress represents the state of an AWS ec2 ElasticIPAddress + resource. + displayName: ElasticIPAddress + kind: ElasticIPAddress + name: elasticipaddresses.ec2.services.k8s.aws + version: v1alpha1 + - description: FlowLog represents the state of an AWS ec2 FlowLog resource. + displayName: FlowLog + kind: FlowLog + name: flowlogs.ec2.services.k8s.aws + version: v1alpha1 + - description: Instance represents the state of an AWS ec2 Instance resource. + displayName: Instance + kind: Instance + name: instances.ec2.services.k8s.aws + version: v1alpha1 + - description: InternetGateway represents the state of an AWS ec2 InternetGateway + resource. + displayName: InternetGateway + kind: InternetGateway + name: internetgateways.ec2.services.k8s.aws + version: v1alpha1 + - description: NATGateway represents the state of an AWS ec2 NATGateway resource. + displayName: NATGateway + kind: NATGateway + name: natgateways.ec2.services.k8s.aws + version: v1alpha1 + - description: NetworkACL represents the state of an AWS ec2 NetworkACL resource. + displayName: NetworkACL + kind: NetworkACL + name: networkacls.ec2.services.k8s.aws + version: v1alpha1 + - description: RouteTable represents the state of an AWS ec2 RouteTable resource. + displayName: RouteTable + kind: RouteTable + name: routetables.ec2.services.k8s.aws + version: v1alpha1 + - description: SecurityGroup represents the state of an AWS ec2 SecurityGroup + resource. + displayName: SecurityGroup + kind: SecurityGroup + name: securitygroups.ec2.services.k8s.aws + version: v1alpha1 + - description: Subnet represents the state of an AWS ec2 Subnet resource. + displayName: Subnet + kind: Subnet + name: subnets.ec2.services.k8s.aws + version: v1alpha1 + - description: TransitGateway represents the state of an AWS ec2 TransitGateway + resource. + displayName: TransitGateway + kind: TransitGateway + name: transitgateways.ec2.services.k8s.aws + version: v1alpha1 + - description: VPCEndpoint represents the state of an AWS ec2 VPCEndpoint resource. + displayName: VPCEndpoint + kind: VPCEndpoint + name: vpcendpoints.ec2.services.k8s.aws + version: v1alpha1 + - description: VPCPeeringConnection represents the state of an AWS ec2 VPCPeeringConnection + resource. + displayName: VPCPeeringConnection + kind: VPCPeeringConnection + name: vpcpeeringconnections.ec2.services.k8s.aws + version: v1alpha1 + - description: VPC represents the state of an AWS ec2 VPC resource. + displayName: VPC + kind: VPC + name: vpcs.ec2.services.k8s.aws + version: v1alpha1 + description: |- + Manage Elastic Compute Cloud (EC2) resources in AWS from within your Kubernetes cluster. + + **About Amazon EC2** + + Amazon Elastic Compute Cloud (Amazon EC2) provides scalable computing capacity in the Amazon Web Services (AWS) Cloud. Using Amazon EC2 eliminates your need to invest in hardware up front, so you can develop and deploy applications faster. You can use Amazon EC2 to launch as many or as few virtual servers as you need, configure security and networking, and manage storage. Amazon EC2 enables you to scale up or down to handle changes in requirements or spikes in popularity, reducing your need to forecast traffic. + + **About the AWS Controllers for Kubernetes** + + This controller is a component of the [AWS Controller for Kubernetes](https://github.com/aws/aws-controllers-k8s) project. + + **Pre-Installation Steps** + + Please follow the following link: [Red Hat OpenShift](https://aws-controllers-k8s.github.io/community/docs/user-docs/openshift/) + displayName: AWS Controllers for Kubernetes - Amazon EC2 + icon: + - base64data: PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4KPCEtLSBHZW5lcmF0b3I6IEFkb2JlIElsbHVzdHJhdG9yIDE5LjAuMSwgU1ZHIEV4cG9ydCBQbHVnLUluIC4gU1ZHIFZlcnNpb246IDYuMDAgQnVpbGQgMCkgIC0tPgo8c3ZnIHZlcnNpb249IjEuMSIgaWQ9IkxheWVyXzEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgeG1sbnM6eGxpbms9Imh0dHA6Ly93d3cudzMub3JnLzE5OTkveGxpbmsiIHg9IjBweCIgeT0iMHB4IiB2aWV3Qm94PSIwIDAgMzA0IDE4MiIgc3R5bGU9ImVuYWJsZS1iYWNrZ3JvdW5kOm5ldyAwIDAgMzA0IDE4MjsiIHhtbDpzcGFjZT0icHJlc2VydmUiPgo8c3R5bGUgdHlwZT0idGV4dC9jc3MiPgoJLnN0MHtmaWxsOiMyNTJGM0U7fQoJLnN0MXtmaWxsLXJ1bGU6ZXZlbm9kZDtjbGlwLXJ1bGU6ZXZlbm9kZDtmaWxsOiNGRjk5MDA7fQo8L3N0eWxlPgo8Zz4KCTxwYXRoIGNsYXNzPSJzdDAiIGQ9Ik04Ni40LDY2LjRjMCwzLjcsMC40LDYuNywxLjEsOC45YzAuOCwyLjIsMS44LDQuNiwzLjIsNy4yYzAuNSwwLjgsMC43LDEuNiwwLjcsMi4zYzAsMS0wLjYsMi0xLjksM2wtNi4zLDQuMiAgIGMtMC45LDAuNi0xLjgsMC45LTIuNiwwLjljLTEsMC0yLTAuNS0zLTEuNEM3Ni4yLDkwLDc1LDg4LjQsNzQsODYuOGMtMS0xLjctMi0zLjYtMy4xLTUuOWMtNy44LDkuMi0xNy42LDEzLjgtMjkuNCwxMy44ICAgYy04LjQsMC0xNS4xLTIuNC0yMC03LjJjLTQuOS00LjgtNy40LTExLjItNy40LTE5LjJjMC04LjUsMy0xNS40LDkuMS0yMC42YzYuMS01LjIsMTQuMi03LjgsMjQuNS03LjhjMy40LDAsNi45LDAuMywxMC42LDAuOCAgIGMzLjcsMC41LDcuNSwxLjMsMTEuNSwyLjJ2LTcuM2MwLTcuNi0xLjYtMTIuOS00LjctMTZjLTMuMi0zLjEtOC42LTQuNi0xNi4zLTQuNmMtMy41LDAtNy4xLDAuNC0xMC44LDEuM2MtMy43LDAuOS03LjMsMi0xMC44LDMuNCAgIGMtMS42LDAuNy0yLjgsMS4xLTMuNSwxLjNjLTAuNywwLjItMS4yLDAuMy0xLjYsMC4zYy0xLjQsMC0yLjEtMS0yLjEtMy4xdi00LjljMC0xLjYsMC4yLTIuOCwwLjctMy41YzAuNS0wLjcsMS40LTEuNCwyLjgtMi4xICAgYzMuNS0xLjgsNy43LTMuMywxMi42LTQuNWM0LjktMS4zLDEwLjEtMS45LDE1LjYtMS45YzExLjksMCwyMC42LDIuNywyNi4yLDguMWM1LjUsNS40LDguMywxMy42LDguMywyNC42VjY2LjR6IE00NS44LDgxLjYgICBjMy4zLDAsNi43LTAuNiwxMC4zLTEuOGMzLjYtMS4yLDYuOC0zLjQsOS41LTYuNGMxLjYtMS45LDIuOC00LDMuNC02LjRjMC42LTIuNCwxLTUuMywxLTguN3YtNC4yYy0yLjktMC43LTYtMS4zLTkuMi0xLjcgICBjLTMuMi0wLjQtNi4zLTAuNi05LjQtMC42Yy02LjcsMC0xMS42LDEuMy0xNC45LDRjLTMuMywyLjctNC45LDYuNS00LjksMTEuNWMwLDQuNywxLjIsOC4yLDMuNywxMC42ICAgQzM3LjcsODAuNCw0MS4yLDgxLjYsNDUuOCw4MS42eiBNMTI2LjEsOTIuNGMtMS44LDAtMy0wLjMtMy44LTFjLTAuOC0wLjYtMS41LTItMi4xLTMuOUw5Ni43LDEwLjJjLTAuNi0yLTAuOS0zLjMtMC45LTQgICBjMC0xLjYsMC44LTIuNSwyLjQtMi41aDkuOGMxLjksMCwzLjIsMC4zLDMuOSwxYzAuOCwwLjYsMS40LDIsMiwzLjlsMTYuOCw2Ni4ybDE1LjYtNjYuMmMwLjUtMiwxLjEtMy4zLDEuOS0zLjljMC44LTAuNiwyLjItMSw0LTEgICBoOGMxLjksMCwzLjIsMC4zLDQsMWMwLjgsMC42LDEuNSwyLDEuOSwzLjlsMTUuOCw2N2wxNy4zLTY3YzAuNi0yLDEuMy0zLjMsMi0zLjljMC44LTAuNiwyLjEtMSwzLjktMWg5LjNjMS42LDAsMi41LDAuOCwyLjUsMi41ICAgYzAsMC41LTAuMSwxLTAuMiwxLjZjLTAuMSwwLjYtMC4zLDEuNC0wLjcsMi41bC0yNC4xLDc3LjNjLTAuNiwyLTEuMywzLjMtMi4xLDMuOWMtMC44LDAuNi0yLjEsMS0zLjgsMWgtOC42Yy0xLjksMC0zLjItMC4zLTQtMSAgIGMtMC44LTAuNy0xLjUtMi0xLjktNEwxNTYsMjNsLTE1LjQsNjQuNGMtMC41LDItMS4xLDMuMy0xLjksNGMtMC44LDAuNy0yLjIsMS00LDFIMTI2LjF6IE0yNTQuNiw5NS4xYy01LjIsMC0xMC40LTAuNi0xNS40LTEuOCAgIGMtNS0xLjItOC45LTIuNS0xMS41LTRjLTEuNi0wLjktMi43LTEuOS0zLjEtMi44Yy0wLjQtMC45LTAuNi0xLjktMC42LTIuOHYtNS4xYzAtMi4xLDAuOC0zLjEsMi4zLTMuMWMwLjYsMCwxLjIsMC4xLDEuOCwwLjMgICBjMC42LDAuMiwxLjUsMC42LDIuNSwxYzMuNCwxLjUsNy4xLDIuNywxMSwzLjVjNCwwLjgsNy45LDEuMiwxMS45LDEuMmM2LjMsMCwxMS4yLTEuMSwxNC42LTMuM2MzLjQtMi4yLDUuMi01LjQsNS4yLTkuNSAgIGMwLTIuOC0wLjktNS4xLTIuNy03Yy0xLjgtMS45LTUuMi0zLjYtMTAuMS01LjJMMjQ2LDUyYy03LjMtMi4zLTEyLjctNS43LTE2LTEwLjJjLTMuMy00LjQtNS05LjMtNS0xNC41YzAtNC4yLDAuOS03LjksMi43LTExLjEgICBjMS44LTMuMiw0LjItNiw3LjItOC4yYzMtMi4zLDYuNC00LDEwLjQtNS4yYzQtMS4yLDguMi0xLjcsMTIuNi0xLjdjMi4yLDAsNC41LDAuMSw2LjcsMC40YzIuMywwLjMsNC40LDAuNyw2LjUsMS4xICAgYzIsMC41LDMuOSwxLDUuNywxLjZjMS44LDAuNiwzLjIsMS4yLDQuMiwxLjhjMS40LDAuOCwyLjQsMS42LDMsMi41YzAuNiwwLjgsMC45LDEuOSwwLjksMy4zdjQuN2MwLDIuMS0wLjgsMy4yLTIuMywzLjIgICBjLTAuOCwwLTIuMS0wLjQtMy44LTEuMmMtNS43LTIuNi0xMi4xLTMuOS0xOS4yLTMuOWMtNS43LDAtMTAuMiwwLjktMTMuMywyLjhjLTMuMSwxLjktNC43LDQuOC00LjcsOC45YzAsMi44LDEsNS4yLDMsNy4xICAgYzIsMS45LDUuNywzLjgsMTEsNS41bDE0LjIsNC41YzcuMiwyLjMsMTIuNCw1LjUsMTUuNSw5LjZjMy4xLDQuMSw0LjYsOC44LDQuNiwxNGMwLDQuMy0wLjksOC4yLTIuNiwxMS42ICAgYy0xLjgsMy40LTQuMiw2LjQtNy4zLDguOGMtMy4xLDIuNS02LjgsNC4zLTExLjEsNS42QzI2NC40LDk0LjQsMjU5LjcsOTUuMSwyNTQuNiw5NS4xeiIvPgoJPGc+CgkJPHBhdGggY2xhc3M9InN0MSIgZD0iTTI3My41LDE0My43Yy0zMi45LDI0LjMtODAuNywzNy4yLTEyMS44LDM3LjJjLTU3LjYsMC0xMDkuNS0yMS4zLTE0OC43LTU2LjdjLTMuMS0yLjgtMC4zLTYuNiwzLjQtNC40ICAgIGM0Mi40LDI0LjYsOTQuNywzOS41LDE0OC44LDM5LjVjMzYuNSwwLDc2LjYtNy42LDExMy41LTIzLjJDMjc0LjIsMTMzLjYsMjc4LjksMTM5LjcsMjczLjUsMTQzLjd6Ii8+CgkJPHBhdGggY2xhc3M9InN0MSIgZD0iTTI4Ny4yLDEyOC4xYy00LjItNS40LTI3LjgtMi42LTM4LjUtMS4zYy0zLjIsMC40LTMuNy0yLjQtMC44LTQuNWMxOC44LTEzLjIsNDkuNy05LjQsNTMuMy01ICAgIGMzLjYsNC41LTEsMzUuNC0xOC42LDUwLjJjLTIuNywyLjMtNS4zLDEuMS00LjEtMS45QzI4Mi41LDE1NS43LDI5MS40LDEzMy40LDI4Ny4yLDEyOC4xeiIvPgoJPC9nPgo8L2c+Cjwvc3ZnPg== + mediatype: image/svg+xml + install: + spec: + clusterPermissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - patch + - watch + - apiGroups: + - "" + resources: + - namespaces + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - patch + - watch + - apiGroups: + - ec2.services.k8s.aws + resources: + - dhcpoptions + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - ec2.services.k8s.aws + resources: + - dhcpoptions/status + verbs: + - get + - patch + - update + - apiGroups: + - ec2.services.k8s.aws + resources: + - elasticipaddresses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - ec2.services.k8s.aws + resources: + - elasticipaddresses/status + verbs: + - get + - patch + - update + - apiGroups: + - ec2.services.k8s.aws + resources: + - flowlogs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - ec2.services.k8s.aws + resources: + - flowlogs/status + verbs: + - get + - patch + - update + - apiGroups: + - ec2.services.k8s.aws + resources: + - instances + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - ec2.services.k8s.aws + resources: + - instances/status + verbs: + - get + - patch + - update + - apiGroups: + - ec2.services.k8s.aws + resources: + - internetgateways + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - ec2.services.k8s.aws + resources: + - internetgateways/status + verbs: + - get + - patch + - update + - apiGroups: + - ec2.services.k8s.aws + resources: + - natgateways + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - ec2.services.k8s.aws + resources: + - natgateways/status + verbs: + - get + - patch + - update + - apiGroups: + - ec2.services.k8s.aws + resources: + - networkacls + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - ec2.services.k8s.aws + resources: + - networkacls/status + verbs: + - get + - patch + - update + - apiGroups: + - ec2.services.k8s.aws + resources: + - routetables + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - ec2.services.k8s.aws + resources: + - routetables/status + verbs: + - get + - patch + - update + - apiGroups: + - ec2.services.k8s.aws + resources: + - securitygroups + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - ec2.services.k8s.aws + resources: + - securitygroups/status + verbs: + - get + - patch + - update + - apiGroups: + - ec2.services.k8s.aws + resources: + - subnets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - ec2.services.k8s.aws + resources: + - subnets/status + verbs: + - get + - patch + - update + - apiGroups: + - ec2.services.k8s.aws + resources: + - transitgateways + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - ec2.services.k8s.aws + resources: + - transitgateways/status + verbs: + - get + - patch + - update + - apiGroups: + - ec2.services.k8s.aws + resources: + - vpcendpoints + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - ec2.services.k8s.aws + resources: + - vpcendpoints/status + verbs: + - get + - patch + - update + - apiGroups: + - ec2.services.k8s.aws + resources: + - vpcpeeringconnections + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - ec2.services.k8s.aws + resources: + - vpcpeeringconnections/status + verbs: + - get + - patch + - update + - apiGroups: + - ec2.services.k8s.aws + resources: + - vpcs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - ec2.services.k8s.aws + resources: + - vpcs/status + verbs: + - get + - patch + - update + - apiGroups: + - services.k8s.aws + resources: + - adoptedresources + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - services.k8s.aws + resources: + - adoptedresources/status + verbs: + - get + - patch + - update + - apiGroups: + - services.k8s.aws + resources: + - fieldexports + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - services.k8s.aws + resources: + - fieldexports/status + verbs: + - get + - patch + - update + serviceAccountName: ack-ec2-controller + deployments: + - label: + app.kubernetes.io/name: ack-ec2-controller + app.kubernetes.io/part-of: ack-system + name: ack-ec2-controller + spec: + replicas: 1 + selector: + matchLabels: + app.kubernetes.io/name: ack-ec2-controller + strategy: {} + template: + metadata: + labels: + app.kubernetes.io/name: ack-ec2-controller + spec: + containers: + - args: + - --aws-region + - $(AWS_REGION) + - --aws-endpoint-url + - $(AWS_ENDPOINT_URL) + - --enable-development-logging=$(ACK_ENABLE_DEVELOPMENT_LOGGING) + - --log-level + - $(ACK_LOG_LEVEL) + - --resource-tags + - $(ACK_RESOURCE_TAGS) + - --watch-namespace + - $(ACK_WATCH_NAMESPACE) + - --enable-leader-election=$(ENABLE_LEADER_ELECTION) + - --leader-election-namespace + - $(LEADER_ELECTION_NAMESPACE) + command: + - ./bin/controller + env: + - name: ACK_SYSTEM_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + envFrom: + - configMapRef: + name: ack-ec2-user-config + optional: false + - secretRef: + name: ack-ec2-user-secrets + optional: true + image: public.ecr.aws/aws-controllers-k8s/ec2-controller:1.1.0 + name: controller + ports: + - containerPort: 8080 + name: http + resources: + limits: + cpu: 100m + memory: 300Mi + requests: + cpu: 100m + memory: 200Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + privileged: false + runAsNonRoot: true + dnsPolicy: ClusterFirst + securityContext: + seccompProfile: + type: RuntimeDefault + serviceAccountName: ack-ec2-controller + terminationGracePeriodSeconds: 10 + permissions: + - rules: + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + serviceAccountName: ack-ec2-controller + strategy: deployment + installModes: + - supported: true + type: AllNamespaces + keywords: + - ec2 + - aws + - amazon + - ack + links: + - name: AWS Controllers for Kubernetes + url: https://github.com/aws-controllers-k8s/community + - name: Documentation + url: https://aws-controllers-k8s.github.io/community/ + - name: Amazon EC2 Developer Resources + url: https://aws.amazon.com/ec2/resources/ + maintainers: + - email: ack-maintainers@amazon.com + name: ec2 maintainer team + maturity: alpha + provider: + name: Amazon, Inc. + url: https://aws.amazon.com + version: 1.1.0 diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ack-ec2-metrics-service_v1_service.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ack-ec2-metrics-service_v1_service.yaml new file mode 100644 index 00000000000..535fe868fdc --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ack-ec2-metrics-service_v1_service.yaml @@ -0,0 +1,16 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + name: ack-ec2-metrics-service +spec: + ports: + - name: metricsport + port: 8080 + protocol: TCP + targetPort: http + selector: + app.kubernetes.io/name: ack-ec2-controller + type: NodePort +status: + loadBalancer: {} diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ack-ec2-reader_rbac.authorization.k8s.io_v1_role.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ack-ec2-reader_rbac.authorization.k8s.io_v1_role.yaml new file mode 100644 index 00000000000..c2142a4b75f --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ack-ec2-reader_rbac.authorization.k8s.io_v1_role.yaml @@ -0,0 +1,27 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: ack-ec2-reader +rules: +- apiGroups: + - ec2.services.k8s.aws + resources: + - dhcpoptions + - elasticipaddresses + - flowlogs + - instances + - internetgateways + - natgateways + - networkacls + - routetables + - securitygroups + - subnets + - transitgateways + - vpcs + - vpcendpoints + - vpcpeeringconnections + verbs: + - get + - list + - watch diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ack-ec2-writer_rbac.authorization.k8s.io_v1_role.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ack-ec2-writer_rbac.authorization.k8s.io_v1_role.yaml new file mode 100644 index 00000000000..384631f691f --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ack-ec2-writer_rbac.authorization.k8s.io_v1_role.yaml @@ -0,0 +1,52 @@ +apiVersion: rbac.authorization.k8s.io/v1 +kind: Role +metadata: + creationTimestamp: null + name: ack-ec2-writer +rules: +- apiGroups: + - ec2.services.k8s.aws + resources: + - dhcpoptions + - elasticipaddresses + - flowlogs + - instances + - internetgateways + - natgateways + - networkacls + - routetables + - securitygroups + - subnets + - transitgateways + - vpcs + - vpcendpoints + - vpcpeeringconnections + verbs: + - create + - delete + - get + - list + - patch + - update + - watch +- apiGroups: + - ec2.services.k8s.aws + resources: + - dhcpoptions + - elasticipaddresses + - flowlogs + - instances + - internetgateways + - natgateways + - networkacls + - routetables + - securitygroups + - subnets + - transitgateways + - vpcs + - vpcendpoints + - vpcpeeringconnections + verbs: + - get + - patch + - update diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_dhcpoptions.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_dhcpoptions.yaml new file mode 100644 index 00000000000..b235f1ab68f --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_dhcpoptions.yaml @@ -0,0 +1,172 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: dhcpoptions.ec2.services.k8s.aws +spec: + group: ec2.services.k8s.aws + names: + kind: DHCPOptions + listKind: DHCPOptionsList + plural: dhcpoptions + singular: dhcpoptions + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.dhcpOptionsID + name: ID + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: DHCPOptions is the Schema for the DHCPOptions API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: "DhcpOptionsSpec defines the desired state of DhcpOptions. + \n Describes a set of DHCP options." + properties: + dhcpConfigurations: + description: A DHCP configuration option. + items: + properties: + key: + type: string + values: + items: + type: string + type: array + type: object + type: array + tags: + description: The tags. The value parameter is required, but if you + don't want the tag to have a value, specify the parameter with no + value, and we set the value to an empty string. + items: + description: Describes a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + vpc: + items: + type: string + type: array + vpcRefs: + items: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference type to provide more user friendly syntax + for references using 'from' field Ex: APIIDRef: \n from: name: + my-api" + properties: + from: + description: AWSResourceReference provides all the values necessary + to reference another k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + type: array + required: + - dhcpConfigurations + type: object + status: + description: DHCPOptionsStatus defines the observed state of DHCPOptions + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + dhcpOptionsID: + description: The ID of the set of DHCP options. + type: string + ownerID: + description: The ID of the Amazon Web Services account that owns the + DHCP options set. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_elasticipaddresses.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_elasticipaddresses.yaml new file mode 100644 index 00000000000..21c02dc362e --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_elasticipaddresses.yaml @@ -0,0 +1,174 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: elasticipaddresses.ec2.services.k8s.aws +spec: + group: ec2.services.k8s.aws + names: + kind: ElasticIPAddress + listKind: ElasticIPAddressList + plural: elasticipaddresses + singular: elasticipaddress + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.allocationID + name: ALLOCATION-ID + type: string + - jsonPath: .status.publicIP + name: PUBLIC-IP + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: ElasticIPAddress is the Schema for the ElasticIPAddresses API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: ElasticIPAddressSpec defines the desired state of ElasticIPAddress. + properties: + address: + description: '[EC2-VPC] The Elastic IP address to recover or an IPv4 + address from an address pool.' + type: string + customerOwnedIPv4Pool: + description: The ID of a customer-owned address pool. Use this parameter + to let Amazon EC2 select an address from the address pool. Alternatively, + specify a specific address from the address pool. + type: string + networkBorderGroup: + description: "A unique set of Availability Zones, Local Zones, or + Wavelength Zones from which Amazon Web Services advertises IP addresses. + Use this parameter to limit the IP address to this location. IP + addresses cannot move between network border groups. \n Use DescribeAvailabilityZones + (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) + to view the network border groups. \n You cannot use a network border + group with EC2 Classic. If you attempt this operation on EC2 Classic, + you receive an InvalidParameterCombination error." + type: string + publicIPv4Pool: + description: The ID of an address pool that you own. Use this parameter + to let Amazon EC2 select an address from the address pool. To specify + a specific address from the address pool, use the Address parameter + instead. + type: string + tags: + description: The tags. The value parameter is required, but if you + don't want the tag to have a value, specify the parameter with no + value, and we set the value to an empty string. + items: + description: Describes a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + type: object + status: + description: ElasticIPAddressStatus defines the observed state of ElasticIPAddress + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + allocationID: + description: '[EC2-VPC] The ID that Amazon Web Services assigns to + represent the allocation of the Elastic IP address for use with + instances in a VPC.' + type: string + carrierIP: + description: The carrier IP address. This option is only available + for network interfaces which reside in a subnet in a Wavelength + Zone (for example an EC2 instance). + type: string + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + customerOwnedIP: + description: The customer-owned IP address. + type: string + publicIP: + description: The Elastic IP address. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_flowlogs.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_flowlogs.yaml new file mode 100644 index 00000000000..43c8de419c9 --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_flowlogs.yaml @@ -0,0 +1,231 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: flowlogs.ec2.services.k8s.aws +spec: + group: ec2.services.k8s.aws + names: + kind: FlowLog + listKind: FlowLogList + plural: flowlogs + singular: flowlog + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: FlowLog is the Schema for the FlowLogs API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: "FlowLogSpec defines the desired state of FlowLog. \n Describes + a flow log." + properties: + deliverLogsPermissionARN: + description: "The ARN for the IAM role that permits Amazon EC2 to + publish flow logs to a CloudWatch Logs log group in your account. + \n If you specify LogDestinationType as s3, do not specify DeliverLogsPermissionArn + or LogGroupName." + type: string + destinationOptions: + description: The destination options. + properties: + fileFormat: + type: string + hiveCompatiblePartitions: + type: boolean + perHourPartition: + type: boolean + type: object + logDestination: + description: "The destination to which the flow log data is to be + published. Flow log data can be published to a CloudWatch Logs log + group or an Amazon S3 bucket. The value specified for this parameter + depends on the value specified for LogDestinationType. \n If LogDestinationType + is not specified or cloud-watch-logs, specify the Amazon Resource + Name (ARN) of the CloudWatch Logs log group. For example, to publish + to a log group called my-logs, specify arn:aws:logs:us-east-1:123456789012:log-group:my-logs. + Alternatively, use LogGroupName instead. \n If LogDestinationType + is s3, specify the ARN of the Amazon S3 bucket. You can also specify + a subfolder in the bucket. To specify a subfolder in the bucket, + use the following ARN format: bucket_ARN/subfolder_name/. For example, + to specify a subfolder named my-logs in a bucket named my-bucket, + use the following ARN: arn:aws:s3:::my-bucket/my-logs/. You cannot + use AWSLogs as a subfolder name. This is a reserved term." + type: string + logDestinationType: + description: "The type of destination to which the flow log data is + to be published. Flow log data can be published to CloudWatch Logs + or Amazon S3. To publish flow log data to CloudWatch Logs, specify + cloud-watch-logs. To publish flow log data to Amazon S3, specify + s3. \n If you specify LogDestinationType as s3, do not specify DeliverLogsPermissionArn + or LogGroupName. \n Default: cloud-watch-logs" + type: string + logFormat: + description: "The fields to include in the flow log record, in the + order in which they should appear. For a list of available fields, + see Flow log records (https://docs.aws.amazon.com/vpc/latest/userguide/flow-logs.html#flow-log-records). + If you omit this parameter, the flow log is created using the default + format. If you specify this parameter, you must specify at least + one field. \n Specify the fields using the ${field-id} format, separated + by spaces. For the CLI, surround this parameter value with single + quotes on Linux or double quotes on Windows." + type: string + logGroupName: + description: "The name of a new or existing CloudWatch Logs log group + where Amazon EC2 publishes your flow logs. \n If you specify LogDestinationType + as s3, do not specify DeliverLogsPermissionArn or LogGroupName." + type: string + maxAggregationInterval: + description: "The maximum interval of time during which a flow of + packets is captured and aggregated into a flow log record. You can + specify 60 seconds (1 minute) or 600 seconds (10 minutes). \n When + a network interface is attached to a Nitro-based instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances), + the aggregation interval is always 60 seconds or less, regardless + of the value that you specify. \n Default: 600" + format: int64 + type: integer + resourceID: + type: string + resourceType: + description: The type of resource for which to create the flow log. + For example, if you specified a VPC ID for the ResourceId property, + specify VPC for this property. + type: string + tags: + description: The tags. The value parameter is required, but if you + don't want the tag to have a value, specify the parameter with no + value, and we set the value to an empty string. + items: + description: Describes a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + trafficType: + description: The type of traffic to log. You can log traffic that + the resource accepts or rejects, or all traffic. + type: string + required: + - resourceID + - resourceType + type: object + status: + description: FlowLogStatus defines the observed state of FlowLog + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + clientToken: + description: Unique, case-sensitive identifier that you provide to + ensure the idempotency of the request. + type: string + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + flowLogID: + type: string + unsuccessful: + description: Information about the flow logs that could not be created + successfully. + items: + description: Information about items that were not successfully + processed in a batch call. + properties: + error: + description: Information about the error that occurred. For + more information about errors, see Error codes (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html). + properties: + code: + type: string + message: + type: string + type: object + resourceID: + type: string + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_instances.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_instances.yaml new file mode 100644 index 00000000000..884f8dcd042 --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_instances.yaml @@ -0,0 +1,795 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: instances.ec2.services.k8s.aws +spec: + group: ec2.services.k8s.aws + names: + kind: Instance + listKind: InstanceList + plural: instances + singular: instance + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.instanceID + name: ID + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Instance is the Schema for the Instances API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: "InstanceSpec defines the desired state of Instance. \n Describes + an instance." + properties: + blockDeviceMappings: + description: The block device mapping, which defines the EBS volumes + and instance store volumes to attach to the instance at launch. + For more information, see Block device mappings (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) + in the Amazon EC2 User Guide. + items: + description: Describes a block device mapping, which defines the + EBS volumes and instance store volumes to attach to an instance + at launch. + properties: + deviceName: + type: string + ebs: + description: Describes a block device for an EBS volume. + properties: + deleteOnTermination: + type: boolean + encrypted: + type: boolean + iops: + format: int64 + type: integer + kmsKeyID: + type: string + outpostARN: + type: string + snapshotID: + type: string + throughput: + format: int64 + type: integer + volumeSize: + format: int64 + type: integer + volumeType: + type: string + type: object + noDevice: + type: string + virtualName: + type: string + type: object + type: array + capacityReservationSpecification: + description: Information about the Capacity Reservation targeting + option. If you do not specify this parameter, the instance's Capacity + Reservation preference defaults to open, which enables it to run + in any open Capacity Reservation that has matching attributes (instance + type, platform, Availability Zone). + properties: + capacityReservationPreference: + type: string + capacityReservationTarget: + description: Describes a target Capacity Reservation or Capacity + Reservation group. + properties: + capacityReservationID: + type: string + capacityReservationResourceGroupARN: + type: string + type: object + type: object + cpuOptions: + description: The CPU options for the instance. For more information, + see Optimize CPU options (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) + in the Amazon EC2 User Guide. + properties: + coreCount: + format: int64 + type: integer + threadsPerCore: + format: int64 + type: integer + type: object + creditSpecification: + description: "The credit option for CPU usage of the burstable performance + instance. Valid values are standard and unlimited. To change this + attribute after launch, use ModifyInstanceCreditSpecification (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceCreditSpecification.html). + For more information, see Burstable performance instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) + in the Amazon EC2 User Guide. \n Default: standard (T2 instances) + or unlimited (T3/T3a/T4g instances) \n For T3 instances with host + tenancy, only standard is supported." + properties: + cpuCredits: + type: string + type: object + disableAPIStop: + description: Indicates whether an instance is enabled for stop protection. + For more information, see Stop protection (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection). + type: boolean + disableAPITermination: + description: "If you set this parameter to true, you can't terminate + the instance using the Amazon EC2 console, CLI, or API; otherwise, + you can. To change this attribute after launch, use ModifyInstanceAttribute + (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyInstanceAttribute.html). + Alternatively, if you set InstanceInitiatedShutdownBehavior to terminate, + you can terminate the instance by running the shutdown command from + the instance. \n Default: false" + type: boolean + ebsOptimized: + description: "Indicates whether the instance is optimized for Amazon + EBS I/O. This optimization provides dedicated throughput to Amazon + EBS and an optimized configuration stack to provide optimal Amazon + EBS I/O performance. This optimization isn't available with all + instance types. Additional usage charges apply when using an EBS-optimized + instance. \n Default: false" + type: boolean + elasticGPUSpecification: + description: An elastic GPU to associate with the instance. An Elastic + GPU is a GPU resource that you can attach to your Windows instance + to accelerate the graphics performance of your applications. For + more information, see Amazon EC2 Elastic GPUs (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html) + in the Amazon EC2 User Guide. + items: + description: A specification for an Elastic Graphics accelerator. + properties: + type_: + type: string + type: object + type: array + elasticInferenceAccelerators: + description: "An elastic inference accelerator to associate with the + instance. Elastic inference accelerators are a resource you can + attach to your Amazon EC2 instances to accelerate your Deep Learning + (DL) inference workloads. \n You cannot specify accelerators from + different generations in the same request." + items: + description: Describes an elastic inference accelerator. + properties: + count: + format: int64 + type: integer + type_: + type: string + type: object + type: array + enclaveOptions: + description: "Indicates whether the instance is enabled for Amazon + Web Services Nitro Enclaves. For more information, see What is Amazon + Web Services Nitro Enclaves? (https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) + in the Amazon Web Services Nitro Enclaves User Guide. \n You can't + enable Amazon Web Services Nitro Enclaves and hibernation on the + same instance." + properties: + enabled: + type: boolean + type: object + hibernationOptions: + description: "Indicates whether an instance is enabled for hibernation. + For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) + in the Amazon EC2 User Guide. \n You can't enable hibernation and + Amazon Web Services Nitro Enclaves on the same instance." + properties: + configured: + type: boolean + type: object + iamInstanceProfile: + description: The name or Amazon Resource Name (ARN) of an IAM instance + profile. + properties: + arn: + type: string + name: + type: string + type: object + imageID: + description: The ID of the AMI. An AMI ID is required to launch an + instance and must be specified here or in a launch template. + type: string + instanceInitiatedShutdownBehavior: + description: "Indicates whether an instance stops or terminates when + you initiate shutdown from the instance (using the operating system + command for system shutdown). \n Default: stop" + type: string + instanceMarketOptions: + description: "The market (purchasing) option for the instances. \n + For RunInstances, persistent Spot Instance requests are only supported + when InstanceInterruptionBehavior is set to either hibernate or + stop." + properties: + marketType: + type: string + spotOptions: + description: The options for Spot Instances. + properties: + blockDurationMinutes: + format: int64 + type: integer + instanceInterruptionBehavior: + type: string + maxPrice: + type: string + spotInstanceType: + type: string + validUntil: + format: date-time + type: string + type: object + type: object + instanceType: + description: "The instance type. For more information, see Instance + types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) + in the Amazon EC2 User Guide. \n Default: m1.small" + type: string + ipv6AddressCount: + description: "[EC2-VPC] The number of IPv6 addresses to associate + with the primary network interface. Amazon EC2 chooses the IPv6 + addresses from the range of your subnet. You cannot specify this + option and the option to assign specific IPv6 addresses in the same + request. You can specify this option if you've specified a minimum + number of instances to launch. \n You cannot specify this option + and the network interfaces option in the same request." + format: int64 + type: integer + ipv6Addresses: + description: "[EC2-VPC] The IPv6 addresses from the range of the subnet + to associate with the primary network interface. You cannot specify + this option and the option to assign a number of IPv6 addresses + in the same request. You cannot specify this option if you've specified + a minimum number of instances to launch. \n You cannot specify this + option and the network interfaces option in the same request." + items: + description: Describes an IPv6 address. + properties: + ipv6Address: + type: string + type: object + type: array + kernelID: + description: "The ID of the kernel. \n We recommend that you use PV-GRUB + instead of kernels and RAM disks. For more information, see PV-GRUB + (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) + in the Amazon EC2 User Guide." + type: string + keyName: + description: "The name of the key pair. You can create a key pair + using CreateKeyPair (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) + or ImportKeyPair (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html). + \n If you do not specify a key pair, you can't connect to the instance + unless you choose an AMI that is configured to allow users another + way to log in." + type: string + launchTemplate: + description: The launch template to use to launch the instances. Any + parameters that you specify in RunInstances override the same parameters + in the launch template. You can specify either the name or ID of + a launch template, but not both. + properties: + launchTemplateID: + type: string + launchTemplateName: + type: string + version: + type: string + type: object + licenseSpecifications: + description: The license configurations. + items: + description: Describes a license configuration. + properties: + licenseConfigurationARN: + type: string + type: object + type: array + maintenanceOptions: + description: The maintenance and recovery options for the instance. + properties: + autoRecovery: + type: string + type: object + maxCount: + description: "The maximum number of instances to launch. If you specify + more instances than Amazon EC2 can launch in the target Availability + Zone, Amazon EC2 launches the largest possible number of instances + above MinCount. \n Constraints: Between 1 and the maximum number + you're allowed for the specified instance type. For more information + about the default limits, and how to request an increase, see How + many instances can I run in Amazon EC2 (http://aws.amazon.com/ec2/faqs/#How_many_instances_can_I_run_in_Amazon_EC2) + in the Amazon EC2 FAQ." + format: int64 + type: integer + metadataOptions: + description: The metadata options for the instance. For more information, + see Instance metadata and user data (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html). + properties: + httpEndpoint: + type: string + httpProtocolIPv6: + type: string + httpPutResponseHopLimit: + format: int64 + type: integer + httpTokens: + type: string + instanceMetadataTags: + type: string + type: object + minCount: + description: "The minimum number of instances to launch. If you specify + a minimum that is more instances than Amazon EC2 can launch in the + target Availability Zone, Amazon EC2 launches no instances. \n Constraints: + Between 1 and the maximum number you're allowed for the specified + instance type. For more information about the default limits, and + how to request an increase, see How many instances can I run in + Amazon EC2 (http://aws.amazon.com/ec2/faqs/#How_many_instances_can_I_run_in_Amazon_EC2) + in the Amazon EC2 General FAQ." + format: int64 + type: integer + monitoring: + description: Specifies whether detailed monitoring is enabled for + the instance. + properties: + enabled: + type: boolean + type: object + networkInterfaces: + description: The network interfaces to associate with the instance. + If you specify a network interface, you must specify any security + groups and subnets as part of the network interface. + items: + description: Describes a network interface. + properties: + associateCarrierIPAddress: + type: boolean + associatePublicIPAddress: + type: boolean + deleteOnTermination: + type: boolean + description: + type: string + deviceIndex: + format: int64 + type: integer + interfaceType: + type: string + ipv4PrefixCount: + format: int64 + type: integer + ipv4Prefixes: + items: + description: Describes the IPv4 prefix option for a network + interface. + properties: + ipv4Prefix: + type: string + type: object + type: array + ipv6AddressCount: + format: int64 + type: integer + ipv6Addresses: + items: + description: Describes an IPv6 address. + properties: + ipv6Address: + type: string + type: object + type: array + ipv6PrefixCount: + format: int64 + type: integer + ipv6Prefixes: + items: + description: Describes the IPv4 prefix option for a network + interface. + properties: + ipv6Prefix: + type: string + type: object + type: array + networkCardIndex: + format: int64 + type: integer + networkInterfaceID: + type: string + privateIPAddress: + type: string + privateIPAddresses: + items: + description: Describes a secondary private IPv4 address for + a network interface. + properties: + primary: + type: boolean + privateIPAddress: + type: string + type: object + type: array + secondaryPrivateIPAddressCount: + format: int64 + type: integer + subnetID: + type: string + type: object + type: array + placement: + description: The placement for the instance. + properties: + affinity: + type: string + availabilityZone: + type: string + groupName: + type: string + hostID: + type: string + hostResourceGroupARN: + type: string + partitionNumber: + format: int64 + type: integer + spreadDomain: + type: string + tenancy: + type: string + type: object + privateDNSNameOptions: + description: The options for the instance hostname. The default values + are inherited from the subnet. + properties: + enableResourceNameDNSAAAARecord: + type: boolean + enableResourceNameDNSARecord: + type: boolean + hostnameType: + type: string + type: object + privateIPAddress: + description: "[EC2-VPC] The primary IPv4 address. You must specify + a value from the IPv4 address range of the subnet. \n Only one private + IP address can be designated as primary. You can't specify this + option if you've specified the option to designate a private IP + address as the primary IP address in a network interface specification. + You cannot specify this option if you're launching more than one + instance in the request. \n You cannot specify this option and the + network interfaces option in the same request." + type: string + ramDiskID: + description: "The ID of the RAM disk to select. Some kernels require + additional drivers at launch. Check the kernel requirements for + information about whether you need to specify a RAM disk. To find + kernel requirements, go to the Amazon Web Services Resource Center + and search for the kernel ID. \n We recommend that you use PV-GRUB + instead of kernels and RAM disks. For more information, see PV-GRUB + (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) + in the Amazon EC2 User Guide." + type: string + securityGroupIDs: + description: "The IDs of the security groups. You can create a security + group using CreateSecurityGroup (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSecurityGroup.html). + \n If you specify a network interface, you must specify any security + groups as part of the network interface." + items: + type: string + type: array + securityGroups: + description: "[EC2-Classic, default VPC] The names of the security + groups. For a nondefault VPC, you must use security group IDs instead. + \n If you specify a network interface, you must specify any security + groups as part of the network interface. \n Default: Amazon EC2 + uses the default security group." + items: + type: string + type: array + subnetID: + description: "[EC2-VPC] The ID of the subnet to launch the instance + into. \n If you specify a network interface, you must specify any + subnets as part of the network interface." + type: string + tags: + description: The tags. The value parameter is required, but if you + don't want the tag to have a value, specify the parameter with no + value, and we set the value to an empty string. + items: + description: Describes a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + userData: + description: The user data script to make available to the instance. + For more information, see Run commands on your Linux instance at + launch (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) + and Run commands on your Windows instance at launch (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-windows-user-data.html). + If you are using a command line tool, base64-encoding is performed + for you, and you can load the text from a file. Otherwise, you must + provide base64-encoded text. User data is limited to 16 KB. + type: string + type: object + status: + description: InstanceStatus defines the observed state of Instance + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + amiLaunchIndex: + description: The AMI launch index, which can be used to find this + instance in the launch group. + format: int64 + type: integer + architecture: + description: The architecture of the image. + type: string + bootMode: + description: The boot mode of the instance. For more information, + see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) + in the Amazon EC2 User Guide. + type: string + capacityReservationID: + description: The ID of the Capacity Reservation. + type: string + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + elasticGPUAssociations: + description: The Elastic GPU associated with the instance. + items: + description: Describes the association between an instance and an + Elastic Graphics accelerator. + properties: + elasticGPUAssociationID: + type: string + elasticGPUAssociationState: + type: string + elasticGPUAssociationTime: + type: string + elasticGPUID: + type: string + type: object + type: array + elasticInferenceAcceleratorAssociations: + description: The elastic inference accelerator associated with the + instance. + items: + description: Describes the association between an instance and an + elastic inference accelerator. + properties: + elasticInferenceAcceleratorARN: + type: string + elasticInferenceAcceleratorAssociationID: + type: string + elasticInferenceAcceleratorAssociationState: + type: string + elasticInferenceAcceleratorAssociationTime: + format: date-time + type: string + type: object + type: array + enaSupport: + description: Specifies whether enhanced networking with ENA is enabled. + type: boolean + hypervisor: + description: The hypervisor type of the instance. The value xen is + used for both Xen and Nitro hypervisors. + type: string + instanceID: + description: The ID of the instance. + type: string + instanceLifecycle: + description: Indicates whether this is a Spot Instance or a Scheduled + Instance. + type: string + ipv6Address: + description: The IPv6 address assigned to the instance. + type: string + launchTime: + description: The time the instance was launched. + format: date-time + type: string + licenses: + description: The license configurations for the instance. + items: + description: Describes a license configuration. + properties: + licenseConfigurationARN: + type: string + type: object + type: array + outpostARN: + description: The Amazon Resource Name (ARN) of the Outpost. + type: string + platform: + description: The value is Windows for Windows instances; otherwise + blank. + type: string + platformDetails: + description: The platform details value for the instance. For more + information, see AMI billing information fields (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/billing-info-fields.html) + in the Amazon EC2 User Guide. + type: string + privateDNSName: + description: "(IPv4 only) The private DNS hostname name assigned to + the instance. This DNS hostname can only be used inside the Amazon + EC2 network. This name is not available until the instance enters + the running state. \n [EC2-VPC] The Amazon-provided DNS server resolves + Amazon-provided private DNS hostnames if you've enabled DNS resolution + and DNS hostnames in your VPC. If you are not using the Amazon-provided + DNS server in your VPC, your custom domain name servers must resolve + the hostname as appropriate." + type: string + productCodes: + description: The product codes attached to this instance, if applicable. + items: + description: Describes a product code. + properties: + productCodeID: + type: string + productCodeType: + type: string + type: object + type: array + publicDNSName: + description: (IPv4 only) The public DNS name assigned to the instance. + This name is not available until the instance enters the running + state. For EC2-VPC, this name is only available if you've enabled + DNS hostnames for your VPC. + type: string + publicIPAddress: + description: "The public IPv4 address, or the Carrier IP address assigned + to the instance, if applicable. \n A Carrier IP address only applies + to an instance launched in a subnet associated with a Wavelength + Zone." + type: string + rootDeviceName: + description: The device name of the root device volume (for example, + /dev/sda1). + type: string + rootDeviceType: + description: The root device type used by the AMI. The AMI can use + an EBS volume or an instance store volume. + type: string + sourceDestCheck: + description: Indicates whether source/destination checking is enabled. + type: boolean + spotInstanceRequestID: + description: If the request is a Spot Instance request, the ID of + the request. + type: string + sriovNetSupport: + description: Specifies whether enhanced networking with the Intel + 82599 Virtual Function interface is enabled. + type: string + state: + description: The current state of the instance. + properties: + code: + format: int64 + type: integer + name: + type: string + type: object + stateReason: + description: The reason for the most recent state transition. + properties: + code: + type: string + message: + type: string + type: object + stateTransitionReason: + description: The reason for the most recent state transition. This + might be an empty string. + type: string + tpmSupport: + description: If the instance is configured for NitroTPM support, the + value is v2.0. For more information, see NitroTPM (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm.html) + in the Amazon EC2 User Guide. + type: string + usageOperation: + description: The usage operation value for the instance. For more + information, see AMI billing information fields (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/billing-info-fields.html) + in the Amazon EC2 User Guide. + type: string + usageOperationUpdateTime: + description: The time that the usage operation was last updated. + format: date-time + type: string + virtualizationType: + description: The virtualization type of the instance. + type: string + vpcID: + description: '[EC2-VPC] The ID of the VPC in which the instance is + running.' + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_internetgateways.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_internetgateways.yaml new file mode 100644 index 00000000000..c2280481f38 --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_internetgateways.yaml @@ -0,0 +1,186 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: internetgateways.ec2.services.k8s.aws +spec: + group: ec2.services.k8s.aws + names: + kind: InternetGateway + listKind: InternetGatewayList + plural: internetgateways + singular: internetgateway + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.internetGatewayID + name: ID + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: InternetGateway is the Schema for the InternetGateways API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: "InternetGatewaySpec defines the desired state of InternetGateway. + \n Describes an internet gateway." + properties: + routeTableRefs: + items: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference type to provide more user friendly syntax + for references using 'from' field Ex: APIIDRef: \n from: name: + my-api" + properties: + from: + description: AWSResourceReference provides all the values necessary + to reference another k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + type: array + routeTables: + items: + type: string + type: array + tags: + description: The tags. The value parameter is required, but if you + don't want the tag to have a value, specify the parameter with no + value, and we set the value to an empty string. + items: + description: Describes a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + vpc: + description: The ID of the VPC. + type: string + vpcRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference type to provide more user friendly syntax + for references using 'from' field Ex: APIIDRef: \n from: name: my-api" + properties: + from: + description: AWSResourceReference provides all the values necessary + to reference another k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + type: object + status: + description: InternetGatewayStatus defines the observed state of InternetGateway + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + attachments: + description: Any VPCs attached to the internet gateway. + items: + description: Describes the attachment of a VPC to an internet gateway + or an egress-only internet gateway. + properties: + state: + type: string + vpcID: + type: string + type: object + type: array + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + internetGatewayID: + description: The ID of the internet gateway. + type: string + ownerID: + description: The ID of the Amazon Web Services account that owns the + internet gateway. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_natgateways.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_natgateways.yaml new file mode 100644 index 00000000000..c8be753b6de --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_natgateways.yaml @@ -0,0 +1,255 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: natgateways.ec2.services.k8s.aws +spec: + group: ec2.services.k8s.aws + names: + kind: NATGateway + listKind: NATGatewayList + plural: natgateways + singular: natgateway + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.natGatewayID + name: ID + type: string + - jsonPath: .status.state + name: state + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: NATGateway is the Schema for the NATGateways API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: "NatGatewaySpec defines the desired state of NatGateway. + \n Describes a NAT gateway." + properties: + allocationID: + description: '[Public NAT gateways only] The allocation ID of an Elastic + IP address to associate with the NAT gateway. You cannot specify + an Elastic IP address with a private NAT gateway. If the Elastic + IP address is associated with another resource, you must first disassociate + it.' + type: string + allocationRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference type to provide more user friendly syntax + for references using 'from' field Ex: APIIDRef: \n from: name: my-api" + properties: + from: + description: AWSResourceReference provides all the values necessary + to reference another k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + connectivityType: + description: Indicates whether the NAT gateway supports public or + private connectivity. The default is public connectivity. + type: string + subnetID: + description: The subnet in which to create the NAT gateway. + type: string + subnetRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference type to provide more user friendly syntax + for references using 'from' field Ex: APIIDRef: \n from: name: my-api" + properties: + from: + description: AWSResourceReference provides all the values necessary + to reference another k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + tags: + description: The tags. The value parameter is required, but if you + don't want the tag to have a value, specify the parameter with no + value, and we set the value to an empty string. + items: + description: Describes a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + type: object + status: + description: NATGatewayStatus defines the observed state of NATGateway + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + createTime: + description: The date and time the NAT gateway was created. + format: date-time + type: string + deleteTime: + description: The date and time the NAT gateway was deleted, if applicable. + format: date-time + type: string + failureCode: + description: If the NAT gateway could not be created, specifies the + error code for the failure. (InsufficientFreeAddressesInSubnet | + Gateway.NotAttached | InvalidAllocationID.NotFound | Resource.AlreadyAssociated + | InternalError | InvalidSubnetID.NotFound) + type: string + failureMessage: + description: "If the NAT gateway could not be created, specifies the + error message for the failure, that corresponds to the error code. + \n * For InsufficientFreeAddressesInSubnet: \"Subnet has insufficient + free addresses to create this NAT gateway\" \n * For Gateway.NotAttached: + \"Network vpc-xxxxxxxx has no Internet gateway attached\" \n * For + InvalidAllocationID.NotFound: \"Elastic IP address eipalloc-xxxxxxxx + could not be associated with this NAT gateway\" \n * For Resource.AlreadyAssociated: + \"Elastic IP address eipalloc-xxxxxxxx is already associated\" \n + * For InternalError: \"Network interface eni-xxxxxxxx, created and + used internally by this NAT gateway is in an invalid state. Please + try again.\" \n * For InvalidSubnetID.NotFound: \"The specified + subnet subnet-xxxxxxxx does not exist or could not be found.\"" + type: string + natGatewayAddresses: + description: Information about the IP addresses and network interface + associated with the NAT gateway. + items: + description: Describes the IP addresses and network interface associated + with a NAT gateway. + properties: + allocationID: + type: string + networkInterfaceID: + type: string + privateIP: + type: string + publicIP: + type: string + type: object + type: array + natGatewayID: + description: The ID of the NAT gateway. + type: string + provisionedBandwidth: + description: Reserved. If you need to sustain traffic greater than + the documented limits (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html), + contact us through the Support Center (https://console.aws.amazon.com/support/home?). + properties: + provisionTime: + format: date-time + type: string + provisioned: + type: string + requestTime: + format: date-time + type: string + requested: + type: string + status: + type: string + type: object + state: + description: "The state of the NAT gateway. \n * pending: The NAT + gateway is being created and is not ready to process traffic. \n + * failed: The NAT gateway could not be created. Check the failureCode + and failureMessage fields for the reason. \n * available: The NAT + gateway is able to process traffic. This status remains until you + delete the NAT gateway, and does not indicate the health of the + NAT gateway. \n * deleting: The NAT gateway is in the process of + being terminated and may still be processing traffic. \n * deleted: + The NAT gateway has been terminated and is no longer processing + traffic." + type: string + vpcID: + description: The ID of the VPC in which the NAT gateway is located. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_networkacls.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_networkacls.yaml new file mode 100644 index 00000000000..ca48f18f651 --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_networkacls.yaml @@ -0,0 +1,222 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: networkacls.ec2.services.k8s.aws +spec: + group: ec2.services.k8s.aws + names: + kind: NetworkACL + listKind: NetworkACLList + plural: networkacls + singular: networkacl + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.id + name: ID + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: NetworkACL is the Schema for the NetworkACLS API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: "NetworkAclSpec defines the desired state of NetworkAcl. + \n Describes a network ACL." + properties: + associations: + items: + description: Describes an association between a network ACL and + a subnet. + properties: + networkACLAssociationID: + type: string + networkACLID: + type: string + subnetID: + type: string + subnetRef: + description: Reference field for SubnetID + properties: + from: + description: AWSResourceReference provides all the values + necessary to reference another k8s resource for finding + the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + type: object + type: array + entries: + items: + description: Describes an entry in a network ACL. + properties: + cidrBlock: + type: string + egress: + type: boolean + icmpTypeCode: + description: Describes the ICMP type and code. + properties: + code: + format: int64 + type: integer + type_: + format: int64 + type: integer + type: object + ipv6CIDRBlock: + type: string + portRange: + description: Describes a range of ports. + properties: + from: + format: int64 + type: integer + to: + format: int64 + type: integer + type: object + protocol: + type: string + ruleAction: + type: string + ruleNumber: + format: int64 + type: integer + type: object + type: array + tags: + description: The tags. The value parameter is required, but if you + don't want the tag to have a value, specify the parameter with no + value, and we set the value to an empty string. + items: + description: Describes a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + vpcID: + description: The ID of the VPC. + type: string + vpcRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference type to provide more user friendly syntax + for references using 'from' field Ex: APIIDRef: \n from: name: my-api" + properties: + from: + description: AWSResourceReference provides all the values necessary + to reference another k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + type: object + status: + description: NetworkACLStatus defines the observed state of NetworkACL + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + id: + description: The ID of the network ACL. + type: string + isDefault: + description: Indicates whether this is the default network ACL for + the VPC. + type: boolean + ownerID: + description: The ID of the Amazon Web Services account that owns the + network ACL. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_routetables.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_routetables.yaml new file mode 100644 index 00000000000..81af6f1d62d --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_routetables.yaml @@ -0,0 +1,323 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: routetables.ec2.services.k8s.aws +spec: + group: ec2.services.k8s.aws + names: + kind: RouteTable + listKind: RouteTableList + plural: routetables + singular: routetable + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.routeTableID + name: ID + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: RouteTable is the Schema for the RouteTables API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: "RouteTableSpec defines the desired state of RouteTable. + \n Describes a route table." + properties: + routes: + items: + properties: + carrierGatewayID: + type: string + coreNetworkARN: + type: string + destinationCIDRBlock: + type: string + destinationIPv6CIDRBlock: + type: string + destinationPrefixListID: + type: string + egressOnlyInternetGatewayID: + type: string + gatewayID: + type: string + gatewayRef: + description: Reference field for GatewayID + properties: + from: + description: AWSResourceReference provides all the values + necessary to reference another k8s resource for finding + the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + instanceID: + type: string + localGatewayID: + type: string + natGatewayID: + type: string + natGatewayRef: + description: Reference field for NATGatewayID + properties: + from: + description: AWSResourceReference provides all the values + necessary to reference another k8s resource for finding + the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + networkInterfaceID: + type: string + transitGatewayID: + type: string + transitGatewayRef: + description: Reference field for TransitGatewayID + properties: + from: + description: AWSResourceReference provides all the values + necessary to reference another k8s resource for finding + the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + vpcEndpointID: + type: string + vpcEndpointRef: + description: Reference field for VPCEndpointID + properties: + from: + description: AWSResourceReference provides all the values + necessary to reference another k8s resource for finding + the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + vpcPeeringConnectionID: + type: string + vpcPeeringConnectionRef: + description: Reference field for VPCPeeringConnectionID + properties: + from: + description: AWSResourceReference provides all the values + necessary to reference another k8s resource for finding + the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + type: object + type: array + tags: + description: The tags. The value parameter is required, but if you + don't want the tag to have a value, specify the parameter with no + value, and we set the value to an empty string. + items: + description: Describes a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + vpcID: + description: The ID of the VPC. + type: string + vpcRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference type to provide more user friendly syntax + for references using 'from' field Ex: APIIDRef: \n from: name: my-api" + properties: + from: + description: AWSResourceReference provides all the values necessary + to reference another k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + type: object + status: + description: RouteTableStatus defines the observed state of RouteTable + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + associations: + description: The associations between the route table and one or more + subnets or a gateway. + items: + description: Describes an association between a route table and + a subnet or gateway. + properties: + associationState: + description: Describes the state of an association between a + route table and a subnet or gateway. + properties: + state: + type: string + statusMessage: + type: string + type: object + gatewayID: + type: string + main: + type: boolean + routeTableAssociationID: + type: string + routeTableID: + type: string + subnetID: + type: string + type: object + type: array + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + ownerID: + description: The ID of the Amazon Web Services account that owns the + route table. + type: string + propagatingVGWs: + description: Any virtual private gateway (VGW) propagating routes. + items: + description: Describes a virtual private gateway propagating route. + properties: + gatewayID: + type: string + type: object + type: array + routeStatuses: + description: The routes in the route table. + items: + description: Describes a route in a route table. + properties: + carrierGatewayID: + type: string + coreNetworkARN: + type: string + destinationCIDRBlock: + type: string + destinationIPv6CIDRBlock: + type: string + destinationPrefixListID: + type: string + egressOnlyInternetGatewayID: + type: string + gatewayID: + type: string + instanceID: + type: string + instanceOwnerID: + type: string + localGatewayID: + type: string + natGatewayID: + type: string + networkInterfaceID: + type: string + origin: + type: string + state: + type: string + transitGatewayID: + type: string + vpcPeeringConnectionID: + type: string + type: object + type: array + routeTableID: + description: The ID of the route table. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_securitygroups.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_securitygroups.yaml new file mode 100644 index 00000000000..7312e3dae35 --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_securitygroups.yaml @@ -0,0 +1,342 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: securitygroups.ec2.services.k8s.aws +spec: + group: ec2.services.k8s.aws + names: + kind: SecurityGroup + listKind: SecurityGroupList + plural: securitygroups + singular: securitygroup + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.id + name: ID + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: SecurityGroup is the Schema for the SecurityGroups API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: "SecurityGroupSpec defines the desired state of SecurityGroup. + \n Describes a security group." + properties: + description: + description: "A description for the security group. This is informational + only. \n Constraints: Up to 255 characters in length \n Constraints + for EC2-Classic: ASCII characters \n Constraints for EC2-VPC: a-z, + A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*" + type: string + egressRules: + items: + description: Describes a set of permissions for a security group + rule. + properties: + fromPort: + format: int64 + type: integer + ipProtocol: + type: string + ipRanges: + items: + description: Describes an IPv4 range. + properties: + cidrIP: + type: string + description: + type: string + type: object + type: array + ipv6Ranges: + items: + description: '[EC2-VPC only] Describes an IPv6 range.' + properties: + cidrIPv6: + type: string + description: + type: string + type: object + type: array + prefixListIDs: + items: + description: Describes a prefix list ID. + properties: + description: + type: string + prefixListID: + type: string + type: object + type: array + toPort: + format: int64 + type: integer + userIDGroupPairs: + items: + description: "Describes a security group and Amazon Web Services + account ID pair. \n We are retiring EC2-Classic on August + 15, 2022. We recommend that you migrate from EC2-Classic + to a VPC. For more information, see Migrate from EC2-Classic + to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) + in the Amazon Elastic Compute Cloud User Guide." + properties: + description: + type: string + groupID: + type: string + groupName: + type: string + peeringStatus: + type: string + userID: + type: string + vpcID: + type: string + vpcPeeringConnectionID: + type: string + type: object + type: array + type: object + type: array + ingressRules: + items: + description: Describes a set of permissions for a security group + rule. + properties: + fromPort: + format: int64 + type: integer + ipProtocol: + type: string + ipRanges: + items: + description: Describes an IPv4 range. + properties: + cidrIP: + type: string + description: + type: string + type: object + type: array + ipv6Ranges: + items: + description: '[EC2-VPC only] Describes an IPv6 range.' + properties: + cidrIPv6: + type: string + description: + type: string + type: object + type: array + prefixListIDs: + items: + description: Describes a prefix list ID. + properties: + description: + type: string + prefixListID: + type: string + type: object + type: array + toPort: + format: int64 + type: integer + userIDGroupPairs: + items: + description: "Describes a security group and Amazon Web Services + account ID pair. \n We are retiring EC2-Classic on August + 15, 2022. We recommend that you migrate from EC2-Classic + to a VPC. For more information, see Migrate from EC2-Classic + to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) + in the Amazon Elastic Compute Cloud User Guide." + properties: + description: + type: string + groupID: + type: string + groupName: + type: string + peeringStatus: + type: string + userID: + type: string + vpcID: + type: string + vpcPeeringConnectionID: + type: string + type: object + type: array + type: object + type: array + name: + description: "The name of the security group. \n Constraints: Up to + 255 characters in length. Cannot start with sg-. \n Constraints + for EC2-Classic: ASCII characters \n Constraints for EC2-VPC: a-z, + A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*" + type: string + tags: + description: The tags. The value parameter is required, but if you + don't want the tag to have a value, specify the parameter with no + value, and we set the value to an empty string. + items: + description: Describes a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + vpcID: + description: '[EC2-VPC] The ID of the VPC. Required for EC2-VPC.' + type: string + vpcRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference type to provide more user friendly syntax + for references using 'from' field Ex: APIIDRef: \n from: name: my-api" + properties: + from: + description: AWSResourceReference provides all the values necessary + to reference another k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + required: + - description + - name + type: object + status: + description: SecurityGroupStatus defines the observed state of SecurityGroup + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + id: + description: The ID of the security group. + type: string + rules: + description: Information about security group rules. + items: + description: Describes a security group rule. + properties: + cidrIPv4: + type: string + cidrIPv6: + type: string + description: + type: string + fromPort: + format: int64 + type: integer + ipProtocol: + type: string + isEgress: + type: boolean + prefixListID: + type: string + securityGroupRuleID: + type: string + tags: + items: + description: Describes a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + toPort: + format: int64 + type: integer + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_subnets.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_subnets.yaml new file mode 100644 index 00000000000..19b04f486a5 --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_subnets.yaml @@ -0,0 +1,282 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: subnets.ec2.services.k8s.aws +spec: + group: ec2.services.k8s.aws + names: + kind: Subnet + listKind: SubnetList + plural: subnets + singular: subnet + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.subnetID + name: ID + type: string + - jsonPath: .status.state + name: state + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: Subnet is the Schema for the Subnets API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: "SubnetSpec defines the desired state of Subnet. \n Describes + a subnet." + properties: + assignIPv6AddressOnCreation: + type: boolean + availabilityZone: + description: "The Availability Zone or Local Zone for the subnet. + \n Default: Amazon Web Services selects one for you. If you create + more than one subnet in your VPC, we do not necessarily select a + different zone for each subnet. \n To create a subnet in a Local + Zone, set this value to the Local Zone ID, for example us-west-2-lax-1a. + For information about the Regions that support Local Zones, see + Available Regions (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions) + in the Amazon Elastic Compute Cloud User Guide. \n To create a subnet + in an Outpost, set this value to the Availability Zone for the Outpost + and specify the Outpost ARN." + type: string + availabilityZoneID: + description: The AZ ID or the Local Zone ID of the subnet. + type: string + cidrBlock: + description: "The IPv4 network range for the subnet, in CIDR notation. + For example, 10.0.0.0/24. We modify the specified CIDR block to + its canonical form; for example, if you specify 100.68.0.18/18, + we modify it to 100.68.0.0/18. \n This parameter is not supported + for an IPv6 only subnet." + type: string + customerOwnedIPv4Pool: + type: string + enableDNS64: + type: boolean + enableResourceNameDNSAAAARecord: + type: boolean + enableResourceNameDNSARecord: + type: boolean + hostnameType: + type: string + ipv6CIDRBlock: + description: "The IPv6 network range for the subnet, in CIDR notation. + The subnet size must use a /64 prefix length. \n This parameter + is required for an IPv6 only subnet." + type: string + ipv6Native: + description: Indicates whether to create an IPv6 only subnet. + type: boolean + mapPublicIPOnLaunch: + type: boolean + outpostARN: + description: The Amazon Resource Name (ARN) of the Outpost. If you + specify an Outpost ARN, you must also specify the Availability Zone + of the Outpost subnet. + type: string + routeTableRefs: + items: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference type to provide more user friendly syntax + for references using 'from' field Ex: APIIDRef: \n from: name: + my-api" + properties: + from: + description: AWSResourceReference provides all the values necessary + to reference another k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + type: array + routeTables: + items: + type: string + type: array + tags: + description: The tags. The value parameter is required, but if you + don't want the tag to have a value, specify the parameter with no + value, and we set the value to an empty string. + items: + description: Describes a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + vpcID: + description: The ID of the VPC. + type: string + vpcRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference type to provide more user friendly syntax + for references using 'from' field Ex: APIIDRef: \n from: name: my-api" + properties: + from: + description: AWSResourceReference provides all the values necessary + to reference another k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + type: object + status: + description: SubnetStatus defines the observed state of Subnet + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + availableIPAddressCount: + description: The number of unused private IPv4 addresses in the subnet. + The IPv4 addresses for any stopped instances are considered unavailable. + format: int64 + type: integer + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + defaultForAZ: + description: Indicates whether this is the default subnet for the + Availability Zone. + type: boolean + enableLniAtDeviceIndex: + description: Indicates the device position for local network interfaces + in this subnet. For example, 1 indicates local network interfaces + in this subnet are the secondary network interface (eth1). + format: int64 + type: integer + ipv6CIDRBlockAssociationSet: + description: Information about the IPv6 CIDR blocks associated with + the subnet. + items: + description: Describes an association between a subnet and an IPv6 + CIDR block. + properties: + associationID: + type: string + ipv6CIDRBlock: + type: string + ipv6CIDRBlockState: + description: Describes the state of a CIDR block. + properties: + state: + type: string + statusMessage: + type: string + type: object + type: object + type: array + mapCustomerOwnedIPOnLaunch: + description: Indicates whether a network interface created in this + subnet (including a network interface created by RunInstances) receives + a customer-owned IPv4 address. + type: boolean + ownerID: + description: The ID of the Amazon Web Services account that owns the + subnet. + type: string + privateDNSNameOptionsOnLaunch: + description: The type of hostnames to assign to instances in the subnet + at launch. An instance hostname is based on the IPv4 address or + ID of the instance. + properties: + enableResourceNameDNSAAAARecord: + type: boolean + enableResourceNameDNSARecord: + type: boolean + hostnameType: + type: string + type: object + state: + description: The current state of the subnet. + type: string + subnetID: + description: The ID of the subnet. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_transitgateways.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_transitgateways.yaml new file mode 100644 index 00000000000..a472b1e0b1a --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_transitgateways.yaml @@ -0,0 +1,174 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: transitgateways.ec2.services.k8s.aws +spec: + group: ec2.services.k8s.aws + names: + kind: TransitGateway + listKind: TransitGatewayList + plural: transitgateways + singular: transitgateway + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.transitGatewayID + name: ID + type: string + - jsonPath: .status.state + name: state + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: TransitGateway is the Schema for the TransitGateways API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: "TransitGatewaySpec defines the desired state of TransitGateway. + \n Describes a transit gateway." + properties: + description: + description: A description of the transit gateway. + type: string + options: + description: The transit gateway options. + properties: + amazonSideASN: + format: int64 + type: integer + autoAcceptSharedAttachments: + type: string + defaultRouteTableAssociation: + type: string + defaultRouteTablePropagation: + type: string + dnsSupport: + type: string + multicastSupport: + type: string + transitGatewayCIDRBlocks: + items: + type: string + type: array + vpnECMPSupport: + type: string + type: object + tags: + description: The tags. The value parameter is required, but if you + don't want the tag to have a value, specify the parameter with no + value, and we set the value to an empty string. + items: + description: Describes a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + type: object + status: + description: TransitGatewayStatus defines the observed state of TransitGateway + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + creationTime: + description: The creation time. + format: date-time + type: string + ownerID: + description: The ID of the Amazon Web Services account that owns the + transit gateway. + type: string + state: + description: The state of the transit gateway. + type: string + transitGatewayID: + description: The ID of the transit gateway. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_vpcendpoints.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_vpcendpoints.yaml new file mode 100644 index 00000000000..77698f2782b --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_vpcendpoints.yaml @@ -0,0 +1,310 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: vpcendpoints.ec2.services.k8s.aws +spec: + group: ec2.services.k8s.aws + names: + kind: VPCEndpoint + listKind: VPCEndpointList + plural: vpcendpoints + singular: vpcendpoint + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.vpcEndpointID + name: ID + type: string + - jsonPath: .status.state + name: state + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: VPCEndpoint is the Schema for the VPCEndpoints API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: "VpcEndpointSpec defines the desired state of VpcEndpoint. + \n Describes a VPC endpoint." + properties: + dnsOptions: + description: The DNS options for the endpoint. + properties: + dnsRecordIPType: + type: string + type: object + ipAddressType: + description: The IP address type for the endpoint. + type: string + policyDocument: + description: (Interface and gateway endpoints) A policy to attach + to the endpoint that controls access to the service. The policy + must be in valid JSON format. If this parameter is not specified, + we attach a default policy that allows full access to the service. + type: string + privateDNSEnabled: + description: "(Interface endpoint) Indicates whether to associate + a private hosted zone with the specified VPC. The private hosted + zone contains a record set for the default public DNS name for the + service for the Region (for example, kinesis.us-east-1.amazonaws.com), + which resolves to the private IP addresses of the endpoint network + interfaces in the VPC. This enables you to make requests to the + default public DNS name for the service instead of the public DNS + names that are automatically generated by the VPC endpoint service. + \n To use a private hosted zone, you must set the following VPC + attributes to true: enableDnsHostnames and enableDnsSupport. Use + ModifyVpcAttribute to set the VPC attributes. \n Default: true" + type: boolean + routeTableIDs: + description: (Gateway endpoint) One or more route table IDs. + items: + type: string + type: array + routeTableRefs: + items: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference type to provide more user friendly syntax + for references using 'from' field Ex: APIIDRef: \n from: name: + my-api" + properties: + from: + description: AWSResourceReference provides all the values necessary + to reference another k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + type: array + securityGroupIDs: + description: (Interface endpoint) The ID of one or more security groups + to associate with the endpoint network interface. + items: + type: string + type: array + securityGroupRefs: + items: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference type to provide more user friendly syntax + for references using 'from' field Ex: APIIDRef: \n from: name: + my-api" + properties: + from: + description: AWSResourceReference provides all the values necessary + to reference another k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + type: array + serviceName: + description: The service name. To get a list of available services, + use the DescribeVpcEndpointServices request, or get the name from + the service provider. + type: string + subnetIDs: + description: (Interface and Gateway Load Balancer endpoints) The ID + of one or more subnets in which to create an endpoint network interface. + For a Gateway Load Balancer endpoint, you can specify one subnet + only. + items: + type: string + type: array + subnetRefs: + items: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference type to provide more user friendly syntax + for references using 'from' field Ex: APIIDRef: \n from: name: + my-api" + properties: + from: + description: AWSResourceReference provides all the values necessary + to reference another k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + type: array + tags: + description: The tags. The value parameter is required, but if you + don't want the tag to have a value, specify the parameter with no + value, and we set the value to an empty string. + items: + description: Describes a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + vpcEndpointType: + description: "The type of endpoint. \n Default: Gateway" + type: string + vpcID: + description: The ID of the VPC in which the endpoint will be used. + type: string + vpcRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference type to provide more user friendly syntax + for references using 'from' field Ex: APIIDRef: \n from: name: my-api" + properties: + from: + description: AWSResourceReference provides all the values necessary + to reference another k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + required: + - serviceName + type: object + status: + description: VPCEndpointStatus defines the observed state of VPCEndpoint + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + creationTimestamp: + description: The date and time that the endpoint was created. + format: date-time + type: string + dnsEntries: + description: (Interface endpoint) The DNS entries for the endpoint. + items: + description: Describes a DNS entry. + properties: + dnsName: + type: string + hostedZoneID: + type: string + type: object + type: array + groups: + description: (Interface endpoint) Information about the security groups + that are associated with the network interface. + items: + description: Describes a security group. + properties: + groupID: + type: string + groupName: + type: string + type: object + type: array + lastError: + description: The last error that occurred for endpoint. + properties: + code: + type: string + message: + type: string + type: object + networkInterfaceIDs: + description: (Interface endpoint) One or more network interfaces for + the endpoint. + items: + type: string + type: array + ownerID: + description: The ID of the Amazon Web Services account that owns the + endpoint. + type: string + requesterManaged: + description: Indicates whether the endpoint is being managed by its + service. + type: boolean + state: + description: The state of the endpoint. + type: string + vpcEndpointID: + description: The ID of the endpoint. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_vpcpeeringconnections.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_vpcpeeringconnections.yaml new file mode 100644 index 00000000000..97c1600253a --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_vpcpeeringconnections.yaml @@ -0,0 +1,297 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: vpcpeeringconnections.ec2.services.k8s.aws +spec: + group: ec2.services.k8s.aws + names: + kind: VPCPeeringConnection + listKind: VPCPeeringConnectionList + plural: vpcpeeringconnections + singular: vpcpeeringconnection + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: VPCPeeringConnection is the Schema for the VPCPeeringConnections + API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: "VpcPeeringConnectionSpec defines the desired state of VpcPeeringConnection. + \n Describes a VPC peering connection." + properties: + acceptRequest: + type: boolean + accepterPeeringConnectionOptions: + description: The VPC peering connection options for the accepter VPC. + properties: + allowDNSResolutionFromRemoteVPC: + type: boolean + allowEgressFromLocalClassicLinkToRemoteVPC: + type: boolean + allowEgressFromLocalVPCToRemoteClassicLink: + type: boolean + type: object + peerOwnerID: + description: "The Amazon Web Services account ID of the owner of the + accepter VPC. \n Default: Your Amazon Web Services account ID" + type: string + peerRegion: + description: "The Region code for the accepter VPC, if the accepter + VPC is located in a Region other than the Region in which you make + the request. \n Default: The Region in which you make the request." + type: string + peerVPCID: + description: The ID of the VPC with which you are creating the VPC + peering connection. You must specify this parameter in the request. + type: string + peerVPCRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference type to provide more user friendly syntax + for references using 'from' field Ex: APIIDRef: \n from: name: my-api" + properties: + from: + description: AWSResourceReference provides all the values necessary + to reference another k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + requesterPeeringConnectionOptions: + description: The VPC peering connection options for the requester + VPC. + properties: + allowDNSResolutionFromRemoteVPC: + type: boolean + allowEgressFromLocalClassicLinkToRemoteVPC: + type: boolean + allowEgressFromLocalVPCToRemoteClassicLink: + type: boolean + type: object + tags: + description: The tags. The value parameter is required, but if you + don't want the tag to have a value, specify the parameter with no + value, and we set the value to an empty string. + items: + description: Describes a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + vpcID: + description: The ID of the requester VPC. You must specify this parameter + in the request. + type: string + vpcRef: + description: "AWSResourceReferenceWrapper provides a wrapper around + *AWSResourceReference type to provide more user friendly syntax + for references using 'from' field Ex: APIIDRef: \n from: name: my-api" + properties: + from: + description: AWSResourceReference provides all the values necessary + to reference another k8s resource for finding the identifier(Id/ARN/Name) + properties: + name: + type: string + type: object + type: object + type: object + status: + description: VPCPeeringConnectionStatus defines the observed state of + VPCPeeringConnection + properties: + accepterVPCInfo: + description: Information about the accepter VPC. CIDR block information + is only returned when describing an active VPC peering connection. + properties: + cidrBlock: + type: string + cidrBlockSet: + items: + description: Describes an IPv4 CIDR block. + properties: + cidrBlock: + type: string + type: object + type: array + ipv6CIDRBlockSet: + items: + description: Describes an IPv6 CIDR block. + properties: + ipv6CIDRBlock: + type: string + type: object + type: array + ownerID: + type: string + peeringOptions: + description: "We are retiring EC2-Classic on August 15, 2022. + We recommend that you migrate from EC2-Classic to a VPC. For + more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) + in the Amazon Elastic Compute Cloud User Guide. \n Describes + the VPC peering connection options." + properties: + allowDNSResolutionFromRemoteVPC: + type: boolean + allowEgressFromLocalClassicLinkToRemoteVPC: + type: boolean + allowEgressFromLocalVPCToRemoteClassicLink: + type: boolean + type: object + region: + type: string + vpcID: + type: string + type: object + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + expirationTime: + description: The time that an unaccepted VPC peering connection will + expire. + format: date-time + type: string + requesterVPCInfo: + description: Information about the requester VPC. CIDR block information + is only returned when describing an active VPC peering connection. + properties: + cidrBlock: + type: string + cidrBlockSet: + items: + description: Describes an IPv4 CIDR block. + properties: + cidrBlock: + type: string + type: object + type: array + ipv6CIDRBlockSet: + items: + description: Describes an IPv6 CIDR block. + properties: + ipv6CIDRBlock: + type: string + type: object + type: array + ownerID: + type: string + peeringOptions: + description: "We are retiring EC2-Classic on August 15, 2022. + We recommend that you migrate from EC2-Classic to a VPC. For + more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) + in the Amazon Elastic Compute Cloud User Guide. \n Describes + the VPC peering connection options." + properties: + allowDNSResolutionFromRemoteVPC: + type: boolean + allowEgressFromLocalClassicLinkToRemoteVPC: + type: boolean + allowEgressFromLocalVPCToRemoteClassicLink: + type: boolean + type: object + region: + type: string + vpcID: + type: string + type: object + status: + description: The status of the VPC peering connection. + properties: + code: + type: string + message: + type: string + type: object + vpcPeeringConnectionID: + description: The ID of the VPC peering connection. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_vpcs.yaml b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_vpcs.yaml new file mode 100644 index 00000000000..7eea7b1ab72 --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/manifests/ec2.services.k8s.aws_vpcs.yaml @@ -0,0 +1,265 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.9.2 + creationTimestamp: null + name: vpcs.ec2.services.k8s.aws +spec: + group: ec2.services.k8s.aws + names: + kind: VPC + listKind: VPCList + plural: vpcs + singular: vpc + scope: Namespaced + versions: + - additionalPrinterColumns: + - jsonPath: .status.vpcID + name: ID + type: string + - jsonPath: .status.state + name: state + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: VPC is the Schema for the VPCS API + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: "VpcSpec defines the desired state of Vpc. \n Describes a + VPC." + properties: + amazonProvidedIPv6CIDRBlock: + description: Requests an Amazon-provided IPv6 CIDR block with a /56 + prefix length for the VPC. You cannot specify the range of IP addresses, + or the size of the CIDR block. + type: boolean + cidrBlocks: + items: + type: string + type: array + enableDNSHostnames: + description: The attribute value. The valid values are true or false. + type: boolean + enableDNSSupport: + description: The attribute value. The valid values are true or false. + type: boolean + instanceTenancy: + description: "The tenancy options for instances launched into the + VPC. For default, instances are launched with shared tenancy by + default. You can launch instances with any tenancy into a shared + tenancy VPC. For dedicated, instances are launched as dedicated + tenancy instances by default. You can only launch instances with + a tenancy of dedicated or host into a dedicated tenancy VPC. \n + Important: The host value cannot be used with this parameter. Use + the default or dedicated values only. \n Default: default" + type: string + ipv4IPAMPoolID: + description: The ID of an IPv4 IPAM pool you want to use for allocating + this VPC's CIDR. For more information, see What is IPAM? (https://docs.aws.amazon.com/vpc/latest/ipam/what-is-it-ipam.html) + in the Amazon VPC IPAM User Guide. + type: string + ipv4NetmaskLength: + description: The netmask length of the IPv4 CIDR you want to allocate + to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For + more information about IPAM, see What is IPAM? (https://docs.aws.amazon.com/vpc/latest/ipam/what-is-it-ipam.html) + in the Amazon VPC IPAM User Guide. + format: int64 + type: integer + ipv6CIDRBlock: + description: "The IPv6 CIDR block from the IPv6 address pool. You + must also specify Ipv6Pool in the request. \n To let Amazon choose + the IPv6 CIDR block for you, omit this parameter." + type: string + ipv6CIDRBlockNetworkBorderGroup: + description: "The name of the location from which we advertise the + IPV6 CIDR block. Use this parameter to limit the address to this + location. \n You must set AmazonProvidedIpv6CidrBlock to true to + use this parameter." + type: string + ipv6IPAMPoolID: + description: The ID of an IPv6 IPAM pool which will be used to allocate + this VPC an IPv6 CIDR. IPAM is a VPC feature that you can use to + automate your IP address management workflows including assigning, + tracking, troubleshooting, and auditing IP addresses across Amazon + Web Services Regions and accounts throughout your Amazon Web Services + Organization. For more information, see What is IPAM? (https://docs.aws.amazon.com/vpc/latest/ipam/what-is-it-ipam.html) + in the Amazon VPC IPAM User Guide. + type: string + ipv6NetmaskLength: + description: The netmask length of the IPv6 CIDR you want to allocate + to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For + more information about IPAM, see What is IPAM? (https://docs.aws.amazon.com/vpc/latest/ipam/what-is-it-ipam.html) + in the Amazon VPC IPAM User Guide. + format: int64 + type: integer + ipv6Pool: + description: The ID of an IPv6 address pool from which to allocate + the IPv6 CIDR block. + type: string + tags: + description: The tags. The value parameter is required, but if you + don't want the tag to have a value, specify the parameter with no + value, and we set the value to an empty string. + items: + description: Describes a tag. + properties: + key: + type: string + value: + type: string + type: object + type: array + required: + - cidrBlocks + type: object + status: + description: VPCStatus defines the observed state of VPC + properties: + ackResourceMetadata: + description: All CRs managed by ACK have a common `Status.ACKResourceMetadata` + member that is used to contain resource sync state, account ownership, + constructed ARN for the resource + properties: + arn: + description: 'ARN is the Amazon Resource Name for the resource. + This is a globally-unique identifier and is set only by the + ACK service controller once the controller has orchestrated + the creation of the resource OR when it has verified that an + "adopted" resource (a resource where the ARN annotation was + set by the Kubernetes user on the CR) exists and matches the + supplied CR''s Spec field values. TODO(vijat@): Find a better + strategy for resources that do not have ARN in CreateOutputResponse + https://github.com/aws/aws-controllers-k8s/issues/270' + type: string + ownerAccountID: + description: OwnerAccountID is the AWS Account ID of the account + that owns the backend AWS service API resource. + type: string + region: + description: Region is the AWS region in which the resource exists + or will exist. + type: string + required: + - ownerAccountID + - region + type: object + cidrBlockAssociationSet: + description: Information about the IPv4 CIDR blocks associated with + the VPC. + items: + description: Describes an IPv4 CIDR block associated with a VPC. + properties: + associationID: + type: string + cidrBlock: + type: string + cidrBlockState: + description: Describes the state of a CIDR block. + properties: + state: + type: string + statusMessage: + type: string + type: object + type: object + type: array + conditions: + description: All CRS managed by ACK have a common `Status.Conditions` + member that contains a collection of `ackv1alpha1.Condition` objects + that describe the various terminal states of the CR and its backend + AWS service API resource + items: + description: Condition is the common struct used by all CRDs managed + by ACK service controllers to indicate terminal states of the + CR and its backend AWS service API resource + properties: + lastTransitionTime: + description: Last time the condition transitioned from one status + to another. + format: date-time + type: string + message: + description: A human readable message indicating details about + the transition. + type: string + reason: + description: The reason for the condition's last transition. + type: string + status: + description: Status of the condition, one of True, False, Unknown. + type: string + type: + description: Type is the type of the Condition + type: string + required: + - status + - type + type: object + type: array + dhcpOptionsID: + description: The ID of the set of DHCP options you've associated with + the VPC. + type: string + ipv6CIDRBlockAssociationSet: + description: Information about the IPv6 CIDR blocks associated with + the VPC. + items: + description: Describes an IPv6 CIDR block associated with a VPC. + properties: + associationID: + type: string + ipv6CIDRBlock: + type: string + ipv6CIDRBlockState: + description: Describes the state of a CIDR block. + properties: + state: + type: string + statusMessage: + type: string + type: object + ipv6Pool: + type: string + networkBorderGroup: + type: string + type: object + type: array + isDefault: + description: Indicates whether the VPC is the default VPC. + type: boolean + ownerID: + description: The ID of the Amazon Web Services account that owns the + VPC. + type: string + state: + description: The current state of the VPC. + type: string + vpcID: + description: The ID of the VPC. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/ack-ec2-controller/1.1.0/metadata/annotations.yaml b/operators/ack-ec2-controller/1.1.0/metadata/annotations.yaml new file mode 100644 index 00000000000..09db878affb --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/metadata/annotations.yaml @@ -0,0 +1,15 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: ack-ec2-controller + operators.operatorframework.io.bundle.channels.v1: alpha + operators.operatorframework.io.bundle.channel.default.v1: alpha + operators.operatorframework.io.metrics.builder: operator-sdk-v1.28.0 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: unknown + + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ diff --git a/operators/ack-ec2-controller/1.1.0/tests/scorecard/config.yaml b/operators/ack-ec2-controller/1.1.0/tests/scorecard/config.yaml new file mode 100644 index 00000000000..382ddefd156 --- /dev/null +++ b/operators/ack-ec2-controller/1.1.0/tests/scorecard/config.yaml @@ -0,0 +1,50 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.7.1 + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.7.1 + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.7.1 + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.7.1 + labels: + suite: olm + test: olm-spec-descriptors-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {}